The Berwyn Group isn’t just participating in the death audit industry’s evolution – we are leading it. We are thrilled to release a new death audit solution that redefines the way organizations identify decedents with CertiDeath® Paragon™.
During a March 2025 webinar, we discussed how CertiDeath Paragon significantly reduces or eliminates the need to transfer sensitive PII, such as social security numbers, while providing highly accurate and validated results. CertiDeath Paragon isn’t just a new product – it’s our commitment to innovation, cybersecurity and, most importantly, our clients and their participants/policyholders.
Webinar panelists included:
- John Bikus, President, Berwyn
- Dan Ursin, Chief Information Officer, Berwyn
- Jack Hartwig, Marketing Manager, Berwyn
CertiDeath Paragon: Death Audits Without the Risk Webinar Transcript
Jack
Thank you all so much for taking time out of your schedules to join us. We’re pleased to bring you this webinar introducing our new CertiDeath Paragon product. My name is Jack. I’m the Marketing Manager here at The Berwyn Group. For today’s speakers we have John Bikus, President here at The Berwyn Group, as well as Dan Ursin, our Chief Information Officer. They are going to be talking a little about the history of CertiDeath and how Paragon came to be. Then, talking about Paragon itself as well as the cybersecurity measures that it addresses. So, John, I will pass things over to you to get us started.
John
Great. Thanks, Jack and welcome! Thank you for joining us to talk about what we consider to be a revolutionary product: CertiDeath Paragon. Before we jump into Paragon or even CertiDeath, I just want to level set on The Berwyn Group. The Berwyn Group is a sister company of PBI. Over the past couple years have been a number of changes. Maybe some confusion but to set the record straight, The Berwyn Group is a sister company of PBI. I’ve been with the organization for the last seven years. The Berwyn Group is the largest independent company dedicated to population management, which includes both CertiDeath and CertiCencus. We have over 100 people dedicated to this organization. We have 2,000 customers that are using our services and obviously have been in business for a number of years. So, I just want to make it clear that that PBI and Berwyn are sister companies. As we move forward, you’ll be hearing a lot more about the Berwyn brand. That’s where we will be investing in our technology and our people in. Our continuous innovation and upgrades, which many of you have. We will obviously continue to honor and service any PBI contracts, but just understand the strategy that their sister companies. Moving forward, we are investing in The Berwyn Group as a brand. However, CertiCensus and CertiDeath are currently offered through both companies. That could change with regard to innovation, but I just want to level set that. So, with that said, let’s talk about death audit specifically. As many people on this on this webinar are aware, there’s a challenge to finding decedents now. The death master file used to be the primary source and covered 95% of all deaths. You only needed one variable or characteristic which is a Social Security Number. So, it was very simple to do. You could buy that. Almost anyone could buy it for a very cheap price. It helped me start a company called Legacy.com. We purchased that. It was a few hundred dollars. There weren’t a lot of security requirements. That’s obviously changed over the last 10 years or so, for various reasons. But the death master file that’s now available to companies like ours, as well as many of the companies that are on this webinar, doesn’t cover 95% of all deaths any longer. It’s now down to 16% of all deaths, so it’s important to understand that there’s been a significant degradation there. What does that mean? It means that you have to find other sources in order to identify decedents and those other sources are primarily obituaries. So again, one of the differentiators between Berwyn and other companies out there are significant in size or scope. Berwyn uses its own technology to aggregate data from 26,000 different websites, including funeral homes and media websites. We don’t buy our obituaries from anybody. We aggregate our own data sets and we combine that obviously with the limited access death master file along state records. So, a big differentiation for Berwyn in that we’re not reliant on any third party for our obituaries. So as this has become more difficult, we saw this start to occur in the 2015-2016 area. The first thing that we did was we introduced a new product. That was what I’ll call evolutionary in its change, and that new product was CertiDeath. And the reason that we introduced CertiDeath was because of the degradation of the death master file. We saw it becoming very difficult for organizations to dedicate the resources needed in order to identify decedents. That doesn’t mean that people trying to do this or the organizations trying to do this didn’t know what they were doing or were bad at it necessarily. It just meant that this has become really, really hard and you have to really focus on this to get it right. And the way that we figured that out was when we started getting files in from our customers as the death master file degraded, we could see that customers were missing deaths because we would start to run it through the process we were developing and could pick out those that were being missed. And so, we created CertiDeath to eliminate that problem. The goal was, CertiDeath, which has become the gold standard of death audit as it’s utilized by over 1,000 companies now and when was introduced a short five years ago, it’s saved hundreds of millions of dollars in overpayments, as well as enabled release reserves to that same extent. Insurance side, so we introduced CertiDeath because we saw how difficult it was becoming to identify decedents. We were able to put together our own data sets. Combine that with algorithms and a number of companies out there will run algorithms, many of which, by the way, are antiquated, haven’t been kept up to date, haven’t been adjusted for learning. We run machine learning algorithms, but most importantly we combine that with human expertise. That’s something that totally differentiates Berwyn. A lot of companies are running algorithms and will claim to have a certain level of coverage as a result. We have direct experience and can show data that that indicates if you’re running algorithms, you’re not capturing all the deaths. Why is that? Well, the majority of deaths now are identified through obituaries. Obituaries are an unstructured data source. It’s very difficult, if not impossible, to create algorithms that cover every variation of an obituary. And so, what happens is you can run algorithms and you can match on certain characteristics and someone scores them. You get scores that at or above you can be very confident that that person is deceased. A lot of people do that. You can get scores that at a certain level or you’re very confident that’s not a match because it matches on a first name like John. That didn’t match on a bunch of other characteristics. You get a bunch of matches or potential matches in this mid-tier. We’ve got some characteristics that match, but not enough that give us confidence this person is deceased. What will often happen in every case except for CertiDeath, that data gets kicked back to the customer for them to try to figure out or add more data to try to figure out if that person is deceased. That’s the Berwyn difference and the CertiDeath. We actually take those potential matches where they’re not high enough or low enough and we kick them into our human. To review, what does that mean? Human experts reviewing sounds like OK John, they just read the obituary. That’s not the case. They’re actually triangulating into other data sources to add additional information. We’re looking at relative databases. Looking at address. We’re looking at other data sources to pick up pieces that might be able to triangulate into information that’s in the obituary. Or other data set pieces that the customer has sent us as a result of that, we’re able to cover about 97% of all deaths. No one can cover 100% of deaths because typically there’s not good enough data coming from a customer. Not everyone has an obituary. We know there are false positives in the DMF so no one can ever say 100%. We’re about as close as you can get because of this. And how do we know the human element adds value? Well, last year we validated 1,000,000 deaths. Validated doesn’t mean potential matches. Customer, please go figure these out for yourselves. We validated a million deaths, approximately 3 million people die every year in the U.S., so that’s about a third of all deaths were validated through. We are running about 60 million records through CertiDeath, so think of the fact that we’re running about 1/6 of the U.S. population through CertiDeath, but identify about 1/3 of the deaths. That shows you kind of how old our populations are, which makes sense. We typically cover pensions and insurance plans. So, of those 1,000,000 deaths that we validated last year 167,000 required human intervention, and that’s typically what we see between 15 and 20% of all the deaths that we identify come from human experts actually taking a look at data to validate it. We’ve never lost what I call the Coke or Pepsi challenge. And again, it’s because we have this human component of well-trained individuals. And extensive processes to identify decisions. So again, evolutionary. We created CertiDeath to address a problem we saw happening with the scene identification across multiple industries. It’s been a runaway success as a product, it’s become the gold standard for death audit. There is nothing that competes with it in terms of coverage. Accuracy which is 99.9%. So again, if you’re running only algorithms, you’re going to get a bunch of false positives. Our accuracy rate is because of human intervention is 99.9%. In timeliness, typically within 5 to 9 days of a death, we can turn around and say this person is. So, the gold standard in death audit has been developed widely accepted, proven over and over. We evaluate our business not based on stats like our coverage is 98% or we have this many sources. That’s great. We can say all that stuff. About measurable. How do we perform? And again, based on the number of customers we have, that continues to grow based on the fact that we have never lost a head-to-head challenge. With any competitor internal or external, those are the measurable outcomes that we have. And by the way, at the end of the day, the important parts of your business is saving millions, hundreds of millions or billions of dollars in overpayments, allowing release reserves. Getting the right data for mortality assumptions etc. We created that five years ago. Now we are in the business of constant innovation. In this category, again, the largest independent company dedicated to this category of population management, we are constantly innovating, whether it’s behind the scenes with our processes and data sources or out in the open with something like CertiDeath Paragon, right. So, as we looked at what we’ve done with CertiDeath that we took a closer look at what the biggest impediment or challenge. In this category is not only for us, but for our customers to work with us or outside. What is that challenge? That challenge is data security, right? It’s protecting sensitive. In particular, Social Security Numbers and so as we step back and said we have the best death audit solution in the marketplace in terms of measurable outcomes and identifying decisions, how do we make it so that we can completely eliminate most of the data security risk? With this category. And that’s what Paragon is, which I’ll talk about after we talk about the data security. That we’ve actually put around our infrastructure.
Dan
Thanks, John for that introduction. Privacy security questions are top of mind for all of our customers. I’m Dan, our Chief Information Officer. I oversee our engineering teams or data science groups, the governance, risk and compliance teams that are reviewing contracts and customer security questions. So, this is the kind of stuff that I live and breathe every day. I wanted to share a bit with you about some of the common questions that we see industry trends and how you can feel really good about the CertiDeath product that John just walked through, so I’d like to do today is bring you on a journey of a typical customer journey moving their data through our process, how they can feel good about transferring that data before contracting during onboarding while we’re doing the processing and ultimately our data retention policies and cleanup. So, before I filed even uploaded to our process, we take great pains to work with you and your compliance teams to make sure that you understand the certifications and compliance that we’re undergoing. So, SOC 2 Type 2 reports are focused on an annual review of our operating controls. As we go through a very detailed annual review there all the different certifications and security practices we have in place, fundamentally, our security practices are based on the NIST standards from the Government National Institute of Standards and Technology. We offer a profile for customers that are interested in onboarding with our published SOC 2 reports data retention policies. You can see the reports of our annual penetration tests. You can see data flow and network. These are the kind of things that sophisticated companies want to have documented in a formal way, and that’s something we provide before you even begin. Negotiating a file upload. When it’s time for you to finally onboard with the process and start to transfer data to us, there are two main ways that happens. Many of our customers that prefer to do things through a web portal, they can log on to our web portal. Or they can utilize automation through a secure file transfer protocol. For those users that would like to take advantage of our web portal, let’s just get right to it. Factor authentication is one of the most important baseline protections you can have on a web portal today. What that means is if someone were to breach your password, we read about these things all the time in news events. That’s not enough to breach you. They also have to have access to a device, an IP address, some other feature about your identity, and so we enabled that by default. Have had for quite a while for all. Customers, in addition to that, many service providers will charge additionally for single sign on. Single sign on is where rather than create another username and password with. We’re able to use your organization identity provider. Write it so that when an employee ultimately leaves your organization, they immediately lose access to a vendor like ourselves. So single sign on is something that we set up for you in a matter of hours. No additional cost. Security is part of the service offering we provide and of course there’s additional cost for that. I spoke a moment ago about the two main options of uploading data. We spoke a moment ago about the web portal, the web portal of course, is available 24/7. Can upload your file. There you can review population. Can run various reports. As soon as a report is available to you, you can access that information. Organizations that prefer to leverage automation really enjoy our SFTP. So SFTP is secure file transfer protocol that’s away from machine-to-machine communication. You may decide that on a weekly, monthly, quarterly basis you’d like to send us an updated population file. You could choose to replace your existing file entirely. Can add updates to us. Add/or you’re not transferring the entire data set over the wire. Support and a few notes that I wanted to mention about this. Our secure file transfer protocol. So, we’ve set up a very strict set of security protocols around that. It accepts only one directional traffic. You might imagine like going to a bank Dropbox from the outside of the bank. You can drop your check in, but there’s no way for anyone else to access. Only behind the scenes. In a secure area of the bank, and they obtain that. And similarly, when we deliver your results, that traffic is one direction as well. There’s absolutely no possibility of data that was dropped in being pulled out. Our policies simply don’t allow that. Something we take a lot of pride in. For those of you keeping score with different NIST recommendations, there was a mention there about TLS 1/2. TLS 1/2 is the current. NIST recommendation for network traffic over HTTPS, which is what web portals operate on. TLS 1/3, of course, is supported today and over time as NIST makes that their standard, we will adopt that as our minimum requirement as well. And you’ve reviewed all of our security documentation. Uploaded your first file and now you might wonder what happens. So, the very first thing that happens while we’re staging and preparing your file for matching we have already applied an additional layer of encryption on top of your file that you didn’t. You may not have even provided, so we wrap your file an additional layer of PGP encryption. While that file is being staged and ready to be ingested into our system. Many organizations will talk about that second level storage level at rest, encryption. That’s of course the industry standard. That’s data at rest in a hard drive on a server somewhere, and of course we have that everyone these days supports storage encryption at rest. But the additional level of file storage encryption is essential because oftentimes with the trends we’re seeing in cyber security, it’s less common for someone to get direct access to a hard drive to a server. Its logical access breaches that we see being an additional level of file encryption is something that protects the file even in the event that someone had access. That file it’s an encrypted state and is unusable. That’s something we’re very excited about and you won’t see with other providers. Now, once we’ve staged your file, we’re preparing to review it as part of the onboarding with you, we will set up an import profile. What that means is every organization’s data looks different. Organization’s data transfer practices are. You might have some fields and other organization doesn’t. We don’t enforce a particular file upload. If you have 6 fields that you find valuable and that’s what you can provide in a comprehensive way, we’ll set up a profile for you in the format CSV, Excel, fixed width, whatever column order you want. We can create this profile for you on onboarding. This is for a few reasons. First of all, when we know the profile of your data, we can handle this onboarding in automated fashion. That means our technical staff is not dealing with your files directly. No risk of it being downloaded to a computer. It could be left unprotected. This is a secure environment without a human intervention. Second, by us, knowing the fields that you’re going to send over to us, we’re able to identify if you’ve over shared data. We want to make sure we’re providing the service to you with the minimum amount of information necessary to keep your risk profile down. So, if you shared can you identify that and communicate that back with. Delete the file right away and ask you to submit something else. Similarly, if you forget to send a field, we can warn you about that so that we don’t degrade the performance of your results and make sure you’re always getting the maximum value. Your death audit. I mentioned the automated processing. This allows us to get data out of the file form that you’ve provided to us into our secure environment and then the file is complete completely purged as soon as the staging is completed. Once we’ve processed your file and brought into our environment, a very special platform that we have that you won’t see with other provider is that data goes to a field level. You’ll see other smaller organizations blending operational and very sensitive PII into the same data store. That’s just not the way we operate. Our operational data is strictly segregated from our PII into a highly secured cluster that has no external network access. It is not possible for an attacker to attack that data store directly. Every customer, upon onboarding, is issued an encryption key to them. So, all of your data is encrypted with a key that is completely separated cryptographically from anywhere and other customers. We take a lot of pride in that we lock down this this PII data store so that only our internal processing engineers can process this. It’s something we take a lot of pride in, so we’re very excited to announce that every customer can feel good knowing that their data is cryptographically isolated from any other customer. And finally, we’ve stored your data securely. Provided excellent matching. I loved the description John gave about what makes our matching process so unique. It’s something that my engineers and I get really excited about. Can we constantly be improving this category? And as John said, we do use proprietary matching and scoring. You’ll see that very commonly we reach wide and far to make fuzzy matches that satisfy a regulatory settlement agreements and the types of fuzziness that you’d expect a human to be able to identify. But then the human review and research allows us to make sure that we keep our accuracy rate well north of 99%. That 99 plus percent accuracy rate is just not something you’ll see with other organizations. If you are relying on an algorithmic based approach, you are going to introduce false positives which really diminishes the value of any offering. So, I would invite you to compare our results with anyone else that you would see. As John said that like the Pepsi Coke Challenge, we’ve never lost one of those. We would love to take and show you the value we can provide. And of course, after we’ve done the matching, our human team has gone through our operations. Has validated these results with a high degree of accuracy. It’s time to get them back to you. And as I mentioned, our web portal provides 24/7 secure access. You’ve already onboarded with single sign on, so you know you’ve got your organization’s multi-factor IP restrictions. Every other protection your organization would provide. Or we’ve delivered that file to you automatically upon delivery with SFTP, you’ve already provided us with your PGP public key, which we’ve encrypted your file to so that again, even in the event of a direct to file access on that there is no risk as the file is encrypted to your public key, which only you can access. We take a lot of pride in the automated fashion that we can deliver. Files to you. It makes it easier for us to operate like clockwork. You can know that your data is going to get transferred to us, processed securely and returned back to you without having to worry about that. Our web portal is available 24/7, undergoing annual penetration testing so that you can feel great about the convenience and the protection that we’ve allotted for you there.
John
Thanks, Dan, for that. We’ve talked about being the gold standard and then Dan walked through the extensive data security that we have around our solution and it just seemed in addition to having the best measurable outcome, we have what we think is the is the best data. And so, you know, the question is OK, why? Why CertiDeath Paragon then? You know, at least 50% of people are concerned or companies are concerned about sharing sensitive data, but back in mind with the fact that most, if not all, of you have downstream customers and so you have internal governance. You have, internal rules and regulations about sharing their data. Going to be top of mind for everyone. And so that’s what we took into consideration when we said what are the barriers to really making a solution that customers can not only feel confident in having the best measurable outcome as we given the results that we produce, but can feel very comfortable with regard to data security and regardless as to whether or not things have been locked down on the vendor side like our side, how can we make them feel comfortable that they aren’t sharing things that they have to be concerned about and that’s where CertiDeath Paragon comes into play, and there are three areas here that I want to touch on. Briefly what is it? How do we do it? And who should get it and how do you get it? And so briefly, you know, to describe CertiDeath Paragon in the simplest terms is to significantly reduce, if not completely eliminate the risk associated with transmitting sensitive PII, in particular, a Social Security Number. OK again, we intend to significantly reduce or eliminate the risk associated with transferring sensitive PII, in particular, a Social Security Number. What does that mean? That means for CertiDeath Paragon we have developed processes and datasets over the past five years that enable us to identify Social Security Numbers without getting the Social Security Number from you. In order to do that, there are a few pieces of information that we need. Again, these are not considered sensitive pieces of personally identifiable information. So, the pieces of information that we need in order to effectively execute CertiDeath Paragon are a unique identifier from the customer by person, right? A unique identifier. A first name. A last name. A city. A state. And a partial date of birth. Partial date of birth, month and year is not considered sensitive. PII full date of birth is considered sensitive. And requires consumer notification should it be ever stolen or breached in two states. But partial date of birth is not considered as a global rule. Now, I know organizations have their own rules, but as a global rule, which is what we go by, it’s not considered sensitive PII. So again, what we need for CertiDeath Paragon is a unique identifier by person. A first name or last name. A city, a state, a partial date of birth. What we’re able to do with that information then is we’re able to take that information into our system, access the data sets that we have and identify Social Security Numbers that align with that person. So that means that any requirements with regard to DMF or state, you know data matches for regulatory settlement agreements for example, we are making Social Security matches. The way this process will work is you send us that information, we will go pull the Social Security Numbers that have match them to the person. In our testing, which has been extensive, we are typically able to get to, at least at least a 70% identification of Social Security Numbers. The typical amount of matching that we make is 90% plus. What does that mean? It means that minimally, minimally, we’ve just eliminated 70% of the data security risk associated with the data that you send us. Typically, we’re going to eliminate 90% out of the gate. The way the process will work is you’ll send us that we’ll pull the socials and then we’ll come back to you. And say, listen partner, we haven’t been able to identify socials for 10% of the population. Here’s the 10% we need you to send us those socials and what we’ll do is we’ll match those one for one in the data set that we have. We just couldn’t make the match because of the data you sent us. There are unique situations that prevent us from doing that, we’ll get the other 10% and then we’ll delete your data, right. What does this do? Essentially, it eliminates the risk of data. Number one. But number two, it eliminates the risk of consumer notification because now we’ve taken the data, we put it in our system. You didn’t send us the data. Any data that you did send us for the stuff that we missed, we’ve taken out of our system, right? Again, we think that CertiDeath was evolutionary. This is revolutionary because we’re going to be able to deliver the same results as gold standard CertiDeath, but now we’ve taken into effect data security and have significantly reduced or eliminated your company sending us Social Security Numbers. So that’s what Paragon is. You’re going to send us certain data fields which are not considered sensitive PII, we run them through our data sets and processes that we’ve developed over the last five years. We’re going to be able to go get the Social Security Number for that person. Anything that we can’t find, we’re going to ask you to send to us. We’re going to put in, we’re going to match in our system. Now we’re going to delete the data you gave us, again taking out transfer issues with regard to sensitive PII and then responsibility of client communication, because now we have the data right and we’ve found the data. You didn’t give us the data, so that’s CertiDeath Paragon. And what does that produce? The same, potentially better results given the data that we have, which we probably can make some data from companies better and we can talk about that individually. We can get even better on our matching, which is which is hard to do, but there’s a little bit more room there. We’re always looking to do that again as a company dedicated to the space. How do we do it? The simple and that’s the biggest question we get when we’ve had these conversations with clients and we’ve had several dozen of them. That’s the foremost question. And again, we are the largest independent company dedicated to population management. We’ve developed processes and over the last five years, as a result of CertiDeath that enables us to come up with this solution and again as we’ve talked about before, with regard to CertiDeath, put us to the test. We’re happy to show results, to show how we can match socials. Can we get to death audit results without getting a social from you? To talk about how we can prove that. Processes and datasets that have been developed for the last five years. Who should get it and how do you get it? Listen, if you’re on, CertiDeath right now. Dan went through our security protocols. Data is locked down, right? Data is locked. You’re getting the best results and so. the customers that should think about CertiDeath Paragon probably fall into two camps. The first two camps I would suggest are: If you have a data set that you don’t have or you don’t feel like you have accurate or complete Social Security Numbers or dates of birth. You should be thinking about CertiDeath Paragon because that’s where CertiDeath Paragon comes in. To help fill that stuff in, right? So that would be one group of people if you don’t have good data. The other group of people obviously is if you’re not working with us right now or don’t have CertiDeath. We should introduce you to CertiDeath Paragon as your first taste of working with The Berwyn Group. So those are really the two first groups. The third group is if you do have CertiDeath and want to move over to CertiDeath Paragon, obviously we support that and we will work with you to do that. Although as Dan described it in a way that it would be hard, if not impossible, to penetrate, given the way that we have things set up right and you’re getting the best. OK, so that those would be the groups and how I would say people should think about doing this now as we move forward. In summary, Berwyn is the largest independent group with only over 100 people dedicated to population management, including the solutions we’re talking about today. You know our CIO. We have engineers, we have data scientists. We have a sales team. We have a marketing team. We have executive leadership by vertical industries. We are a professionally run organization dedicated to the space. No one else is focused on innovating, right? That’s where CertiDeath Paragon came from. That is, the gold standard has been proven over and, if you’re not currently on, it would be happy to show you what we can do. CertiDeath Paragon is revolutionary in that now in addition to having gold standard measurable outcome results. We are eliminating or significantly reducing the data security risk associated with this category. Most people are thinking about it at some level, right? It is the biggest question: what’s going to happen to the Social Security Numbers I’m sending to my other vendors? What Paragon allows you now to consolidate vendors potentially. Because Paragon processes will be throughout our different solutions CertiCensus, death audit, locate all those solution. We will have Paragon processes and datasets throughout our solutions so you can consolidate vendors. You can eliminate a risk associated with working an outside vendor, right? And you know, you can feel comfortable that your downstream customers are getting served in the best way possible through this niche category. So, that’s really the overview on CertiDeath Paragon, very quickly, it takes assertive results, eliminates the data security risk in that you have. It uses variables now that are considered non-sensitive PII and typically will exclude the Social Security Number. We will do Social Security Number matching on our end. For those we can’t find, we will come back to you. For those you can send us, we will do the one for one match on our end and take away the Social Security Number you sent us again. Eliminating the full risk, if we can go through that whole process, if you are interested, we should start those discussions as soon as possible, because I’m sure there are going to be a number of questions, especially with the sizeable organizations that we work with. On the insurance side and the pension side, from a contracting standpoint CertiDeath Paragon will only be offered through Berwyn. Again, as I mentioned earlier, that was the reason for the preamble. We are putting our support behind The Berwyn Group as a brand, but you know the financials, obviously solid, you know, data security infrastructure, hundred person plus company, all the things that you would need. And Berwyn’s been in business for a while. It’s just morphed now from a small shop to 100-plus person, professionally run organization dedicated to population management. With that said, why don’t I open up for questions that we have, Jack, now coming in?
Jack
So John, this first question goes to you and this popped up a lot and I think you touched on this, but in summary how is CertiDeath Paragon different than CertiDeath as it stands?
John
CertiDeath Paragon will provide, you know, essentially the same results in terms of death audit, right. And it is the gold standard, the most number of results never lost the Coke or Pepsi challenge the way that it differs is that in order to get those results that typically what we’ve asked for is sensitive PII. We’ve asked our customers to send us a Social Security Number so that we can do Social Security Number matches. Paragon eliminates the need for you to send us Social Security Numbers, either for the majority of your population or all of your population, right? So again. CertiDeath required a Social Security Number to be sent to us as part of the data set. CertiDeath Paragon only requires a unique identifier on your end. A first name, a last name. A city, a state and a partial date of birth. We will identify the Social Security Number on our end. Any Social Security Numbers that we cannot identify, we will ask you for. Then, we’ll do a one by one match in our data and eliminate the socials you sent. So, that’s the difference is it eliminates the risk of PII transfer coming from the client, which is the biggest risk or issue associated with this category.
Jack
Dan, this one’s coming your way. What sources does CertiDeath leverage or indexes that we use to look up information?
Dan
Yeah, I alluded to this a bit and so the answer for CertiDeath and CertiDeath Paragon is we leverage all the same data sources we curate and scrape our own proprietary data sets for obituaries and funeral homes and immediate sites covering more than 26,000 websites. We go out and we get the original. We scrape them daily to find updates because that’s very common in that industry. In addition, we have the limited death master file from the Social Security Administration and a number of different state and federal sources. That is the same answer whether it’s CertiDeath or CertiDeath Paragon – all of our death audit certified products support the same data sources.
Jack
John, you touched on this question in your last statement, but you know, I guess the question here is, is additional data needed for Paragon’s results versus CertiDeath? You outline the name and all that, but is additional data needed?
John
The additional that’s needed and we typically get this, by the way, is a unique identifier for a person. We ask that it not be typically a policy number or something, but even if it is the way that we store our data won’t make it. So, with regards to any new data, no, it’s a unique identifier, first name, last name, city, state, partial date of birth, not full date of birth.
Jack
Great. And John, are state regs that note SSADMF master file satisfied by this product?
John
Yeah, again, I think that was one of the early questions we got. We weren’t clear on communication. We are doing Social Security Number matching, so we are finding Social Security Numbers, attaching them to a person and making matches. So, we are meeting any regulatory requirements, especially with regard to regulatory settlement agreements. So yes, we are doing Social Security matching. This is not simply obituary. This is, as Dan mentioned, all the data sources that we have. All we’re doing is eliminating you having to send us Social Security Numbers.
Jack
Perfect. And Dan, what can you tell us about how we verify and validate matches without the SSN?
Dan
Yeah, this is so John mentioned the history of CertiDeath. We’ve been doing this for a long time. Our operations team, hands-on human element expertise. They see these trends and what’s really necessary to make a match, and we’ve all tried to implement our own version of an automated solution. Tried to do an Excel V Lookup. You tried to do a few automated things. We have much more sophisticated solutions. Millions and millions of these things come across our desk so our team knows exactly what’s necessary. So, we’ve been able to go through and validate which data elements, how fuzzy is fuzzy to be acceptable, to keep our threshold for acceptance really high, but still keep that wide range so we can make up for the data discrepancies that are likely in your data set no matter how hard you’ve tried to curate the best data set of your population. There will be incomplete data, dates of birth are wrong, that kind of thing. We see that all day, every day. It’s what we live and do, so we have been able to take that expertise and turn it into a very viable product. Able to deliver the same level of quality assurances without requiring sensitive elements like a Social Security Number.
Jack
Great. And a follow up question to that, what steps is The Berman Group putting into place to assure that SSNs are secure? We could talk about it a lot, but in summary, what are the big items?
Dan
You know, we went through a long, deep dive on our security practices. The levels of encryption defense-in-depth means the name of what we do and everything I said about serving up in our security practice. It’s the identical process as CertiDeath. It’s just you’re not sending us the Social Security Number or if you are, it’s on a fraction of your population. Everything I mentioned about our security policies, you can take to the bank for. For CertiDeath Paragon and in the event we have to go back for a certain portion of your population, we’re able to clean up those elements so that we’re not retaining it any longer than we have to. Our data retention policies are very clear about how we’ll hang on to and we have to go through that with you and discuss that with CertiDeath. In addition, CertiDeath Paragon. But you can take all the security practices I just mentioned. Specifically, encryption. Zero network access for our sensitive datasets. These are things that apply to all of our CertiDeath products. I would be happy to go into detail with your compliance team for further detail.
John
Please feel free to reach out to anyone on our sales or customer success teams to get the conversation started and feel free to send in any additional questions that you might have of us or any ways that you think we could continue to improve in this category. Thank you all for your time and we really appreciate your interest.
Jack
Thank you all for joining us and have a wonderful rest of your day!
——————-
View the recorded webinar on our YouTube channel.