Health and life insurance companies have access to a powerful new tool for evaluating whether to cover individuals: a health “credit report” drawn from databases containing prescription drug records on more than 200 million Americans.
Collecting and analyzing personal health information in commercial databases is a fledgling industry, but one poised to take off as the nation enters the age of electronic medical records. While lawmakers debate how best to oversee the shift to computerized records, some insurers have already begun testing systems that tap into not only prescription drug information, but also data about patients held by clinical and pathological laboratories.
Traditionally, insurance companies have judged an applicant's risk by gathering medical records from physicians' offices. But the new tools are far more powerful because they are “electronic, fast and cheap,” said Mark Franzen, managing director of Milliman IntelliScript, which provides consumers' personal drug profiles to insurers.
The trend holds promise for improved health care and cost savings, but privacy and consumer advocates fear it is taking place largely outside the scrutiny of federal health regulators and lawmakers.
Ingenix, a Minnesota-based health information services company that had $1.3 billion in sales last year – and Wisconsin-based rival Milliman – say the drug profiles are an accurate, less expensive alternative to seeking physician records, which can take months and hundreds of dollars to obtain. They note that consumers authorize the data release and that the services can save insurance companies millions of dollars and benefit consumers anxious for a decision.
“Some insurers can make a decision in the same day, or right on the spot,” Franzen said. “That's the real ‘value-add.'”
But the practice also illustrates how electronic data gathered for one purpose can be used and marketed for another – often without consumers' knowledge, privacy advocates say. And they argue that although consumers sign consent forms, they effectively have to authorize the data release if they want insurance.
“As health care moves into the digital age, there are more and more companies holding vast amounts of patients' health information,” said Joy Pritts, research professor at Georgetown University's Health Policy Institute. “Most people don't even know these organizations exist. Unfortunately the federal health privacy rule does not cover many of them. … The lack of transparency with how all of this works is disturbing.”
Ingenix and Milliman create the profiles by plumbing rich databases of prescription drug histories kept by pharmacy benefit managers (PBMs), which help insurers process drug claims. Ingenix, for instance, has servers in the PBM data centers, updating the drug files as frequently as once a day, said John Stenson, senior vice president of consulting for Ingenix, a division of UnitedHealth Group. The corporation also owns UnitedHealthcare, the nation's second-largest insurer.