Lacking new information concerning an apparent data breach, it's imperative that students receive reassurances of privacy when sharing personal information for board examinations, AOA implores.
While the source of the data breach is still unknown, students are preparing to take their board examinations and, to do so, they need to provide sensitive information, including their social security numbers. This requirement is not consistent across health professions. For example, according to the Joint Commission on National Dental Examinations, dental students are not asked for their social security numbers, but are required to provide their DENTPIN, a unique personal identifier.
It's a quandary that's left many students in limbo—an unresolved data breach gripping optometry since Aug. 2, elicits trepidation for disclosing such information on National Board of Examiners in Optometry (NBEO) exams, yet the alternative is an otherwise stalled academic path. This much AOA expressed to NBEO as the source of the breach has yet to be determined.
In a letter dated Sept. 6, AOA President Andrea P. Thau, O.D., petitioned NBEO President William B. Rafferty, O.D., to reassure students and recent graduates that their personal data will be safeguarded.
"In order to allay these concerns, can you provide assurances that the current NBEO registration system for new registrants—which includes the required entry of Social Security numbers—comports with best practices for testing bodies in other professions and meets all applicable industry standards for data security?" Dr. Thau asks.
The AOA has yet to receive a formal reply, but will continue to insist on up-to-date, accurate information to provide to its student members, especially those with questions and concerns about data security.
Anecdotal reports suggest that doctors and students began receiving unsolicited, fraudulent applications for Chase Amazon.com Visa cards submitted in their names, on and around Aug. 2. A possible second wave of malicious credit-line openings surfaced again near the beginning of September.
Out of an abundance of concern for members, the AOA contacted the FBI and Federal Trade Commission after initial reports to apprise investigators of the situation. The AOA immediately conducted its own internal investigation, which concluded that no breach of the AOA's information systems had occurred. The AOA does not gather social security numbers through its membership process.
The AOA continues to follow this situation closely and will provide updates when possible.
Members can access new, template appeal letters to assist in payer denials and patient communications, as well as attend an #AskAOA webinar on addressing payer clawbacks and denials.