Your health information might seem secure with your doctor, but the situation is far more complex. Data brokers are collecting various types of sensitive health data—everything from prescriptions to personal identifiers—and selling it to marketers, insurers, and others. These buyers utilize this data for targeted advertising, adjusting insurance premiums, and other uses, often without your knowledge. Understanding who holds your health data, how it’s used, and how it’s shared is crucial for safeguarding your privacy.
Major health data breaches fuel the data broker industry
Many people assume their health data is safe, but consider this: if you’ve ever searched for “early signs of dementia” or filled a prescription for anxiety, there’s a chance that data is being sold to interested parties. A recent breach at Yale New Haven Health exposed sensitive information for about 5.5 million patients. This is not an isolated issue; since 2020, around 94.5 million Americans may have had their Social Security numbers compromised during health data breaches. And concerningly, data brokers are collecting and selling this information on a grand scale. For instance, they can sell a single record for as little as $0.06. So, let’s delve into what these brokers know, who they’re selling it to, and why it matters—especially for vulnerable populations like the elderly.
What types of health information does a data broker sell?
Protected health information is usually kept confidential by doctors and health insurance providers, as required by regulations such as HIPAA. Interestingly, data brokers generally don’t have access to official medical records, but they are not subject to the same regulations. This means they can legally compile and sell a variety of information:
- Fitness app data: Information on your step count, heart rate, and calories burned.
- Symptom-related Google searches: Queries like “early signs of dementia” or “knee pain at night.”
- Pharmacy purchases: Details about both prescriptions and over-the-counter medications.
- Wellness quizzes and online forms: Tools asking questions like “What is your biological age?” aren’t just for fun.
- Social media posts and interactions: Public commentary on health matters and support groups.
- Location data: Visits to medical facilities or pharmacies.
This doesn’t stop here; additional non-health data—like shopping preferences—are often combined to create detailed health profiles.
The reason for selling your health data is more dangerous than you think
The implications of having your health information sold are serious. When this data falls into the wrong hands, it can lead to:
- Increased insurance costs: Insurers may charge more based on inferred health risks.
- Scams targeting vulnerable individuals: Lists of people categorized by conditions like dementia or heart disease could be exploited.
- Privacy violations: Sensitive details about mental health issues or fertility treatments may be revealed.
- Discriminatory practices: Employment or housing discrimination could stem from health-related data.
- Resale of information: Once sold, it becomes hard to track where it goes.
Moreover, there’s a growing concern about large-scale data collection, which could inadvertently expose personal information with minimal safeguards.
8 Ways to Protect Health Data from Data Brokers
Are you unsettled about who might access your health data? While we can’t prevent every breach or broker from operating, there are steps you can take to limit data collection and sharing. Here’s how to manage your digital health footprint:
1) Consider using a Personal Data Deletion Service. These services help you reclaim control by monitoring and removing your sensitive health information from various sites. They provide a layer of security against fraud and discrimination.
2) Audit your apps and privacy settings: Health and fitness apps can collect information beyond your awareness—remove any that seem untrustworthy and check permissions.
3) Beware of free quizzes: If a site offers “insights” in exchange for personal details, think twice—your data may be monetized. Consulting a healthcare professional may be a better option.
4) Limit data sharing: Share only what’s necessary when enrolling in health-related services or using apps. Be cautious about posting health info on public forums.
5) Ask for data minimization: Request your healthcare provider to only collect essential data to reduce exposure in the event of a breach.
6) Utilize strong antivirus software. A reliable antivirus can shield your devices against malware and cyber threats, helping to protect your personal information.
7) Keep software updated: Regular updates on your systems and apps help patch vulnerabilities that cybercriminals could exploit to access your health data.
8) Use strong, unique passwords: Each account related to your health info should be secured with a distinct password, minimizing risks from breaches.
Final thoughts
Your health data is meant to be private, but today’s digital age poses significant challenges to that confidentiality. With various ways for your information to be collected and sold, it’s essential to take proactive steps to safeguard your privacy. It’s not about instilling fear; rather, it’s about empowering yourself to control your digital presence.
What do you think—should lawmakers and tech companies take stronger measures to ensure our health data remains secure, or is it primarily our responsibility to protect our privacy? Let us know your thoughts.
