ISO ClaimSearch® User Compliance Dos and Don’ts

By Kate O'Kelly  |  February 4, 2015

ISO ClaimSearch® is dedicated to adhering to confidentiality standards to ensure data is secure. ISO takes extensive measures to protect data entrusted to us and relies on ISO ClaimSearch users to do the same for data we entrust to them.

We require all ISO ClaimSearch participating organizations ensure that their users properly use the system. To safeguard and ensure the confidentiality of the information that users retrieve from ISO ClaimSearch, we put together some handy tips for data security.

Here is a list of things to do:

  1. Use Claims Inquiry to investigate and adjust a claim reported to ISO ClaimSearch.
  2. Enter the actual claim number in the Investigations Query (IQ) tool for the reference claim number.
  3. Refer claimants or insureds to ISO for a redacted copy of their personal ISO ClaimSearch match report.
  4. Inform ISO to deactivate ISO ClaimSearch access when an employee leaves employment with your company or transfers to another job function.
  5. Encrypt laptops and lock screens when PCs are unattended.
  6. Provide ISO ClaimSearch information to law enforcement if they’re involved in the investigation or adjustment of your claim.
  7. Contact ISO if you need users to access ISO ClaimSearch through your company’s network and institute IP blocking as an added safety control.
  8. Remember to shred any ISO ClaimSearch match report you may print pursuant to your company’s document retention and PII/PHI policies.
  9. Review and familiarize yourself with the complete ISO ClaimSearch Privacy and Security Policies.

Here is a list of things not to do:

  1. Don’t perform IQ searches on yourself, friends, family, coworkers, neighbors, or celebrities.
  2. Don’t send default values in required fields to bypass system edits (for example, SSN 111111111 or ZIP code 99999).
  3. Don’t provide a copy of any ISO ClaimSearch report to your insured, claimant, or third-party representative.
  4. Don’t share ISO ClaimSearch user IDs or passwords.
  5. Don’t send copies of ISO ClaimSearch reports via unencrypted e-mail.
  6. Don’t save match reports, management reports, or IQ download extracts to your local drive or a USB flash drive.
  7. Don’t submit health claims under a property/casualty membership (separate membership agreements are required for PHI data).
  8. Don’t use ISO ClaimSearch for any type of pre- or postemployment screening, underwriting, or any use covered by the Fair Credit Reporting Act.
  9. Don’t use ISO ClaimSearch for any purpose other than investigating and adjusting a claim.

Kate O'Kelly

Katherine O’Kelly is the ClaimSearch compliance manager. She is responsible for compliance and state regulatory matters involving ISO ClaimSearch, the property/casualty insurance industry’s “all claims” database. Katherine has five years of claims experience in the property/casualty industry, with a specialization in workers' compensation.