BCBS companies lead way in medical data breach battle


3 Aug 2018

Healthcare identity theft and fraud is a fast-growing threat in the US, but some insurance organizations are getting the diagnosis spot on and the remedy is working.

This summer Symantec sent a chill through the medical insurance world with a warning that criminals are stepping up their efforts to steal health-related data, including sensitive patient information.[1]

Breach incidents are growing at around 10% each year, while the healthcare sector accounts for 18% of breaches across all sectors globally, according to research cited by Symantec.[2]

Meanwhile, Experian has warned that medical breaches are becoming an epidemic and medical identity theft can be harder to discover than other types of ID theft because it happens when someone steals another person's identity to obtain medical services.[3]

Headline-grabbing statistics can feel a world away from the everyday experiences of health insurance companies and their customers who've so far managed to stay unharmed. But medical fraud impacts everyone and causes massive damage.

'Healthcare fraud hurts everyone. In addition to higher premiums and increased out-of-pocket costs, healthcare fraud compromises health and safety, which can result in harm to patients, and undermines the public's confidence in the healthcare system,' says BlueCross BlueShield (BCBS), which has been proactive in the battle against criminals.[4]

So what's the solution?

One key area that you can secure is your contact center and the risk of rogue agents taking customers' medical identity records over the phone - and then using or selling them on to fraudsters. Sensitive details are often spoken aloud and seen on screen. They can also be stolen from call recording systems or intercepted when transmitted through networks and systems.

Now health insurance companies can avoid these risks.

Never seen or heard

Eckoh has devised a way to stop sensitive customer data from being heard or seen by your agents and from being stored on your systems, including payment card details.

The company's CallGuard solution has won top security awards.[5] It's also being used successfully by some members of healthcare insurance organizations such as Blue Cross Blue Shield Alabama and Blue Cross Blue Shield Florida.

CallGuard finds a way for customers to enter sensitive details discreetly using their telephone keypad. Agents do not see the customer's digits on screen or even hear the DTMF tones when the keypad is pressed (these don't appear in call recordings either). The call is continuous and the agent is simply notified when the data has been accepted.

This approach delivers three major benefits:

  • It's fast, reliable and cost-effective: You don't need to create 'clean rooms', lock down desktops, or adopt obsessively strict, expensive and stifling security processes for staff. You don't even need to make changes to your CRM or payment service provider.
  • Customers get a great experience: Callers will appreciate you're protecting their data. Calls don't increase in length and the agent is always on-hand throughout the process; there's no pause-and-resume nonsense.
  • Business flexibility: It's easier to hire and retain agents. You don't need to train and security-clear a special class of employees for sensitive tasks. Security no longer relies on the agent. With CallGuard, they can be based anywhere too - so they could be off-shore or working remotely at home.

Discover more - before the epidemic hits

According to analysts, the medical fraud menace isn't ending anytime soon it's accelerating. Why not follow the lead taken by these two BlueCross BlueShield organizations?

If you'd like to talk to us about how we could help protect your BlueCross BlueShield business then why not give us a call at 866 258 9297 or drop us a line at tellmemoreUS@eckoh.com and we'd be happy to show you how we could help.


[1] '4 Emerging Threats to Healthcare Providers' - Symantec, 9 Jul, 2018
[2] 'Cyber Security and Healthcare: An Evolving Understanding of Risk' - Symantec, 2018
[3] 'Here's Your Rx to Avoid Medical Identity Theft' - Experian
[4] Healthcare Fraud - BCBS
[5] PCI Excellence Award 2018, CallGuard - Eckoh