Every year millions of Americans participate in open enrollment, a period where individuals can sign up for health insurance, change existing coverage or cancel their plan. We are in the midst of the Affordable Care Act (ACA) marketplace open enrollment, which typically lasts from November 1 to January 15. Regardless of where you receive your health insurance coverage, open enrollment is critical to maintaining your financial and physical well-being in the coming year. So don’t let cybercriminals steal your personal information as you navigate this process. Below are tips from CareFirst BlueCross BlueShield (CareFirst) to safeguard your data during open enrollment, along with recommendations for policymakers to bolster protections for consumers.
With more than 1.8 million new enrollees securing coverage during the 2023 open enrollment period compared to 2022, fraudsters are increasingly using phishing scams, social engineering tactics and other cyber threats to target folks who are unfamiliar with the open enrollment process. More than ever, cyber scammers are preying on people who are juggling multiple tasks. Here are some ways you can safeguard your most sensitive data:
- Decline Promotional Gifts in Exchange for Personal Information: Beware of any "free" offers. Bad actors will often use methods like phone calls, emails or texts to pretend to be government entities or insurance providers offering free health screenings or gifts described as "special offers" to confuse or mislead consumers.
- Check Twice, Click Once: Before clicking on any links or responding to emails about health insurance, double-check the sender’s email address and verify the authenticity of the website. Always navigate directly to official websites like Healthcare.gov or your insurance provider’s portal, rather than clicking on links in unsolicited emails or texts.
- Utilize Encryption: Be sure to avoid enrolling on public Wi-Fi at places like your favorite coffee shop or airport lounge. If you must use public Wi-Fi, use a virtual private network to encrypt your connection. When submitting sensitive information online, ensure the website is secure by looking for “https://” in the URL and a padlock icon in your browser bar.
- Guard Your Personal Presence: Don’t forget to monitor your accounts for signs of identity theft, such as unexpected medical bills or unfamiliar insurance claims. Attaining your Social Security number, date of birth, banking information and health details is like finding a gold mine for cybercriminals. Only provide this information to trusted sources, and if something seems suspicious, stop and investigate. If you believe your personal information has been compromised during open enrollment, contact your health insurance company through their official channels.
Policymakers, Here’s Our Suggestions
CareFirst urges policymakers to prioritize cyber safety and stronger protections for all Americans. While individuals can take steps to protect themselves, effective safeguards at the state and federal levels are essential during open enrollment. For example, through funding under the American Rescue Plan Act (ARPA), 21 state-based marketplaces received Modernization Grants from the Centers for Medicare & Medicaid Services to modernize or update systems, programs or technologies to ensure compliance with all applicable federal requirements. Grant recipients, including jurisdictions in our service area, used the funds to update their technological infrastructure and security. Here are some recommendations policymakers can adopt to ensure consumers can safely search for, compare and purchase health plans:
- Promote Multi-Factor Authentication: Policymakers should incentivize clearinghouse and insurance platforms to use multi-factor authentication to prevent unauthorized access from bad actors
- Help Fund Cybersecurity for State Exchanges: Policymakers should allocate additional federal resources to strengthen the cyber infrastructure of state-based marketplaces. For example, under ARPA, the District of Columbia Health Benefit Exchange Authority received grant funding to update open source, cloud-based eligibility determination systems, including updating account transfer protocols between the Marketplace and Medicaid, modernizing eligibility verifications, and automating the generation and transmission of customer notices.
- Launch Public Awareness Campaigns: Policymakers should educate consumers on how to better protect their data during open enrollment. For example, under ARPA, over $1 million was invested in expanding consumer education, improving stakeholder training and modernizing Maryland’s eligibility and enrollment system. The Maryland Health Benefit Exchange used those funds to expand its ability to raise consumer awareness and encourage enrollment through digital strategies and outreach to target the largest share of eligible Marylanders.
Protecting your personal data is a crucial part of ensuring a healthy and financially stable new year. Proactive public policy and heightened vigilance ensures that everyone’s most sensitive data is protected during open enrollment season. CareFirst is committed to doing our part to maintain a safe environment for members to attain and manage their health coverage. Our Community Engagement Team serves as a trusted resource where members can schedule in-person appointments to inquire about open enrollment, billing, benefits and much more. For general information on health insurance under the ACA, visit healthcare.gov, and for information on Medicare, visit medicare.gov.