[Editor's Note: today's post is by guest author R. Michelle Green, the Principal for her company, Client Solutions. She is a combination geek girl, personal organizer, and career coach. Michelle helps others improve their use of technology in their personal or professional life. Today, she tackles what I believe will become a huge identity-theft problem. As employers lower their administrative costs by outsourcing payment systems that include debit-card transactions, the result is a more complicated, patchwork mix of companies where it is not easily clear who is responsible when bad things happen.]
By R. Michelle Green
At a business conference I attended, the topic turned to health care insurance administration. Some of the attendees now have new debit cards they didn’t ask for. Their employers gave them debit cards for their health care expenses (to access their Flexible Spending Accounts). Instead of having to submit receipts, employees offer the card at the point of sale. If s/he tries to charge more than allowed, or tries to charge things that are not acceptable, the card is rejected. Easily fits into the distributor’s payment systems (cash credit debit), no paperwork for the employee, less evaluative work for the FSA provider. Everyone wins, right?
Meet Caren (not her real name, of course). She offered her new debit card -- her's is called a United Healthcare Consumer Accounts Card -- for prescription meds in January last year. However, the purchase was rejected by the pharmacy. She assumed it was a glitch, and paid for it herself. While this eventually happened every time, she doesn’t have medical charges every day, so it took a while to recognize that the card never worked. For reasons not relevant here, she did not pursue this with the provider until the fall, only to discover that all her money had been used up on health care charges she didn’t make.
She spoke with United Healthcare using the phone number on her Consumer Accounts Card. She submitted all her information in writing as they requested. They produced a sheet showing that her charges mostly matched (about 70%) identical charges paid 1-2 business days after hers. Though they did not accuse her of fraud, they did say the case was closed and did not merit an appeal. When she approached her human resources provider, he said, well at least she got the tax break. (!) She didn’t get a tax break, she got a salary reduction! She was deprived of access to her own money, set aside from her salary. The debit card agreement online says that she should call the bank operating the card, but that hasn’t proven productive either.
Had a second card been issued to someone else, we wondered? Not to her (or to the bank’s) knowledge. Did the drugstore have signatures on the other charges ostensibly hers? The other charges were mail order charges through Medco, so no receipts or signatures. She has no account with Medco. The pharmacy is not interested in pursuing this, they’ve been paid (perhaps twice!). Medco won’t address it, as she is not a client. The debit card provider only knows the money is spent. The FSA account holder is satisfied that it was spent for the right things. Only Caren is out of pocket and disadvantaged. Doubly so – this was so traumatic that she did not enroll in FSA this year. That makes her ineligible for the associated tax benefit in 2012.
Turns out our blog host is interested in the way financial systems are evolving, and found this issue particularly interesting. There are a lot more parties in the mix than you might at first think. Caren has an employer small enough that it purchases human resources expertise from a national firm. So there’s Caren, Small Firm, and Big HR Firm. Big HR Firm takes the money from her account and sends it somewhere based on their agreement with United Healthcare. Her debit card is managed by United Healthcare, and Optum Health Bank administers that card for them. Optum Health Bank has a subsidiary, Optum Financial, that handles the flow of money from the holding account to the point of sale. And what about the pharmacy: could their processes have been compromised as well?
I read a lot about fraud and scams, and wondered if this could be the tip of a software theft operation, selecting certain customers, and duplicating certain customers’ receipts, at just low enough rates that they are not perceived. (Good movie, eh? But Occam’s Razor says: not likely.) But who is the person with enough clout to investigate this, particularly if no one person or entity loses big bucks?
Today she tweeted that she had heard from Big HR Firm – there’s nothing they can do. So who’s responsible? Several corporations are in play; doesn’t each have a responsibility to Caren? Who can help her?