Your Personal Data Used Against You

by Dr Nick

Your Data but Who Owns It

Your Data but Who Owns it?

This excellent piece by ProPublica and NPR: Health Insurers Are Vacuuming Up Details About You — And It Could Raise Your Rates is part of a series – The Health Insurance Hustle by Marshall Allen that offers insights into the data-rich world we are entering and how this information may well be used against you – or more worrying may already be used against you. More on that later but first a peek into the insurance payment system that puts you at risk for a transaction you have no control or even visibility to.

The first article in the series Why Your Health Insurer Doesn’t Care About Your Big Bills made for some pretty sobering reading with a long detailed account of Michael Frank, the consulting healthcare actuary who had the misfortune of needing a knee replacement that cost $70,000 – more than 3 times the Medicare rate paid to NYU Langone. “Covered” by his insurance – but not really given the 10% he was required to pay on a bill he considered grossly inflated. It is hard to imagine someone better equipped to query, understand and ultimately contest inflated charges

“if you imagined the perfect person to take on insurance companies and hospitals, it might be Frank.

In fact, he has spent the last 30 years working for insurance companies helping them assess how much people should be paying in premiums and was the president for Actuarial Society of Greater New York and has taught actuarial science at Columbia University as well as acting as an expert witness. If you want a sense of his detailed analysis – this picture of the folders and notes captures his work succinctly

Healthcare Finance, Billing
Image Credit: ProPublica

The system is opaque to everyone but the healthcare system and the insurance providers

three-party transaction in which only two of the parties know how the totals are tallied

Without transparency we will never know the reality fo the bill, who actually got paid what, the refunds, discounts post billing applied

A point repeatedly made in Dave Chase (founder of Healthcare Rosetta) detailed in his book: CEO’s Guide to Restoring the American Dream – where he lays out the case for fixing healthcare with small incremental steps for companies who are breaking under the strain of healthcare costs. His 5 incremental steps to address the debilitating drain on our economy and personal finances include of course transparency in pricing:

  • Primary care
  • Transparency on pricing
  • Employee concierge services
  • Independent third-party administration of health plans, and
  • Heightened fiduciary oversight on health insurance spending


The Court Battle

But in Michael’s court appearance, NYU Langone’s attorney, Anton Mikofsky stated:

The case is simple, he said. “The guy doesn’t understand how to read a bill.”

The tale ends poorly with a settlement out of court that reduces the bill he paid, encumbered by the fear of facing a large organization, with deep pockets and the high risk of losing on a technicality in a system that is as he put it “stacked against the consumer”


Hu-Manity – The 31 Data Right

In the second in the series, Marshall Allen creates another compelling and troubling read. Healthcare companies (and probably every company) are ingesting everything they can get their hands on about you. The details of this mass ingestion of every piece of data about you into healthcare databases (which in case you missed it – does not get covered by HIPAA protections) offers a peek into a future where services, insurance, and treatment may be declines based on your social activities.

The companies are tracking your race, education level, TV habits, marital status, net worth. They’re collecting what you post on social media, whether you’re behind on your bills, what you order online

While the methods are “improved” the behavior is not new:

The industry has a history of boosting profits by signing up healthy people and finding ways to avoid sick people — called “cherry-picking” and “lemon-dropping,”… Among the classic examples: A company was accused of putting its enrollment office on the third floor of a building without an elevator, so only healthy patients could make the trek to sign up. Another tried to appeal to spry seniors by holding square dances.

It’s just a more sophisticated technology-based version of behavior that is inherent in the system. One that is captured by 3 words

Follow the Money

This behavior is not confined to healthcare and there are many instances in other industries in the US – employers were early adopters when reviewing candidates. What other reason could there be for a prospective employer to ask for permission to dig into your credit score when you apply for a job (I personally experienced this for a job application over 10 years ago)

And China appears to be leading the charge of extending this to everything with their social credit scoring mechanisms to determine what you can buy, where you can live and shaming anti-social behavior and ultimately fining perpetrators.

Which makes the Black Mirror Episode Nosedive even more troubling as terrifying fiction becomes reality



But we Use Data for Good

When challenged about their use of this data Aetna made a statement that it only uses the supplement its clinical and claims data

The information is used to reach out to members and help them and plays no role in pricing plans or underwriting

But see above – even when the intentions are good the need to follow the incentives remain. In the case of any healthcare insurers, what are the incentives driving behavior? They are a for-profit company whose shareholders expect a return on their financial investment which means reducing costs and expenditure.


Follow the Money

This captures the drivers of behavior in so many instances I’ve asked my family to place this on my headstone. I have found over time that if you are struggling to understand behavior the answer is more often than not found in this driver. Not to suggest that people are not good, generous and giving. Not to suggest that everyone and all corporations are evil – but even when goodness pervades and the intention is to do the “right thing” – oftentimes the right thing depends on the perspective of underlying drivers.

All this makes the case for the 31st Human right: The right to ownership control of your own personal data with the founder Richie Etwaru leading the charge where they view your data as your right of ownership with control to do with it as you decide not as others

Inherent human data is bought, sold, and used in a global human data marketplace without being classified as property leaving us no choice or control as to where, how, when or by whom our inherent human data is used.


Human right #31 is a decentralized human right declared as “Everyone has the right to legal ownership of their inherent human data as property“ and an addition to the existing 30 human rights adopted by the United Nations in 1948 and bestowed to every human at birth. Without human right #31 to assure that our data is our property, organizations will continue to buy, sell and use it without our having choice or control as to where, how, when or by whom it is used.




In Europe the new General Data Protection Regulation (GDPR) – a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). As one commentator put it:

In Europe, data protection is a constitutional right


What Incremental Steps on Personal Data Protection

Until we have such protections in place and the Humanity system is up and running I suggest the following:

  1. Check out what Lexis Nexis has gathered about you and is selling to any company willing to pay them for the information – you can get the form here
  2. Review All your Relationships with All Organizations which includes Declining to Share Information
  3. Review All “Agreements” and Decline to Sign or Approve those that insist on Sharing Your Data without Your permission


For me personally, I’m using this opportunity to make a clear public statement about my personal information that I can refer back to at any point to any organization, corporation or even individual, that I am doing business with or will do business within the future:

  1. If I ever gave permission either intentionally or unintentionally for you to use my personal data I rescind such authorization immediately
  2. If I was forced to give permission to use my data to allow me to use your product or solution by being required to “accept” your “Acceptable Use Policy” AUP – I rescind all such acceptance and authorization
  3. If I ever agreed to you sharing my data with anyone either intentionally or unintentionally I rescind such authorization immediately
  4. Should you want to use my data in the future you must obtain permission from me prior to use or sharing


It feels like a hollow gesture at this point but rather than fully ceding control it makes me feel a little better – but alwasy interested in new ideas or thought so leave me your suggestions in the comments below



You can also follow me here on medium, on twitter, or on facebook or Sign up to receive my posts each week

Leave a comment



This site uses Akismet to reduce spam. Learn how your comment data is processed.