Over 33 million people in the United States have Health Savings Accounts (HSA) totaling up to $100 billion, making these kinds of accounts high-profile fraud targets. We’ve seen increased unauthorized activity, and consumer-driven health plans are no exception. Unauthorized activity on your Consumer Driven Health Plan(s) may include unauthorized debit card activity and unauthorized fund transfers from HSAs. It is more important now than ever that you remain vigilant and protect your account(s).
As an HSA administrator, we prioritize keeping our participants and their assets safe. There are also steps you can take to protect your account, including but not limited to the following:
- Monitor account activity regularly
- Use a strong, complex password consisting of uppercase and lowercase letters, numbers, and symbols
- Do not use the same password for multiple accounts
- Change the password regularly, at least every 90 days
- Opt-in to proactive alerts available
- Protect debit cards
- Notify Medcom immediately of any unauthorized activity
Please keep in mind that there are limitations on how long you have to dispute fraudulent activity. All fraudulent activity must be reported within 60 calendar days of the transaction date. Disputes reported after 60 days cannot be processed, and you will forfeit your dispute and reimbursement rights. Furthermore, you must complete a dispute form for any unauthorized transaction. Note that there is a different form for unauthorized card transactions than for unauthorized HSA transfers.
For more information on our consumer-driven health plans, check out our Solutions page. To stay current on all the latest in employee benefits and our services, follow us on LinkedIn, Facebook, and Twitter.