By: Melanie Posted on

My health insurance company whilst trying to help me manage my health is violating my personal information security. Here is the problem, my health insurance company wishes to call me and remind me for example to refill my prescriptions or get my mammogram. I appreciate this gesture immensely… However they call from a no caller ID number.

Call Summary

Hello, this is your health insurance company calling with important reminders for your best health. Please note that this call may be recorded for quality assurance and training purposes. Am I speaking to Melanie Prough?

AGENT

This is Melanie.

ME

I will need to verify your identity in order to proceed. Can you please verify your full mailing address and date of birth?

AGENT

Why would I do that, your caller ID is not identified…. How do I know who YOU are?

ME

Yes Melanie, sorry, I am calling from your health insurance company.

AGENT

I understand, but how do I identify you as someone who I should give my personal information to?

ME

I can verify our address for you Melanie.

AGENT

So you want to provide publicly available information in exchange for my personal information?

ME

I’m sorry I have to confirm your identity in order to proceed.

AGENT

Well, since you cannot confirm your identity we cannot proceed. [[CLICK]]

ME

What REALLY concerns me is that not everyone is a skeptic as I am. What exactly are these companies thinking??? I have a line out to a friend who is an expert on HIPAA issues to confirm that my health insurance company is in fact violating HIPAA. Stay tuned.

UPDATE: I spoke to Abner E. Weintraub from ExpertHIPAA.com and why they are not violating HIPAA… It’s a growing problem with information & phone numbers so easily obtained. He recommends the following, which I realize is imperfect in many ways, but can still help in some cases.

You should ask for a callback number and return their call instead.

Abner Weintraub

He also recommended I call the company’s privacy officer, which they are required to have and discuss my concerns. I think maybe they should have to provide me a PIN number to verify their identity to me before I have to divulge and personal information.

insurance company used instead of my actual insurance company’s name.

Categories: Health