Skip to main content
Sister Publication Links
  • ESG: THE NEW IMPERATIVE
Subscribe
  • Sign Up Free
  • Login
  • Subscribe
  • News
    • Current News
    • COVID-19
    • Providers
    • Insurance
    • Government
    • Finance
    • Technology
    • Safety & Quality
    • Transformation
    • People
    • Regional News
    • Digital Edition (Web Version)
    • Patients
    • Operations
    • Care Delivery
    • Payment
    • Midwest
    • Northeast
    • South
    • West
  • Digital Health
  • Insights
    • ACA 10 Years After
    • Best Practices
    • Special Reports
    • Innovations
  • Opinion
    • Bold Moves
    • Breaking Bias
    • Commentaries
    • Letters
    • Vital Signs Blog
    • From the Editor
  • Events & Awards
    • Awards
    • Conferences
    • Galas
    • Virtual Briefings
    • Webinars
    • Nominate/Eligibility
    • 100 Most Influential People
    • 50 Most Influential Clinical Executives
    • Best Places to Work in Healthcare
    • Excellence in Governance
    • Health Care Hall of Fame
    • Healthcare Marketing Impact Awards
    • Top 25 Emerging Leaders
    • Top 25 Innovators
    • Diversity in Healthcare
      • - Luminaries
      • - Top 25 Diversity Leaders
      • - Leaders to Watch
    • Women in Healthcare
      • - Luminaries
      • - Top 25 Women Leaders
      • - Women to Watch
    • Digital Health Transformation Summit
    • Leadership Symposium
    • Social Determinants of Health Symposium
    • Women Leaders in Healthcare Conference
    • Best Places to Work Awards Gala
    • Health Care Hall of Fame Gala
    • Top 25 Diversity Leaders Gala
    • Top 25 Women Leaders Gala
    • - Hospital of the Future
    • - Value Based Care
    • - Supply Chain
    • - Hospital at Home
    • - Workplace of the Future
    • - Digital Health
    • - Future of Staffing
    • - Hospital of the Future (Fall)
  • Multimedia
    • Podcast - Beyond the Byline
    • Sponsored Podcast - Healthcare Insider
    • Video Series - The Check Up
    • Sponsored Video Series - One on One
  • Data Center
    • Data Center Home
    • Hospital Financials
    • Staffing & Compensation
    • Quality & Safety
    • Mergers & Acquisitions
    • Data Archive
    • Resource Guide: By the Numbers
    • Surveys
    • Data Points
  • MORE +
    • Contact Us
    • Advertise
    • Media Kit
    • Newsletters
    • Jobs
    • People on the Move
    • Reprints & Licensing
MENU
Breadcrumb
  1. Home
  2. Technology
April 07, 2018 01:00 AM

How third parties harvest health data from providers, payers and pharmacies

Rachel Z. Arndt
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print
    Getty Images/Ikon Images

    As the healthcare industry continues to struggle with interoperability, there's one realm in which patient data move remarkably freely: the secondary market.

    Indeed, hackers aren't the only ones making money off of patient health data. Legitimate companies are cashing in too, including health systems, pharmacies and occasionally electronic health record vendors—and the third parties purchasing the data.

    These third parties get de-identified health information from a vast array of sources and then sell the information on a secondary market to buyers interested in gleaning strategy insights. Buyers might be pharmaceutical firms intent on refining their marketing strategies, figuring out where to invest next, or how to target clinical trials. A large pharmaceutical company might pay between $10 million and $40 million per year for data, consulting and services from Iqvia (formerly IMS Health), one of the dominant players in the market, according to Adam Tanner in the book Our Bodies, Our Data: How Companies Make Billions Selling Our Medical Records.

    As long as the data are de-identified, sharing them is fine under the HIPAA privacy and security rules.

    "Even small pools of data about patients that have the exact disease a company is trying to sell into are very valuable," said John Gardner, a partner with NGP Capital.

    Big money on the secondary market

    IQVIA:

    • FORMERLY: The company is the result of a 2016 merger between IMS Health Holdings and Quintiles Transnational Holdings
    • DATA PORTFOLIO: More than 530 million de-identified patient records from more than 100 markets
    • 2017 REVENUE: $8 billion
    • DATA COME FROM: Providers, payers, pharmacies
    • DATA GO TO: Biotech, medical-device and pharmaceutical companies; medical researchers; government agencies; payers and others
    Source: Modern Healthcare research

    The data come from such third parties as Iqvia, which had $8 billion in revenue in 2017 and has agreements with more than 120,000 sources around the world to get anonymous patient data. It collects the data from providers, payers, and pharmacies, according to Kim Gray, Iqvia's chief privacy officer. Rarely, she said, do they get data from EHR vendors.

    Gray would not say definitively whether Iqvia pays hospital systems for patient data. "There are a wide variety of arrangements that exist among our data sources that compensate them," she said.

    Even when data appear to come from a hospital, they are technically arriving via a technology partner. Vendor contracts with health systems sometimes include clauses that authorize the vendor to facilitate the data transfer, said Nilesh Chandra, senior leader in PA Consulting's healthcare business.

    While health systems themselves own their patient data, EHR vendors still have a great deal of control over it, both legally and technologically. It can be tough, however, to nail down which vendors are actually selling patient data to third parties.

    "It's the EHR vendor who's aggregating provider data, then de-identifying them, and then, at their discretion, monetizing or commercializing them," said Scott Kolesar, Ernst & Young's U.S. health tech innovation leader. "The owners of the information in terms of being in a position to take it into the secondary market are the EHR vendors themselves. In many of their contracts, they seek the use of de-identified data to do research or to provide broad-based analytics to a larger community."

    For instance, Practice Fusion's provider user agreement includes provisions that allow it to sell de-identified information "for any purpose without restriction." The company has charged $50,000 to $2 million for longitudinal data sets, according to Tanner.

    Not all vendors conduct such practices or include such clauses. Epic Systems Corp., for one, doesn't, according to a company spokesperson.

    But just because a company isn't selling patient data now doesn't mean it won't in the future. "They're thinking about doing it as a way of extending their business model and to take advantage of the value in the data," Kolesar said. That's a strategic decision, he added, because these vendors understand that their enterprise applications are becoming less and less necessary as smaller apps gain ground.

    As more players get into the data-sharing game, more patients' data are at risk of breaches that affect security and privacy alike. "Just because something is anonymized, it is still possible to identify who that is when you merge that record with other records that are available," said Sam Hanna, director of George Washington University's online master's degree in health informatics program.

    Hanna compared what's possible with patient data to what happened with Cambridge Analytica, the firm that combined data from personality tests and Facebook profiles with voter records and other information. "That could happen in the healthcare field," he said. "Detailed consent is key for the patient to understand that their data could be used for something like this."

    Healthcare organizations should also be looking at how to make the data even harder to re-identify, said Eric Gascho, vice president of government affairs and policy for the National Health Council. "It's of utmost concern," he said

    Even when the data are used for good—for research and precision medicine, for example—there are still risks.

    "Harnessing that data for research purposes and targeted therapies is all great unless it falls into the wrong hands," Hanna said. It's crucial, therefore, that the organizations holding the data protect it, he said. "It's a balance between data privacy and data utility."

    Letter
    to the
    Editor

    Send us a letter

    Have an opinion about this story? Click here to submit a Letter to the Editor, and we may publish it in print.

    Recommended for You
    money arrows decrease down 2.png
    Changing employer market leaves digital health companies rethinking strategy
    Two pill bottles from Amazon Pharmacy
    Amazon rolls out generic drug subscription service
    Most Popular
    1
    More healthcare organizations at risk of credit default, Moody's says
    2
    Centene fills out senior executive team with new president, COO
    3
    SCAN, CareOregon plan to merge into the HealthRight Group
    4
    Blue Cross Blue Shield of Michigan unveils big push that lets physicians take on risk, reap rewards
    5
    Bright Health weighs reverse stock split as delisting looms
    Sponsored Content
    Health IT Strategist (HITS) Newsletter: Sign up for the latest IT and medical technology news delivered 3 days a week (M, W, F).
     
    Get Newsletters

    Sign up for enewsletters and alerts to receive breaking news and in-depth coverage of healthcare events and trends, as they happen, right to your inbox.

    Subscribe Today
    MH Magazine Cover

    MH magazine offers content that sheds light on healthcare leaders’ complex choices and touch points—from strategy, governance, leadership development and finance to operations, clinical care, and marketing.

    Subscribe
    Connect with Us
    • LinkedIn
    • Twitter
    • Facebook
    • RSS

    Our Mission

    Modern Healthcare empowers industry leaders to succeed by providing unbiased reporting of the news, insights, analysis and data.

    Contact Us

    (877) 812-1581

    Email us

     

    Resources
    • Contact Us
    • Advertise with Us
    • Ad Choices Ad Choices
    • Sitemap
    Editorial Dept
    • Submission Guidelines
    • Code of Ethics
    • Awards
    • About Us
    Legal
    • Terms and Conditions
    • Privacy Policy
    • Privacy Request
    Modern Healthcare
    Copyright © 1996-2023. Crain Communications, Inc. All Rights Reserved.
    • News
      • Current News
      • COVID-19
      • Providers
      • Insurance
      • Government
      • Finance
      • Technology
      • Safety & Quality
      • Transformation
        • Patients
        • Operations
        • Care Delivery
        • Payment
      • People
      • Regional News
        • Midwest
        • Northeast
        • South
        • West
      • Digital Edition (Web Version)
    • Digital Health
    • Insights
      • ACA 10 Years After
      • Best Practices
      • Special Reports
      • Innovations
    • Opinion
      • Bold Moves
      • Breaking Bias
      • Commentaries
      • Letters
      • Vital Signs Blog
      • From the Editor
    • Events & Awards
      • Awards
        • Nominate/Eligibility
        • 100 Most Influential People
        • 50 Most Influential Clinical Executives
        • Best Places to Work in Healthcare
        • Excellence in Governance
        • Health Care Hall of Fame
        • Healthcare Marketing Impact Awards
        • Top 25 Emerging Leaders
        • Top 25 Innovators
        • Diversity in Healthcare
          • - Luminaries
          • - Top 25 Diversity Leaders
          • - Leaders to Watch
        • Women in Healthcare
          • - Luminaries
          • - Top 25 Women Leaders
          • - Women to Watch
      • Conferences
        • Digital Health Transformation Summit
        • Leadership Symposium
        • Social Determinants of Health Symposium
        • Women Leaders in Healthcare Conference
      • Galas
        • Best Places to Work Awards Gala
        • Health Care Hall of Fame Gala
        • Top 25 Diversity Leaders Gala
        • Top 25 Women Leaders Gala
      • Virtual Briefings
        • - Hospital of the Future
        • - Value Based Care
        • - Supply Chain
        • - Hospital at Home
        • - Workplace of the Future
        • - Digital Health
        • - Future of Staffing
        • - Hospital of the Future (Fall)
      • Webinars
    • Multimedia
      • Podcast - Beyond the Byline
      • Sponsored Podcast - Healthcare Insider
      • Video Series - The Check Up
      • Sponsored Video Series - One on One
    • Data Center
      • Data Center Home
      • Hospital Financials
      • Staffing & Compensation
      • Quality & Safety
      • Mergers & Acquisitions
      • Data Archive
      • Resource Guide: By the Numbers
      • Surveys
      • Data Points
    • MORE +
      • Contact Us
      • Advertise
      • Media Kit
      • Newsletters
      • Jobs
      • People on the Move
      • Reprints & Licensing