A colleague of ours shared this story with us.
Bob Singley was at home recuperating from a short, but necessary hospital stay. He was doing fine, but was taking various medicines which included some for pain that made him, in his wife Sheila’s words, “…a little loopier than usual.”
Sheila was out doing errands while Bob took an afternoon nap. The phone ringing suddenly awakened him. It was his insurance company, and despite Bob’s fogginess, he took the call. They told him they needed to go over some of the details of his recent stay at the hospital and to verify a few items that weren’t adding up. “We all make mistakes, Bob, and hospitals are notorious for over-billing – I’m sure you know that – and we want to make sure you get every penny covered.”
That made groggy Bob happy. He was not rich and he did not like hospitals.
“Sure. What do you think they did wrong?”
“They’ve listed 3 MRIs here…”
“I didn’t even have one!”
“We wondered about that. OK. We’ll make sure you aren’t billed for them. What about the reconstructive surgery on your left hand?”
“No, that’s not right. I was in for a knee operation…”
“That’s what your initial report said, too, Bob. Perfect, thanks. That should fix it and reduce your payment by well over $20,000.”
“In order to credit your account, we just need to ask a couple of security questions to meet HIPAA guidelines… you know, we take security very seriously here at HealthCo.”
“Sure, no problem. What do you need?”
After doling out lots of his personal data to the fraudsters, Bob (and his unhappy wife, Sheila) spent nine months and an additional $25,000 to restore their good name and credit.
What should they have done? How should they have known that this wasn’t his real insurance company? This was a tough one. How would you have prevented this Identity Theft?
Latest posts by The Security Awareness Company (see all)
- NCSAM Launch Pad - September 12, 2017
- The Summer of Security - June 13, 2017
- How can YOU Help Build our 2017 & 2018 Development Roadmaps? - June 1, 2017