Archive for the ‘anthem blue cross of california’ tag
I got a ‘free’ flu shot today that I wasn’t expecting to be free, courtesy of my high deductable Anthem Blue Cross health insurance
I have the Smart Sense 5000 health insurance plan from Anthem Blue Cross of California. This plan has a USD $5,000 deductible, which I chose as the most cost effective way for me to get comprehensive health care should I get sick. Since I am so healthy, I benefit from agreeing to such a high deductible.
I was shocked and pleasantly surprised today when I went to Walgreens to purchase a flu shot and learned that I get a free flu shot because I have this Blue Cross policy. I thought having a high deductible meant I didn’t get anything for ‘free.’ I didn’t even ask for a free shot, and only because the clerk thought to type my name into her computer did she learn I qualify for a free shot.
I normally consider Walgreens to be an over priced store best patronized only for incidentals when Target is too far away, but today I am pleased with Walgreens.
The flu kills hundreds of thousands of people per year, far more than guns and terrorists. Most everyone should get a flu shot. If you have insurance, the shot may be at no additional cost to you. Go get one!
I suspect there is an information privacy security hole in the voice response system for customer support at Anthem Blue Cross of California. I alerted them to my suspicion some months ago, and nobody followed up with me to reassure me that there is not a privacy leak.
As of today, April 1, 2011, the system still operates in the same way that provoked my suspicion. This post is not an April Fools joke… I am serious.
I need your help to verify if my suspicion is correct, and if you’re a health insurance customer of Anthem, you can provide this help to me in about 2 minutes.
Here’s the suspected Anthem Blue Cross of California privacy breach:
When one calls the US phone number (800) 333-0912, which is the ‘customer service’ number printed on my insurance card, a voice response system asks me to enter my social security number. After I do this, the system asks me my birthday, and then it gives instructions on how to enter this information on the telephone keypad. This would be fine except that the voice response system uses an example date that contains the exact year in which I was born.
Perhaps this is pure coincidence, but I doubt it, thus this post.
What I suspect is happening in their software that drives the voice response system is that it looks up the social security number and pulls the year of birth associated with that number and uses that year to compose the example language.
Why is this a potential problem?
It allows anyone with the social security number of an Anthem Blue Cross of California customer to quickly find out approximately how old that person is.
Since Anthem Blue Cross of California has millions of customers, this exposes a lot of ages.
How can you help me verify my suspicion?
If you’re a customer, call (800) 333-0912 or the number on your insurance card and key in your social security number, and listen to hear if the voice response system says the year of your birth. If it does, and the year is not my birth year, then there may be a widespread information leak.
Please take 2 minutes to help me out. You may leave a comment to tell me the results.