Privacy Hurdles Trip Up Insurance Fraud Investigators

By

True story: A state insurance fraud bureau chasing a suspected swindler recently approached a large multinational bank where the man was a customer and sought his financial information. The institution refused, telling stunned investigators their target would have to be notified before the crucial data could be released. This was a federal privacy requirement, the bank insisted.

Now it doesnt take a Ph.D. in astrophysics to know that tipping off the suspect could wreck the investigation. But more to the point, the bank was dead wrong about federal privacy law.

The landmark 1999 Gramm-Leach-Bliley Act limits the ability of financial firms to share their customers personal financial information with outsiders. But it also explicitly allows firms to provide that material to law enforcement, which the fraud bureau people insisted they were.

In truth, most privacy laws such as GLB actually give information gatekeepers wide freedom to share private consumer information with state fraud investigators. But even so, many investigators–for states and private insurers alike–increasingly find their requests for crucial information are being denied by bureaucrats in government agencies and private companies.

The main causes of this obstruction are fear, confusion and misinformation about what personal consumer information is protected, what isnt, and when.

As a result, insurance probes are being slowed and often compromised. Time is lost, clues grow cold, vital witnesses cant be easily found, costs increase, and fraud suspects gain time to disappear or cover their tracks.

Often investigators can eventually find the material elsewhere, but the added time and cost can seriously damage fraud cases.

Continued refusals thus are creating a kind of death by a thousand cuts for fraud investigators. Unchecked, stonewalling can spread virally and create an atmosphere of knee-jerk information denial that unintentionally helps tip the balance back toward fraud criminals.

But ignorance, fear and confusion over GLB is only part of the problem. Americas heightened awareness about abuse of personal information also has made many well-intended gatekeepers very sensitive about releasing any consumer data for any reason.

The constant threat of costly invasion-of-privacy lawsuits has stifled information flow as well. Many private companies clamp a tight lid to reassure customers their data are well protected.

Further compounding the confusion are dozens of state financial privacy laws spawned by GLB, plus state and federal privacy laws governing release of peoples health information.

Small surprise that in todays privacy pressure cooker, many gatekeepers find it easier to just say “No”–even when fraud investigators believe they have every legal right to the information.

Consider these real-life anecdotes from fraud investigators. Theyre typical of what many investigators are experiencing with growing frequency:

One highway patrol official refused basic information an investigator needed about a fraud suspects driver license renewal.

Some doctors have refused to share patient information without a subpoena or medical authorization for insurer probes of suspicious injury claims involving auto accidents. Doctors have told investigators, “I know I can legally give you the information, but I dont have to, so I wont.”

One investigator has been denied access to public death certificates, which can be vital for tracking family ties, relationships, relatives and the like. The investigator had to scrounge through obituaries, voter registration data and other records.

Police may provide accident reports with much of the information blacked out, including vehicle identification number, phone numbers, car ownership, or license plate number. Sometimes basic facts of crimes themselves are blacked out of police criminal reports.

Many workers compensation carriers find that hospitals and doctors refuse to share medical data without the patients say-so. The hospitals let the patient-claimant decide what to release, which can seriously impede fraud probes.

Carriers have every legal right to the information under state workers comp laws. But medical providers, trying to reduce administrative costs, are insisting that all requests for private information comply with federal privacy rules, whether the insurer is covered by these rules or not.

Some insurers even refuse to share certain critical case info with other carriers, citing fear of violating GLB or, vaguely, “privacy laws.” This can be especially damaging because investigators gain vital field intelligence by comparing notes on suspected swindles that may involve their separate companies.

To be sure, many fraud investigators around the nation work quite well with private and state officials. Information is responsibly shared in an atmosphere of trust and cooperation. These gatekeepers want to help and do their best to assist fraud investigators.

But the corrosive pressure, confusion and sheer misinformation surrounding privacy rules risks undermining even the best relationships and eroding insurance fraud investigations to a danger point.

With so much at stake, the insurance industry must decisively shore up the information flow to fraud investigators. This means an education effort targeting law enforcement and other state agencies, banks, medical providers, and many others who investigators depend on for crucial data.

The insurance industry must convincingly show that sharing certain personal information is legal, its in the public interest, and that investigators will fully protect whatever data they receive.

This education must take place nationally, but also locally, where so many of the relationships play out.

Investigators also should fully understand privacy laws and their limits. Are insurers and fraud bureaus getting their staffs together and discussing the issues? Do they know their state privacy laws covering personal financial data? Medical data? What they can and cant access? How to build trust and consensus with gatekeepers?

Investigators can help by knowing exactly what information they need when making requests. Avoid fishing expeditions that can exasperate and confuse bureaucrats. And clearly communicate exactly how youll use the data–for reasonable and necessary purposes involving specific fraud cases.

And if push comes to shove, do insurers efficiently use legal remedies against unwarranted stonewalls? One fraud bureau, for instance, routinely obtains subpoenas before seeking certain information it knows gatekeepers will likely refuse to provide.

Americas laudable efforts to protect personal consumer information are helping prevent crimes such as identity theft, stop abuse, and preserve our essential privacy in a free society.

But an unintended consequence has been a growing denial of information that insurance investigators need to stop swindles. With effort and education, the insurance industry can help ensure that protecting private data reflects a very public victory for all parties.

is director of government affairs for the Coalition Against Insurance Fraud in Washington, D.C.


Reproduced from National Underwriter Life & Health/Financial Services Edition, September 23, 2002. Copyright 2002 by The National Underwriter Company in the serial publication. All rights reserved.Copyright in this article as an independent work may be held by the author.