JustRewards wrote:I would guess that CVS was able to cross reference your other personal information on file to the charge card you previously had in your profile and had authorized. Technically they shouldn't have used that when you updated and saved your profile without it but I wouldn't be surprised if their user agreement and privacy profile (which nobody ever reads) grants them permission to do what they did in order to process an online transaction (even if it was a billing error on their part). As far as who to contact I would escalate through their customer service process for billing questions but I would also contact their corporate headquarters to complain. Your ultimate recourse is to take your business elsewhere, though, since it seems to be a recurrent problem.
Thanks for your interest! I've made some progress since first posting this.
1) My Attorney Generals Office has an open case under investigation. As of a few days ago... No response from CVS-Caremark.
2) The organization that defines the standards for my complaint is PCISS (https://www.pcisecuritystandards.org/do ... _QRGv3.pdf
). These folks were super helpful... I was informed that the charge-card company (Visa) is the organization that can help me. Visa has accepted my complaint and is under investigation.
3) CVS-Caremark has admitted their error... See below:
4) If I could disconnect from CVS-Caremark... I would! Unfortunately, it's the plan my employer has selected. On a good note... My company is terminating their relationship January 2017. Yippee!