Share Insurance Details

Send insurance policy numbers, member IDs, or claim information securely.

Why secure share insurance details matters

An insurance card is the billing layer, not the chart. The member ID on a Blue Cross or Aetna card, paired with a date of birth and group number, is enough to call a payer's IVR, confirm coverage, and submit a fraudulent claim. Auto policy numbers play the same role for collision filings; homeowner or renter policy numbers anchor property loss reports. This is the routing data that decides who pays whom, not the medical record itself.

Standard handoff channels are tuned for the wrong threats. A photo of a UnitedHealthcare card sits in Apple Photos with on-device OCR and iCloud sync, so the policy number becomes a searchable string. Faxing through eFax or HelloFax leaves an inbound PDF plus an SMTP email copy on the receiver's mail server. Texting an auto declarations page over RCS preserves the image inside Google Messages backups.

PasteOnce sits between the moment a number is read off a card and the moment a clerk types it into a clearinghouse, an adjuster keys it into Guidewire, or a contractor opens a property-claim portal. Pair a one-time link with a follow-up phone read of the group number, and escalate to the carrier's SIU if anything looks off.

What goes wrong when share insurance details is shared insecurely

Member ID plus DOB unlocks claim history. Payer portals (myCigna, Anthem Sydney, Kaiser kp.org) treat the member ID combined with DOB and ZIP as a soft authenticator on the password-reset path. A leaked card plus a public birthday yields the entire EOB stream.
Auto bumper-fraud rings reuse policy numbers. Staged-collision rings collect policy numbers from leaked declaration pages and file passenger-injury claims under invented occupants. The NICB tracks this; the policyholder usually learns only when premiums spike at renewal.
Property claims filed through contractor portals. After storm damage, restoration contractors often request a photo of the homeowner declaration page to seed a Xactimate estimate. A leaked copy lets a bad actor open a duplicate claim on CCC or Symbility and divert the payment before the carrier reconciles.
Pharmacy benefit data abused at chain counters. Express Scripts, OptumRx, and CVS Caremark all expose RxBIN, RxPCN, and group fields on the card. With those values an attacker can phone a chain pharmacy and fill a controlled-substance refill in the member's name.

Share Insurance Details

Client-side encrypted. We can't see your data.

Press Ctrl/⌘ + Enter to send0 characters

Expires in:

End-to-End Encrypted

Your data is encrypted in your browser before it leaves your device.

Self-Destructing

Messages are automatically deleted after being read once.

Zero Knowledge

We never see your data. Only encrypted blobs pass through our servers.

One-Time View

Links work exactly once. Refresh the page and it's gone forever.

How does share insurance details work on PasteOnce?

Client-Side Encryption

Your sensitive data is encrypted in your browser using AES-256-GCM. The encryption key is generated randomly and never sent to our servers.

Secure Storage

Only the encrypted blob is stored in our database, with an automatic expiration time. We literally cannot read your data.

One-Time Read

When your recipient opens the link, the encrypted data is fetched and immediately deleted from our servers using an atomic Redis GETDEL. The key in the URL hash decrypts the message in their browser.

Best practices for share insurance details

Send the front and back as two separate links

Split the front (member ID, group, RxBIN) from the back (customer-service phone, claims address). Two links beats one envelope holding every field an adversary needs to spoof eligibility.

Prefer payer portal proxy access to a raw paste

myAetna, MyHumana, and most Blue plans support adding a caregiver or authorized representative with read-only access to claims and EOBs. For recurring handoffs to a parent or adult child, a portal grant beats relaying card details every visit.

Use e-prescribing instead of card photos

Surescripts and CoverMyMeds let a prescribing clinic route prior-authorization requests to the PBM without the patient relaying RxBIN and PCN. Ask the clinic to look up coverage by name through their EHR instead.

Flag the policy with the carrier after handoff

Most carriers offer a fraud-watch alert through their SIU. After sharing details for a single appointment, claim, or repair, call the number on the back of the card and request that flag until the encounter clears the next EOB.

Related Secure Sharing Tools

Share SSN Securely Share Tax ID Numbers Share Medical Information Share Passport Information

Real situations this is built for

Adult child managing a parent's Medicare Advantage encounter

A parent is admitted for same-day cardiac surgery. The adult child PasteOnces the Humana Medicare Advantage member ID and group to the admitting clerk, then enrolls as an authorized representative on Humana.com so future visits skip the relay.

Auto collision handed off to a body shop estimator

Rather than letting an estimator photograph a State Farm declarations page, the driver PasteOnces the policy number and claim PIN to the shop's office. The shop opens the claim through the Select Service workflow without retaining the page.

Storm-damage handoff to a roofing contractor

After a hailstorm, a homeowner picks an IICRC-certified contractor. The homeowner sends the policy number and adjuster contact via PasteOnce; the contractor uploads one Xactimate estimate, and nothing lands in a shared Dropbox of customer records.

Frequently Asked Questions

Is sharing my insurance card details a HIPAA violation?

HIPAA binds covered entities and business associates — providers, plans, clearinghouses. As an individual member you are free to disclose your own card data, and PasteOnce is not a covered entity. The real risk is identity-driven claim fraud, which the NAIC and your carrier's Special Investigations Unit handle.

Can someone open a claim with just my policy number?

For health, they usually also need DOB plus group number to authenticate to the payer IVR. For auto and homeowner lines, the policy number plus the named insured's address is often enough to start a first-notice-of-loss intake. Treat these strings as identifying material, not as a public account number.

What is the difference between this and sharing medical records?

share-medical-info covers the chart itself — diagnoses, lab values, imaging reports, clinical notes. share-insurance-info covers the routing identifiers a biller uses: member ID, group number, RxBIN, RxPCN, payer name. The two leak different things and call for different recovery steps.

Should I report a leaked insurance card to anyone?

Yes, in this order: call member services on the back of the card and request a new ID plus a fraud-watch flag, file an SIU report with the carrier, and if organized fraud is suspected submit a complaint to your state insurance department. For prescriptions, also contact the PBM directly.

Why secure share insurance details matters

What goes wrong when share insurance details is shared insecurely

Member ID plus DOB unlocks claim history. Payer portals (myCigna, Anthem Sydney, Kaiser kp.org) treat the member ID combined with DOB and ZIP as a soft authenticator on the password-reset path. A leaked card plus a public birthday yields the entire EOB stream.

Auto bumper-fraud rings reuse policy numbers. Staged-collision rings collect policy numbers from leaked declaration pages and file passenger-injury claims under invented occupants. The NICB tracks this; the policyholder usually learns only when premiums spike at renewal.

Property claims filed through contractor portals. After storm damage, restoration contractors often request a photo of the homeowner declaration page to seed a Xactimate estimate. A leaked copy lets a bad actor open a duplicate claim on CCC or Symbility and divert the payment before the carrier reconciles.

Pharmacy benefit data abused at chain counters. Express Scripts, OptumRx, and CVS Caremark all expose RxBIN, RxPCN, and group fields on the card. With those values an attacker can phone a chain pharmacy and fill a controlled-substance refill in the member's name.

How does share insurance details work on PasteOnce?

Client-Side Encryption

Your sensitive data is encrypted in your browser using AES-256-GCM. The encryption key is generated randomly and never sent to our servers.

Secure Storage

Only the encrypted blob is stored in our database, with an automatic expiration time. We literally cannot read your data.

One-Time Read

When your recipient opens the link, the encrypted data is fetched and immediately deleted from our servers using an atomic Redis GETDEL. The key in the URL hash decrypts the message in their browser.

Best practices for share insurance details

Send the front and back as two separate links

Split the front (member ID, group, RxBIN) from the back (customer-service phone, claims address). Two links beats one envelope holding every field an adversary needs to spoof eligibility.

Prefer payer portal proxy access to a raw paste

Use e-prescribing instead of card photos

Flag the policy with the carrier after handoff

Real situations this is built for

Adult child managing a parent's Medicare Advantage encounter

Auto collision handed off to a body shop estimator

Storm-damage handoff to a roofing contractor

Frequently Asked Questions

Is sharing my insurance card details a HIPAA violation?

Can someone open a claim with just my policy number?

What is the difference between this and sharing medical records?

Should I report a leaked insurance card to anyone?