Little L has regular(ish) eye tests. We receive the appointment through the post, which is great – if we can’t make it, the service to change the appointment is really easy to use. However, there is a sticking point in this process. Around a week before each appointment, we receive an automated phone call from the hospital to confirm our attendance. With every single phone call, at the point where we are asked to confirm Little L’s date of birth, I hang up.
Because if someone is calling me, they should need to confirm that they are who they say they are, not me. I’ve already completed paperwork to confirm our personal details. I know I am me. Anyone could set up a recorded message to call me and then ask for my daughter’s date of birth, a factoid that will probably be part of some security question or another in the future, and one that I am not happy to give to an automated message over the phone.
No, if you call me, you prove that you know my daughter’s date of birth.
The result of me hanging up is normally a phone call from a real person a few days later.
Actual phone call from this evening
Them: Are you the parents or carer of Little L?
Me: Yes.
Them: And, for security purposes, can you confirm Little L’s date of birth please?
Me: No. You should be confirming it to me. You called me. You could be anyone.
Them: Oh… but it’s standard procedure, could you just confirm her date of birth please?
Me: No. You could be anyone calling me and reeling off the hospital procedures, so I wouldn’t give you personal information over the phone. You should be able to confirm it to me, not the other way around.
Them: I can give you the hospital’s phone number to call back if that would make you more comfortable?
Me: No, I’m fine thanks.
Them: So….?
Me: No. We’ll be at the appointment, yes, but I’m not going to tell you my daughter’s date of birth.
Them: Oh. Ok. Erm…
I gave them the ultimate answer they were looking for, but not the security question in between. I have no idea whether this will have made their procedure driven head explode in a malfunctioning does-not-compute cloud of sparks or not.
In other areas of life, we have companies call and ask us (without divulging their company name) for personal details “in order to pass security”. No. Just no. You prove yourself and credentials and inside knowledge to me and then we can talk. I had the AA call me back once and ask for my date of birth. Nope. They could be anyone, sitting there all ready to take my personal details down and set up an account in my name. Date of birth, address, phone number, national insurance number – that’s a great start to get a loan in my name.
So no, sorry to all the companies out there with well meaning goals and procedures, but no, I won’t answer your security questions if you call me. I will continue to ask you to pass my security until such a time where one of these calls ‘recorded for quality and training purposes’ finally gets listened to and acted on.
No.