Beware of health insurers' data grabs, wearables and biometric goals


Like many self-employed freelancers, I spent last week hunting for a health insurance policy before the open enrollment period ended. Failure to buy a policy by January 31 would not only leave one with an extreme health risk, but could also result in penalties of $695 or more per person in the household when it comes time to file 2016 tax returns. A double whammy, as it were. But a funny thing happened on my way to secure a policy. But funny only in a peculiar and danger-laden sense. Here's what happened…

First, let me say that I'm not going to reveal the name of the insurer, as I think doing so would create a false sense of the problems being limited to a single company. They're not. Rather, this scenario reflects an emerging trend.

I talked to an insurance rep on the phone and applied for a policy directly from the company. I tried my state's health insurance marketplace but found it lacking important details, such as a list of doctors in the networks of various policies. Hence, further research was needed on company websites. Eventually I chose and called an insurer to ask further questions and to apply for coverage under the policy I had selected.

So it was that the company insurance rep took my application over the phone rather than on the web. When we neared the end of the process, he read me a bizarrely vague, long and convoluted statement that I doubt anyone not well-versed in big data would have understood. It didn't help that he read it to me as fast as humanly possible.

The statement he wanted me to approve amounted to giving permission for unfettered data collection from any and all third parties, whether or not such information pertained to my health, and to be used however they wished. The implication was that the massive data collection would be to my benefit, but that is not what was said. Implied is not the same as said, meaning if one were to agree to this and find it abusive later, there would likely be little to no legal recourse.

At the very end he expelled in a single rushed breath, and much more quietly, that my refusal of such permission would have no bearing on whether my application of coverage was accepted or not. I asked him to repeat that part, he did, and I repeated it back, then said no permission is given.

Who in their right mind would agree to such a massive data grab? Consumers and employees who do not understand what all that meant and how such information could be used against them, that's who. I swear, any statements of this nature should begin with a version of the Miranda Rights – "all your data can and will be used against you…"

It's truly alarming how easily insurers can trick people into giving them too much information.

Anyway, I managed to secure a health insurance policy with my privacy at least partly intact. But then came the follow-up survey with another scary, data-driven scenario.

The survey focused on what future policies I would be most likely to buy. All of the suggested ideas heavily favored the insurer, of course, but was worded as if the consumer would benefit greatly. One example: make a lifetime commitment to the insurer in exchange for a policy that adapted to my life stages over time. Sure, it makes sense to legally tie yourself to future policies when you have no idea what the costs and benefits of each of those iterations would be. No, I think I'll keep my options open, thank you.

And on it went. Isn't this a great idea, and this one too? Which of these five outstanding ideas do you most want?

One of those "great ideas" was a very low or no deductible policy with very low monthly premiums if I would agree to wearing a wearable of the insurer's choice 24/7 and "meet biometric goals." No mention of what said biometric goals would be or who would set them.

Where do I start with the list of possible biometric abuses? How about weight? The insurer could conceivably refuse to pay any insurance claims if I fail to meet the biometric goal of weight, which they might set at an unreasonable amount. But even if they choose a reasonable weight goal for me, maybe I gain five pounds during the holidays, and bam they don't have to pay any claims until I lose it again, or for the next six months or longer, even if I do lose the pounds, as a penalty for not meeting "my biometric goals."

Traps of this nature are cloaked in the seemingly innocuous effort to make people personally responsible for their health. On the surface that doesn't seem like a bad idea, but in practice it could be easily abused and the perfect excuse for getting out of paying claims for any number of trumped-up reasons.

My advice for employers is to steer clear of such policies entirely. Warn your employees against agreeing to vague insurance language, particularly if it requires them to commit for long periods or to wear a wearable. Educate your employees what data collection permissions actually mean and how it can and likely will be used against them.

Remember, employers use health insurance to attract and retain key talent. That goal will not be met if the insurer turns down more claims than it pays and thus unduly frustrates your employees.

As for the self-employed, stay vigilant. It is never, ever to your benefit to give away too much information, particularly when it comes to insurance of any kind. 

If you are a health insurer, be open about what data you will collect, why you will collect it, how much of it is protected by laws such as HIPAA, whether or not it will be de-identified, and exactly what you plan to do with all the data you collect. Vague, confusing language raises suspicion about your motives -- as does grabbing more data than you actually need. When you want to know every candy bar I bought at the grocery and the drug store, for example, you're majorly over-stepping.