Inside the Health Data Industry's Opaque Diagnosis: A Q&A With Author of 'Our Bodies, Our Data'
As the Reuters bureau chief for the Balkans living in Serbia from 2008-2011, Adam Tanner grew accustomed to maneuvering in the shadows in places with authoritarian tendencies in the hopes of illuminating what was really happening in government and society. Turns out his experiences attempting to uncover practices of the data industry aren't much different in that way.
"Having also worked for five years in Russia in the 1990s, I would say the similarities are that there are many opaque corners of these societies that authorities would rather not shed light on," said Mr. Tanner, author of "Our Bodies, Our Data," his second book on the topic of the data industry. "Similarly, many in the big health data bazaar would prefer to continue their lucrative trade without much public attention."
The fact that the health, pharma and medical data sector, not unlike the data industry as a whole, is less-than-transparent is no secret. In fact, the subject has been covered here in Ad Age (which, coincidentally, has its roots in the medical industry through Crain's very first publication in 1916, Hospital Management).
Mr. Tanner, a writer in residence at Harvard University's Institute for Quantitative Social Science and Snedden Chair in Journalism at the University of Alaska Fairbanks, realized while writing his first book about the labyrinthine data industry, "What Stays in Vegas: The World of Personal Data ‑ Lifeblood of Big Business," that the health data sector was its own black box to peek into, warranting its own book dedicated to the topic.
In his research he uncovered the fascinating history of the world's leading provider of health data, QuintilesIMS, known as IMS Health before a $9 billion merger between IMS Health Holdings and Quintiles Transnational Holdings last year. He addresses privacy questions about how sensitive data is "anonymized," and delves into the players and processes that gather, combine and sell pieces of data representing the medical lives of just about anybody who's visited the doctor, filled a prescription, or signed up for a health insurance plan.
Ad Age interviewed Mr. Tanner about his attempts to uncover health data practices, and whether he thinks rules guiding security and privacy could use a fresh look.
Ad Age: You refer often to the fact that people working in the health and medical data field are reluctant to discuss their practices. It's true that the sector, not unlike the broader data industry, tends to be on the defensive, particularly when asked about privacy issues. Are there any examples of companies in the space conducting consumer education campaigns in an effort to improve how they're perceived?
Adam Tanner: I'm not sure I'd use the word "defensive," but most are not especially forthcoming about how they operate. In general, both data brokers, which gather profiles on millions of named consumers, and medical data miners, which gather dossiers on millions of anonymized patients, are reluctant to talk publicly about their practices. Among data brokers, Acxiom was first to crack open the door somewhat a few years ago when it allowed individuals to see part of their profiles at AboutTheData.com. Medical data miners could do a lot more to illustrate what they say are major benefits for science from their gathering of intimate information without patient consent.
Ad Age: The Health Insurance Portability and Accountability Act, which guides what corporations can and cannot do with health data, was established in '96. In the past two decades, data techniques and technologies have advanced drastically. Considering data can be re-identified or combined to form a near-clear picture of an individual even without personally identifiable information, does HIPAA need an update?
Mr. Tanner: Since then, computers have become far more powerful, and storing huge amounts of data has become much cheaper. These factors make it increasingly possible to re-identify anonymized dossiers collected by data mining companies. For that reason, I think we should consider extending HIPAA-style protections to all our medical data, whether anonymized or not.
Ad Age: What companies or practices did you report on or attempt to report on in "Our Bodies, Our Data" that were the most difficult to get people to discuss?
Mr. Tanner: It might be illustrative to mention those executives who were especially forthcoming, which also contrasts with those who were less eager to cooperate. A top CVS executive openly discussed the sale of anonymized patient data; other pharmacy chains did not. Quest was especially helpful among labs selling anonymized patient blood, urine and other testing results. Many former top officials at the biggest data miner IMS Health generously shared their time, but currently company officials mostly preferred not to cooperate.
Ad Age: While writing your earlier book about data privacy issues, "What Stays in Vegas," you discovered the health and medical data industry was so pervasive and complex, it warranted its own book. Is financial data -- another highly regulated type of information -- next for you?
Mr. Tanner: The ethics of how companies use our personal data and the impact these practices have on our lives and our society remains a topic of particular interest to me. I'm also looking at the impact of globalization and immigration.