Home » privacy
Category Archives: privacy
We cannot make this stuff up. HR 1313, The Preserving Employee Wellness Programs Act, has a provision specifically designed to screen children for genetic defects. Don’t take our word for it. Here is the language of Section 3(b):
Notwithstanding any other provision of law, the collection of information about the manifested disease or disorder of a family member shall not be considered an unlawful acquisition of genetic information with respect to another family member as part of a workplace wellness program.
This wasn’t an oversight due to some obscure language — the entire bill fits on a page. It just passed the House Education and Workforce Committee and is headed to Ways and Means. We need to stop it now. It basically says, you can ignore the Genetic Information Non-Disclosure Act as long as the genetic testing is part of a wellness program.
Aetna’s Employee DNA Collection Obsession Combines Junk Science, Junk Arithmetic, and Junk Integrity
It seems like most of my columns should or do start with a line like: “Just when you thought it couldn’t get any worse…”
Well, this time it really can’t get any worse. Aetna’s obsession with collecting employee DNA has truly reached the pinnacle of junk science, junk arithmetic, and junk integrity. (Not to mention junk privacy, as our guest-posting privacy expert noted.)
Junk Science and Junk Arithmetic
By way of background, we have already chronicled not just the junk science of using employee DNA to predict and prevent diabetes, but also the inability of their partner organization, Newtopia, to understand fifth-grade math. Nonetheless Newtopia wants us to trust their understanding of PhD-level science — and also trust them to store our DNA. (Like many vendors who were absent the day the teach taught arithmetic, they took their fuzzy math off their website following our instructional posting. We never received a thank-you note for this free consult, in case you were wondering.)
That same posting covered their reference site-from-hell, in which only a small fraction of employees participated, and the customer complained about the price tag, which is the wellness industry’s highest, @$500 per employee.
That price tag means claiming an ROI at the industry standard level of 3-to-1 requires fabricating far greater savings than wellness vendors usually fabricate. For instance, Ron Goetzel says programs should cost $150 and save $450. (Note: in all fairness he doesn’t say that any more. After our initial exposes, he retreated to a 1-to-1 ROI, as he admitted during our debate. Most recently he’s even backed off that. Now he says most programs fail.)
But showing that industry-standard ROI on a $500 program requires concocting savings approaching $1500/employee in the first year alone, an industry record. And did we mention that ROI was achieved on employees who were specifically selected for having nothing wrong with them to begin with, other than the possibility of getting metabolic syndrome at some point later in their lives? (Or as we originally wrote, these employees were “at risk for being at risk”.)
Oh, yes, and there was no clinically or statistically significant improvement in the set of health indicators that Aetna measured? And that Aetna was a co-author of the HERO study showing wellness loses money?
We said all this — posted it right on The Health Care Blog. Then the most amazing thing happened. One of the members of the editorial advisory board of the Journal of Occupational and Environmental Medicine (JOEM) –a trade journal with a long and glorious history of publishing suspect claims about the wondrous world of workplace wellness — essentially apologized in the comments. Specifically, he agreed the study never should have gotten past peer review. This wasn’t just any member of their board. This was the only member, Nortin Hadler, who has an actual national reputation in population health, having written many successful, influential and well-reviewed books on screening, overtreatment, and the harms of pushing people into the medical system.
So far, all we have noted is that Aetna has combined junk science with junk math. Next is where the junk integrity comes in. Just to set the stage by recapping the points above:
- Aetna must have already known their outcomes are made up because no one in population health –and very few people not in population health — could possibly think you could save $1400/person on healthy people in 12 months without doing anything other than assigning an “inspirator” to tell them to eat more broccoli, DNA or no DNA;
- They did already know wellness loses money because they co-authored the HERO report saying wellness loses money;
- If they genuinely had no idea their outcomes were made up, they would have learned that when they read my proof — a mathematical proof, not open to dispute like a scientific proof;
- And if they still doubted it, they could have read the comment by Nortin Hadler.
What does a wellness vendor do in these situations? Simple. It recalls the words of the French General Ferdinand Foch: “My left is collapsing. My right is in retreat. I shall attack.”
Their PR department called Bloomberg, had them assign a reporter completely new to the wellness beat, and then wheedled a complete puff piece out of her, crossing their fingers that the reporter wouldn’t google this thing, which would have created a front-page story.
In the Bloomberg paean, Aetna’s thesis is that best way to motivate people to lose weight is to tell them their genes make it very difficult to lose weight. If that logic doesn’t resonate with you, you have company. Here is a quote from that article — one single quote — that basically invalidates the entire remainder of the story, puff piece or not:
George Annas, a bioethics professor at Boston University, cautions against reading too much into DNA tests. “The chance that they have a genetic test that can determine if you’re prone to be fatter than other people is very, very unlikely,” he said. “What [Newtopia] really seems to be saying is that if you tell people that you have a genetic condition that may predispose you to be overweight, that may motivate people.” For some, he said, DNA testing could have the opposite effect: If someone is predisposed to gaining weight, then why bother dieting or exercising?
Speaking of things which have almost no chance of happening, here are two more. First, we’ve asked JOEM for a formal retraction, given that the study was admitted by Dr. Hadler (who hadn’t seen it pre-publication) to be blatantly wrong. Second, Aetna isn’t likely to apologize either, any more than they did for their last foray into wellness, which involved pitching some of the most controversial drugs on the marketplace to patients who weren’t even sick and didn’t ask for them. Instead, they will probably double down on DNA.
The behavior of both JOEM and Aetna can be explained with an old Chinese proverb: “When you are riding a tiger, the hardest thing is getting off.”
Nice to see that the mainstream media has caught up to us in raising the call about wellness programs as an affront to worker privacy. Better late than never.
Privacy advocates see a void of regulation or even voluntary standards to ensure the information is used as intended. By all accounts the amount of worker wellness data being collected — through the Web, company surveys, wearable devices, gym records and lab tests — is exploding.
“The privacy issues are profound,” said Pam Dixon, executive director of the World Privacy Forum, an advocacy group. “If people are being asked to wear a biometric electronic device, or use a mobile app or work within a wellness program, that data can be used in ways that may be very, very surprising to people.”
Numerous wellness vendors say flatly that privacy is critical to their reputation and that they don’t share information on individual workers with employers, data brokers or marketing companies. But as the Houston employees found out, the fine print isn’t so plain or reassuring.
Read the entire CNN/Kaiser Health News article here. We encourage employees not to divulge personal information on HRAs and other intrusive surveys. Most people don’t need us to tell them that. If HRA information is to be believed, we are a nation of teetotalers and occasional social drinkers.
Your health information is your business. That’s why we started Quizzify. No personal health information requested or recorded. EVER.
Our colleague, privacy expert Anna Slomovic, has put up at her blog an excellent essay on the emergence of genetic testing in workplace wellness programs.
We need to question the voluntariness of participation in wellness programs, the value of the testing being offered, and the appropriateness of wellness vendors exploiting the information they collect. This is even more important when genetic information is involved.
John Hancock Insurance recently announced a plan to sell life insurance based on healthy behaviors. You get a discount on life and disability insurance for exercising and reporting good blood values on an ongoing basis, not just once when you sign up.
While we have been quite vocal in saying wellness is a waste of money and potentially injurious to health and morale (and lately the two wellness trade associations themselves have candidly supported that position), we find Hancock’s strategy to be a shockingly good idea.
There are many distinctions between Hancock’s offering and health insurance. First, life and disability insurance are opt-in products. No one is forcing you to buy them in order to get health insurance at work, or fining you if you don’t. No one is violating USPSTF guidelines, screening the entire workforce, or making you get checkups that are worthless at best.
Second, the same numbers that don’t remotely add up for wellness add up quite elegantly for life and disability. Cut 50% out of your heart attack rate for the latter and you probably reduce overall claims payout by 5%. Cut 50% out of your heart attack rate for health insurance and you reduce overall claims payout by less than 1%. Additionally, Hancock can possibly accomplish that goal through underwriting. An employer doesn’t have that option. So besides being worth more, a 50% reduction is achievable.
Finally, they should be able to generate some good self-selection into this product. People have to be willing to give up some privacy, and our colleague Anna Slomovic is quoted on this topic in the article in the New York Times, but as long as you know what risk you are taking and as long as there is some recourse, it isn’t the same thing as being forced to reveal personal information for a wellness program.
One asterisk: the article says they are relying on Vitality to come up with the risk adjustments. I doubt seriously that is the case. Hancock has real grownup actuaries whose job it is to price these risk adjustments. We assume the article is wrong — Hancock isn’t going to rely on a vendor that can’t even quote Dee Edington correctly and doesn’t understand how to design a study.
Absent that asterisk, we are confident that they will be successful and wish them the best of luck.
Al and I are very pleased to present our first guest post. This insightful essay, by privacy expert Anna Slomovic, explores a vital issue that, like so many important and complex things in wellness, gets ignored or dismissed. Our thanks to Anna for allowing us to post her work.
Most American companies, particularly large employers, now have wellness programs. These programs can have many different components, including detailed health risk assessments (HRAs) and biometric screenings, wearable fitness devices that count steps, and mobile apps that track what food employees buy or eat. When employees ask about the rules that govern use and disclosure of wellness data, the typical response is that the data is “kept private” and is “safe and secure.” Unfortunately, such general reassurances hide the complexity of the privacy rules for data in wellness programs. In fact, the data may travel more widely than wellness proponents may want us to know, and employees are unlikely to understand all the allowable uses and disclosures of the data.
One complication comes because wellness programs may be part of a health plan or may be separate from a health plan. Different rules apply, depending on a program’s structure. Another complication is that wellness data exists in different databases controlled by different companies. The privacy rules that apply depend on who holds the data. The same data may be under different protections in different places.
Let’s start with HRAs and biometric screenings for cholesterol or blood sugar, blood pressure, and weight. These wellness initiatives are most likely part of a health plan because they meet the definition of “medical care” in federal law. When data is part of a health plan, it is subject to the Privacy Rule of the Health Insurance Portability and Accountability Act (HIPAA), the main health privacy law in the United States. HIPAA permits many uses and disclosures for health-related purposes without requiring individual consent, including data analysis for health plan sponsors, outcomes evaluation, and development of treatment guidelines. Nevertheless, the HIPAA Privacy Rule imposes some meaningful use and disclosure protections for individuals. Among the most important in the employment context is the requirement that an employee must specifically authorize use of HIPAA-covered data for employment-related decisions. Employers comply with HIPAA requirements by hiring vendors to collect and analyze individual-level data and by having the vendors deliver only aggregate or statistical results.
Not all wellness initiatives meet the definition of “medical care,” and these initiatives can be offered inside or outside a health plan. For example, many employers have programs that offer employees discounts on wearable fitness devices, or points and rewards for taking a specific number of steps, using an app that tracks what food they buy or eat, or working out at a gym. These activities are not “medical care,” and can be offered as part of benefits unrelated to health, where HIPAA does not apply.
For non-HIPAA data collected through wellness programs, the only privacy rules that apply are what participating companies and employers devise. The privacy framework is even less robust for many fitness-related devices and apps. Many do not have privacy policies. Several studies show that even in cases where privacy policies exist, they often permit broad uses and disclosures, including operations, personalization, improvements to apps, devices and services, research, and marketing and promotion, all performed by the companies themselves or their partners.
Of course, the story does not end with data collected by individual companies. Data from apps and devices can be combined with other public or private data, and many device and app features depend on this. The other data might come from gyms (to verify attendance and workouts), supermarkets (to verify food purchases), vendors of rewards catalogs where rewards points can be redeemed for merchandise, or from companies that have historical weather data or list locations of restaurants and other types of businesses. By combining data from various sources, the device or app maker might be able to give feedback to the user about their monitored eating and exercise patterns, or notify the user about rewards for which she qualifies. Although all these companies collect, use and disclose data related to a wellness program, none is subject to the HIPAA Privacy Rule or probably to any other privacy law.
Robust wellness programs can build a detailed picture of an individual life by combining data collected via HRAs, biometric screenings, devices, apps, activity on health portals, health claims, attendance records provided by employers, and public data. Employees will rarely know who has the data, what privacy rules apply, or what rights, if any, the employer has.
Simple reassurances that the data is “kept private” and is “safe and secure” are not nearly enough. Wellness programs need much greater transparency about their structure, participating companies, and data flows, policies, and practices. Only then can employees understand the true stakes of seemingly innocuous wellness programs. Employees also need the right to opt out of any wellness program, without penalty, on the grounds that they refuse to give up their privacy.
Anna Slomovic is a privacy consultant and scholar. She was formerly a Chief Privacy Officer of several companies in health and financial services. You can learn more about her at www.annaslomovic.com.