Denise Koukal, chief information officer for the LaMettry’s Collision chain in Minnesota, said her company, like others, has had a customer upset his vehicle repair generated an entry on a vehicle history report.
“We got a phone call as he was preparing to sell his vehicle at an auction and noticed that this had been reported to a third-party vehicle history report,” Koukal said during a data access and privacy discussion at the Collision Industry Conference (CIC) in November. “I’m sure many of you have had the conversation about ‘Why did you report my repair? Now it’s going to financially impact me with the sale of my vehicle.’ We didn’t report it, but we don’t know who did either. So it’s a very difficult conversation to have with a customer.”
Koukal shared a flowchart tracing everywhere data related to that repair---a customer-pay job---went from the shop, including to three different parts procurements systems that each searched for parts from multiple vendors; third-party scheduling and customer service indexing services; OEM repair procedure sources; an aftermarket scan tool system; a materials invoicing system; and an aftermarket clips and fasteners tracking system.
Koukal said other common places the data is sent---though not for this particular repair---include a rental management system, sublet sources and an online estimating program.
There was no way of knowing, Koukal said, how in all that data flow the repair made it to the vehicle history report. She said both her company and the customer asked to have it removed from the report for the vehicle.
“To my knowledge, the accident was never removed from the vehicle history report,” she said. “This customer was a repeat customer for us. We had done five repairs for him. We have done none since.”
Start of Estimate Enough to Send Out Data
Another panelist, New Mexico shop owner Scott Benavidez, said he has been working since 2016 to track down how some estimate data from his shop has made it to vehicle history reports He shared a flowchart similar to Koukal’s, but the estimate it tracks was not a customer-pay job but one involving an insurance company.
“As repairers know, we get information every day that says, ‘Add this vendor, add this vendor,’ so that they can continually look for the least expensive part,” Benavidez said. “That absolutely opens it up to people that I didn’t even invite….as a vendor, but now are in my platform because of the insurer relationship.”
Koukal agreed, noting insurer and automaker programs can similarly require the use of different customer satisfaction indexing services, “exposing that data to many more places.”
Benavidez said once last year, he had entered about the first 20 lines of an estimate before he got called away to do other things.
“I came back to that estimate about an hour or two later,” he said. “As I went through my emails, I had received one from Wheels America that said, ‘Hey, we have your wheel’ for that particular vehicle. I hadn’t locked the estimate. I had never done anything with that estimate other than start it. Wheels America is someone I’ve never done business with. They were put in there by the insurance company. And I had no idea it was going to them.”
The panelists all agreed it’s difficult to know how often a shop’s data related to a repair somehow makes its way onto a vehicle history report.
“It’s really hard to say how frequently it happens because we don’t usually hear about it until a customer goes to sell or trade in their vehicle,” Koukal said. “There’s probably been about 10 times that we’ve been called about it, so we know it’s happened. But there’s probably a lot we don’t know about.”
Ashley Denison, chief information officer for the Caliber Collision chain, agreed, noting the company’s CEO even came to her about tracking down the issue because the repair of his own daughter’s car made it onto the vehicle’s CARFAX report.
Denison said Caliber has resources to try to address the issue, but she sees the need for an industry solution because if it happens to any shop, “it happens to all of us, it’s a knock on the industry.”
She said listening to what Benavidez as the owner of a single shop has done trying to track the problem down, she was “blown away by how much as an operator he had to know about all this,” when he should be focused on the quality repairs and customer service everyone wants from shops.
“So how do we as an industry begin to flip that,” Denison asked rhetorically.
Putting Things in Writing
Benavidez said he worked with the Automotive Service Association years ago to create an “end-user licensing agreement” (EULA) shops could require vendors to sign related to their use of the shop’s data.
“But I have yet to get one company to sign that,” Benavidez said. “I think the reason for that is even they don’t always know where [the data] is going. I’ve brought it up numerous times, but I’ve had zero response in getting anybody to sign that EULA."
Denison said Caliber does have EULAs in place with its vendors.
“I think this is where size and scale makes a little bit of a difference,” she said. “But the reality is [the agreements] are more of a punitive thing---only if we find out that something has happened---than something on the front-end that stops the data from going out.”
Koukal said her company falls between Benavidez’s and Caliber in terms of size, and has EULAs with some of its vendors but not others. She agrees with Denison’s view that such agreements have limited value.
“In order to do anything about them, you have to know where that data was shared and who shared that data,” Koukal said. "You’d also need to take it to a court of law in order to have anything done with it. I don’t think everyone is in a position to do that, nor do they want to do that. So I don’t know how much value [the EULAs] have.”
The panel was asked if some sort of government regulation, similar to those designed to protect patient information in the medical field, was the answer. Denison said that certainly would create compliance, “But I absolutely believe that as an industry we can solve the problem without the government getting involved.”
In the meantime, Koukal and Denison each said their companies added verbiage to their repair authorization indicating the customer allows the shop to access and share vehicle data with third-parties as relevant to the repair of the vehicle.
“My concern is: Do they read it and understand what that actually means,” Denison said, acknowledging that if she knew little about the industry and was getting her car repaired, she would just check the boxes as necessary and sign the form.
Benavidez said his similar concern led him to create a second authorization related to the use of their vehicle data from scans.
“It’s really helped us with the consumer to gain their trust,” Benavidez said.