A new national snapshot of the state of mental health across America is, frankly, a little discouraging, especially when it comes to young people.
One startling finding from the annual report produced by the nonprofit Mental Health America: “[S]ixty-four percent of youth with depression do not receive any treatment.”
In addition, the report found:
Even among those with severe depression, 63 percent do not receive any outpatient services. Only 22 percent of youth with severe depression receive any kind of consistent outpatient treatment (7-25+ visits in a year).
I asked one of our frequent contributors, child psychiatrist Dr. Eugene Beresin, executive director of the Massachusetts General Hospital Clay Center for Young Healthy Minds and professor of psychiatry at Harvard Medical School, for his thoughts on the report.
Here, lightly edited, is his response:
First, I am not surprised. There are a number of issues not emphasized by this summary:
1. There is a huge shortage of child and adolescent psychiatrists in the U.S. Currently there are about about 7,000.
So while many parents seek help, the access to care is severely limited. Primary care pediatricians are inadequately trained in psychiatry and this has been addressed by the American Academy of Pediatrics. Their graduate training requires only two months in developmental behavioral pediatrics and few have any significant training in psychiatry. They are desperate to make referrals and often are at a loss to find qualified clinicians. Some states such as Massachusetts and New York have statewide efforts to assist them through consultation and education in psychiatry, but this only scratches the surface.
2. The college situation is analogous. Up to 50% of students have psychiatric problems, and in large universities there is only about one certified mental health professionals to deal with 3,000 students. Only about 25% of students with problems seek help.
3. While there was legislation for parity in mental health services, this has been woefully inadequate. There is strong data that combining medication management with psychotherapy has better outcomes than either treatment alone for some serious psychiatric disorders. However, insurance covers unlimited visits for medication management ALONE and these visits tend to be 15-30 minutes. Psychotherapy visits that typically allow for 24 visits a year could include both. But this limits combined treatment to 24 visits a year maximum for most insurance policies. That is typically insufficient for many treatments.
4. Reimbursements through insurance for mental health treatment are very low compared with other care. Thus psychiatry in the outpatient sector is a huge financial drain on health care systems. And there is a great shortage of inpatient beds for youth and for very short lengths of stay. Often pediatric psychiatric facilities are overwhelmed with youth and families that are stuck without places to go.
5. Treatment for psychiatric disorders is as good as treatment for most medical disorders. However, the stigma of having a psychiatric disorder stops many people from seeking treatment. They are often too ashamed to seek help; or many believe that psychiatric disorders are untreatable, and thus they do not seek help. Other reasons for not seeking help is the fear that this will be on one’s permanent medical record — another aspect of the shame and embarrassment of having a psychiatric disorder.
But the data show that the lifetime prevalence (possibility) of developing a psychiatric disorder is about 24%. Thus one of the most common kinds of disorders in medical practice goes largely untreated. And it should be noted that most psychiatric disorders begin in youth (children through late adolescence and young adulthood). One would hardly avoid going to a doctor for asthma, migraines or other common illnesses and many who suffer from anxiety, depression, PTSD and other common problems do not seek help.
The federal government needs to increase its oversight over private Medicare health plans to make sure seniors have adequate access to doctors and hospitals, according to a report released this week by congressional auditors.
The General Accountability Office study found the Centers for Medicare & Medicaid Services, which administers Medicare Advantage plans, primarily relies on complaints from consumers to determine if they are having trouble getting appointments with providers.
The government reviews less than 1 percent of the information filed annually by provider networks for adequacy and accuracy. It looks only at the networks of plans entering new markets and not at those in existing markets, the GAO said.
The congressional watchdog also found that the government approves more than 90 percent of requests from health plans for exemptions from federal rules on network adequacy, which determine how far a consumer has to go to find a doctor.Use Our Content This KHN story can be republished for free (details).
About 16 million seniors are in Medicare Advantage plans, 30 percent of the Medicare population. Unlike traditional Medicare which allows consumers to see any provider, those in Medicare Advantage must see a doctor or facility in the plan’s network. Medicare Advantage enrollees are locked into their health plan for a year.
The GAO report was spurred by concerns from patient advocates that Medicare health plans don’t provide members enough choices of doctors and certain specialists, and that health plan provider directories often inaccurately list doctors who no longer accept the coverage.
In 2013, UnitedHealthcare, the nation’s largest Medicare Advantage plan, dropped thousands of doctors in Connecticut and nine other states from their Medicare networks. That drew complaints from seniors who had signed up for plans largely because they wanted access to certain providers.
“This investigation shows what I have long said: Medicare Advantage patients have no recourse to stop bad behavior like we saw in Connecticut with UnitedHealth,” said Rep. Rosa DeLauro, D-Conn., who requested the GAO report.
Joe Baker, president of the Medicare Rights Center in New York, said his nonprofit group often gets calls from seniors who are upset that provider directories from their Medicare plans list doctors who don’t take their health plan. He said the report suggests that CMS can improve its enforcement.
“CMS needs to do a better job to make sure these networks are accessible and that providers are available,” Baker said.
CMS officials told GAO investigators they are stepping up their audits of Medicare Advantage provider networks, the report said. A CMS spokesman said plans typically are exempted from network adequacy rules when few doctors are available to contract with or when consumers can easily go to an adjoining county for care.
The rules for ensuring consumers have access to care vary by type of provider and county population density. For example, in large counties, CMS requires members to have a choice of primary care providers within 5 miles of their home or a 10-minute drive, the report said.
Health plans in recent years have reduced the number of providers to control costs and focus on those who provide better service and care.
“Medicare Advantage plans are under same pressure as all health plans to contain costs and to reward their highest value providers and this probably is resulting in some network narrowing,” said Michael Adelberg, a senior director with FaegreBD Consulting in Washington.
But Adelberg said health plans need to keep consumers abreast when doctors drop out of their plans. “Consumers have a right to know what they are buying,” he said.
Judith Stein, executive director of the Center for Medicare Advocacy, said the report shows the government must better monitor health plans. Her organization is pushing for a bill to be reintroduced in Congress that would require health plans to notify members if providers are terminated from their networks. Though seniors each year can change health plans or choose traditional Medicare, most stay in the same plans year after year, she said.
The center’s bill would also prohibit Medicare Advantage Plans from dropping providers during the middle of the year and require that plans finalize their provider networks 60 days before the annual enrollment period begins. That period this year runs from Oct. 15 to Dec. 7.
Allyson Schwartz, president of the Better Medicare Alliance, which represents Medicare Advantage plans, said the industry is committed to making sure provider networks meet the needs of seniors.
“It is important that CMS continue to work with Medicare Advantage plans to provide transparency, accountability and timely information on provider networks and beneficiary access to the critical care that many seniors need,” Schwartz said in a statement.
Set for 3 p.m. on Thursday, Oct. 29 in Room 119 of the Library’s Thomas Jefferson Building, the lecture, titled “Justice, Neutrality and Law,” will focus on such questions as whether the law should affirm certain moral judgments, or be neutral on moral and spiritual questions.
The Kellogg Biennial Lecture on Jurisprudence presents the most distinguished contributors to international jurisprudence, as judged through writings, reputation, and broad and continuing influence on contemporary legal scholarship. Previous Kellogg Lecturers include Ronald Dworkin, Joseph Raz, and Amartya Sen. The series has been endowed by Frederic R. and Molly S. Kellogg.
Michael Sandel is the Anne T. and Robert M. Bass Professor of Government at Harvard University, where he has taught political philosophy since 1980. Sandel’s writings–on justice, ethics, democracy, and markets–have been translated into 27 languages. His legendary course “Justice” is the first Harvard course to be made freely available online and on television. It has been viewed by tens of millions of people around the world, including in China, where Sandel was named on China Newsweeks list of most influential figures of 2010.
Professor Sandel’s books include What Money Can’t Buy: The Moral Limits of Markets; Justice: What’s the Right Thing to Do?; The Case against Perfection: Ethics in the Age of Genetic Engineering; and Democracy’s Discontent: America in Search of a Public Philosophy. They relate the enduring questions of political philosophy to the most vexing moral and civic questions of our time.
Professor Sandel, a member of the American Academy of Arts and Sciences, has been a visiting professor at the Sorbonne (Paris), delivered the Tanner Lectures on Human Values at Oxford University, and served on the President’s Council on Bioethics (2002-2005). A graduate of Brandeis University (1975), he received his doctorate from Oxford University (D.Phil., 1981), where he was a Rhodes Scholar.
The event, which will be hosted at the Library of Congress, and presented by the Law Library of Congress and the Library’s John W. Kluge Center, is free and open to the public. Tickets are not required but seating is limited.
We hope to see you at the event! For those readers who will not be able to attend the program, a member of the In Custodia Legis team will be live-tweeting the event via Twitter @LawLibCongress, using #KelloggLecture.
The public overwhelmingly supports Medicare’s plan to pay for end-of-life discussions between doctors and patients, despite GOP objections that such chats would lead to rationed care for the elderly and ill, a poll released Wednesday finds.
Eight of 10 people surveyed by the Kaiser Family Foundation supported the government or insurers paying for planning discussions about the type of care patients preferred in the waning days or weeks of their lives. (KHN is an editorially independent program of the foundation.) These discussions can include whether people would want to be kept alive by artificial means even if they had no chance of regaining consciousness or autonomy and whether they would want their organs to be donated. These preferences can be incorporated into advance directives, or living wills, which are used if someone can no longer communicate.Use Our Content This KHN story can be republished for free (details).
The Centers for Medicare & Medicaid Services earlier this year proposed paying doctors to have these talks with patients. A final decision is due out soon. The idea had been included in early drafts of the 2010 federal health care law, but Sarah Palin and others opponents of the law labeled the counseling sessions and other provisions “death panels” motivated by desires to save money, and the provision was deleted from the bill.
The notion of helping patients prepare for death has support among many doctors, who sometimes see terminal patients suffer from futile efforts to keep them alive. Last year, the Institute of Medicine issued a report that encouraged end-of-life discussions beginning as early as 16 years old.
The Kaiser poll found that these talks remain infrequent. Overall, only 17 percent of those surveyed said they had had such discussions with their doctor or another health care professional, even though 89 percent believe doctors should engage in such counseling. A third of respondents said they had talked to doctors about another family member’s wishes for how they would want to be cared for at their end.
While none of these proposals calls for the cost of care to weigh on these discussions, the final years of life are indeed expensive for America’s health care system. The Dartmouth Atlas of Health Care has calculated that a third of Medicare spending goes to the care of people with chronic illnesses in their last two years of life. That is likely to increase as the population of those older than 65 increases. An analysis by the Kaiser foundation found that Medicare spending per person more than doubled from age 70 to 96, where it peaked at $16,145 per beneficiary in 2011.
The Kaiser poll found less public support for a cost-containment provision that did make it into the health law. The “Cadillac tax” begins in 2018 and will impose a tax on expensive insurance that employers provide to their workers. Sixty percent oppose the plan, which economists have long favored as a way to discourage lavish coverage and make people aware that extensive use of Medicare services is linked to premiums.
The poll also found that 57 percent of people favor repealing the medical device tax, another piece of the health law that Republicans in Congress are trying to repeal. The tax applies of artificial hips, pacemakers and other devices that doctors implant.
The poll was conducted from Sept. 17 through Sept. 23 with 1,202 adults. The margin of error was +/- 3 percentage points.
A long-established belief about health costs is that some areas of the country, like McAllen, Texas, are expensive, while others like San Francisco are cheap. But an analysis released Wednesday provides evidence that prices can be exorbitant for some medical services and bargains for others—all in the same place.
The study from the Health Care Cost Institute, a Washington-based nonprofit, found discrepancies within some of the 41 areas of the country it studied using its rare data trove–billing claims from three of the biggest commercial insurers. Together the records show insurance payments for a quarter of the people under 65 who got their coverage through their employers between 2011 and 2013.
The study divided bills into inpatient care — services provided to overnight patients in hospitals and nursing facilities — and outpatient care done in labs, clinics, ambulatory surgery centers and at hospitals for patients who weren’t admitted. The study did not include any professional fees billed independently by doctors.
The researchers found that some areas had both high inpatient and outpatient prices in comparison to the other regions. Those included Bridgeport, Conn.; Boulder, Denver and Fort Collins in Colorado; Dallas and El Paso in Texas; Milwaukee; and Philadelphia. Other places had prices that were low in both inpatient and outpatient settings, including Louisville, Ky.; New Orleans, Peoria, Ill., St. Louis, and Tucson, Ariz.
But elsewhere, it was not so easy to categorize a region as high or low cost with just one composite measure. Inpatient prices were below average while outpatient prices were above average in Corpus Christi, Texas; Green Bay, Wis.; Lakeland and Miami in Florida; and Trenton, N.J.
The reverse was true in Orlando and Jacksonville in Florida.Use Our Content This KHN story can be republished for free (details).
“To say this area’s really good versus that area’s really bad is a little bit unfair because it ignores the underlying factors,” said Eric Barrette, the institute’s director of research. He said the discrepancies were possible because inpatient and outpatient care can be separate markets that are not competing with each other.
The findings were notable because the study is one of the few using private commercial insurance data. Until recently, most evaluations of spending levels in places were based on Medicare trends, even though Medicare sets consistent prices so the only differences are in the levels of use. This approach led to McAllen’s identification as a high cost area in a much cited New Yorker article, which was influential as the health law was being drafted. (McAllen was not one of the areas in the new study.)
For each of the areas, the institute published a Health Marketplace Index showing prices and the use of medical services for both outpatient and inpatient care. The study found that the level of use and the prices did not correlate, but did not delve into what factors—such as the intensity of hospital competition—might be driving price differences.
The study was funded by the Robert Wood Johnson Foundation, a New Jersey-based philanthropy.
Like millions of Americans, Michelle Muckenthaler joined her workplace wellness program this year, answering a bunch of questions about her health habits: What did she eat? How often did she exercise?
Next year, she’ll also face a wellness exam, including tests to measure her cholesterol level, blood sugar and weight. Worried about the privacy of her personal information, she says she’ll opt out, even though she will lose a discount off her premium.
“A $40 a month penalty is not enough for me to want to tell my employer what I’m doing with my health,” said Muckenthaler, 37, who lives near Denver.
The $6 billion a year workplace wellness industry is booming among employers looking for ways to slow health care spending. But so, too, are concerns about privacy.
Wellness In The Workplace
Check out more KHN stories in this ongoing series:
Many programs ask detailed health-related questions, and a growing number include medical tests. Some offer workers cash or credits toward insurance discounts if they allow the programs to track their grocery store purchases or the number of steps they take. As the programs delve into ever more sensitive areas — mental health, finances, sleep habits and pregnancy — advocates say existing privacy and anti-discrimination laws fall short.
“I don’t think the privacy rules are anywhere close to adequate,” said Anna Slomovic, a lead researcher at the George Washington University Cyber Security Policy and Research Institute.
Existing laws, she and others say, don’t cover all wellness programs, allow employers to get personal medical information in some circumstances and haven’t kept pace with advances in technology now being used in some programs, including fitness trackers that report information about a wearer’s location, activity level and sleep patterns.
How Is Wellness Data Protected?
Federal law limits the scope of the personal health information that employers can glean from the programs and bars them from discriminating against workers with disabilities. Most employers say they get only aggregated, anonymous data. And consumer advocates cannot point to specific examples where wellness program data was misused by employers or not kept separate from employment-related decisions, such as hiring or firing.
Still, this spring, the Equal Employment Opportunity Commission proposed a new rule warning employers that wellness programs must be voluntary, “reasonably designed” to improve health and not a “subterfuge for violating … laws prohibiting employment discrimination.” Last year, the EEOC brought several cases against employers, including one against Orion Energy Systems in Wisconsin where Wendy Schobert worked in the accounting office. Citing privacy and other concerns, Schobert opted out of her workplace program. As a result, she had to pay the full cost of her insurance, plus a $50 a month penalty and was warned not to express her opinions about the program to her co-workers, according to the EEOC’s lawsuit.
Within weeks, the lawsuit noted, she was fired. Orion disputes the allegations in its response to the EEOC.
The case — and another similar one also brought by the EEOC — is still pending.
While those lawsuits and much of the proposed EEOC rule address the definition of what constitutes a voluntary wellness program, the EEOC also took a swipe at adding some privacy protections. The proposal would require employers to spell out specifically what entities can access worker data and only allow employers access to that data mainly in an aggregate form that isn’t likely to disclose the identity of individuals.
Advocates, however, say the proposal includes a large loophole: It allows employers to get individual data provided to the wellness programs if needed to administer their health plans. Some advocates say the EEOC hasn’t defined clearly what “administer” means or why, in any case, the information would be needed.This KHN story also ran on CNN. It can be republished for free (details).
“If, by ‘administer,’ the commission is referring to the ability to surcharge … nonparticipants, there is no need for actual medical information …” wrote David Certner, legislative counsel for the AARP, in one of hundreds of comment letters sent to the government concerning the EEOC proposal. “More effective firewalls are essential.”
Some point to the Health Insurance Portability and Accountability Act, heralded in 1996 as a big step toward helping consumers keep their personal medical information private, as a firewall. But there are gaps in the protection it provides.
Among other things, it limits what information employers who sponsor group health plans can receive about participants without their specific consent. Additionally, employers whose wellness programs are covered must promise to protect any personal medical information they receive and shield that information from any employees who are not specifically designated to see it. Employers also cannot use the information for employment-related actions.
But privacy advocates say HIPAA’s rules don’t apply directly to employers. In addition, wellness programs run entirely by the employer, rather than as part of the employer’s group health insurance plan, are also outside of HIPAA’s purview.
It isn’t known how many employers offer wellness programs entirely separate from their group health insurance benefit, although an annual survey of employers by the Kaiser Family Foundation showed that almost half of large employers offer wellness programs outside of their group health benefits. (KHN is an editorially independent program of the foundation.)
Even when consent is sought to gather or share the sensitive data as required by HIPAA, advocates say some wellness programs bury such authorizations in lengthy forms or deem the simple act of logging onto a wellness program website as a worker’s “electronic signature,” agreeing to the disclosure.
“In effect, this means employees have no control over their health information,” said Deborah Chalfie, senior legislative representative at AARP.
Finally, advocates say technology and the wellness programs that use them have expanded and advanced beyond what drafters of HIPAA and other anti-discrimination laws envisioned.
To make protections stronger, privacy rules should be extended to all workplace wellness programs, personal information should be deleted if employees stop participating and employers or the vendors they hire to run the programs should clearly spell out how the data gathered from all sources will be analyzed, said privacy researcher Slomovic.
“If the wellness programs are using food purchase data from an app, and combining it with something else, like your BMI [ an indicator of body fat], you should be able to know that,” she added.
The commission has not set a timetable for finalizing the regulation.
A ‘Fun’ Perk To Promote Employee Health
Wellness programs sprang up more than two decades ago, prompted by rising health care costs. While employers are generally barred by the Americans with Disabilities Act (ADA) of 1990 from asking non-job-related health questions, regulations give them a broad exception to do so if the questions or medical exams are part of a voluntary wellness program.
Employers say wellness programs are a fun perquisite that can also alert employees to health issues while providing educational tools to combat preventable illnesses, which might save money over the long run.
“We don’t see individual results for anyone ever. Most employees are comfortable with that,”
said Jennifer Franco, director of employee benefits and programs at utility firm Exelon, where workers can save $500 a year on their health insurance premiums if they fully participate in the wellness program.
At IBM, the company’s long-running workplace wellness program has recently expanded to consider five “dimensions of health,” including physical, mental and financial health, said Meg Bach, who heads the company’s health promotion efforts.
“We have modules on sleep, on positivity, on meeting preparation, the value of taking breaks throughout the day,” said Bach. The sleep module, Bach said, includes materials to evaluate bedrooms to see if they are conducive to rest. A hydration module includes a urine color meter, “so every time a person used the rest room, they could see if they were dehydrated.”
IBM isn’t getting information about each employee’s sleep or hydration levels, Bach says, only aggregate information from their wellness vendors, using it “to make program changes, to make business decisions, to help focus our efforts … in support of the employees.”
Workers sensitive about privacy don’t have to participate, Bach said: “All of the programs are voluntary.”
The Cost Of Not Participating
As the financial stakes rise, however, workers don’t always see it that way.
“The only reason we do it is because of the $600,” said Amanda Hansen, a 59-year-old Maryland resident who works for a software company. She and her husband participate in her employer’s wellness program mainly to get the discount off their premium the company grants for doing so.
Hansen, who uses a wheelchair, says she worries that her personal medical information might get out somehow and, more broadly, about how such wellness programs might affect workers, especially those with disabilities.
“They ask you questions that are very personal,” Hansen said. “Not only do they get into vital stats on blood counts, but also things that cause you stress and how you sleep.”
Hansen worries that most employees access the program through company computers and websites, so “it would be very easy for that info to get filtered back.”
That concern is echoed by advocacy groups. While laws prohibit discrimination based on disabilities, they note that it is hard to prove.
“Once an employer knows you have a bipolar diagnosis or diabetes, it’s hard to parse out if it is being used to discriminate … to sort out why you got fired suddenly,” said Jennifer Mathis, director of programs at the Bazelon Center for Mental Health Law, an organization that advocates for people with mental disabilities.
Surveys show that privacy is a concern for some, but many workers, used to sharing all kinds of personal information on websites and elsewhere, are not at all worried. And some see advantages to wellness programs.
“I know for a fact I got healthier,” said Steven Rummel of Forest Park, Ill., who worked for utility firm Exelon until last September and got a free Fitbit and savings on his health insurance for joining its wellness program. “I lost about 15 or 20 pounds.”
Rummel, a 46-year-old data analyst, said he’s not concerned about his personal medical information getting out, partly because the wellness program was run by a third party, not his employer. Even if his former employer got personal information, he said, what could they do with it?
“Let’s say they started firing people with high cholesterol, in which case they would lay off two-thirds of the company and set themselves up for a serious PR disaster or a lawsuit,” he said. “It just didn’t seem plausible.”
Jay Hancock contributed to this story.
If your company hasn’t launched a wellness program, this might be the year.
As benefits enrollment for 2016 approaches, more employers than ever are expected to nudge workers toward plans that screen them for risks, monitor their activity and encourage them to take the right pills, food and exercise.
This involves a huge collection of health data outside the established medical system, not only by wellness vendors such as Redbrick, Audax and Vitality but also by companies offering gym services, smartphone apps and devices that track steps and heartbeats. Such partners pass worker results to the wellness providers.
Wellness In The Workplace
Check out more KHN stories in this ongoing series:
Standards to keep such information confidential have developed more slowly than the industry. That raises risks it could be abused for workplace discrimination, credit screening or marketing, consumer advocates say.
Here’s what to ask about your company’s plan.
Q. What information will my employer see?
Many employers get only anonymous, group data. The vendor reports how many workers are overweight or have high blood pressure, for example.
But sometimes employers can see individual results, setting the stage for potential discrimination against those with disabilities or chronic illness. Or they can guess them. Discrimination based on disability and illness is illegal but hard to prove.
Workers should ask exactly what information will get back to their company and whether it will identify them.
Q. Is the program covered under the HIPAA privacy law?
The Health Insurance Portability and Accountability Act restricts sharing of certain medical information to doctors, health insurers and other authorized users. Asking whether a wellness plan is covered by HIPAA is a good, first attempt at judging confidentiality.
Workplace wellness programs offered separately from an employer’s group health insurance plan are not protected by HIPAA. Other privacy laws might apply. But often it’s often impossible for employees to tell without asking.This KHN story also ran on CNN. It can be republished for free (details).
Even in HIPAA-covered programs, a few, designated managers at your workplace can see health reports including identities, although they’re supposed to keep them confidential.
Use of a wellness portal often gives the vendor permission to share personal data with unidentified “third parties.” Those would be insurers, data-storage firms and other partners necessary to the program, vendors say. They’ll protect the information as well as anybody, they say.
But the open-ended nature of the permission gives consumer advocates the creeps. Read the privacy and terms-of-use disclosures. Ask questions if you’re uncomfortable.
Q. My employer says it sees only group results. Does that guarantee privacy?
At smaller firms it’s sometimes easy for managers to match worker identities with results from group reports. The same goes for large companies when wellness data is disclosed by team or division.
Ask how far the results will be broken down.
Q. How many other companies see my wellness data?
Employees deserve a clear explanation of which companies get their data, what form it takes, how recipients will use it and how it is protected, privacy advocates say.
Q. What privacy policies do subcontractors and other third parties have to follow?
One privacy standard for wellness contractors, set by the National Committee for Quality Assurance, requires the primary wellness vendor as well as third-party partners to conform to HIPAA.
But that kind of policy is not universal. NCQA recognizes only a few dozen out of hundreds of wellness companies. And NCQA standards are voluntary and don’t confer consumer rights.
Q. Could somebody try to identify individuals in the group results shared by my wellness plan?
Wellness privacy policies often give vendors broad room to share data stripped of names, addresses and other identifying features. Such information is not protected under HIPAA.
Experts have shown that such results can be re-identified by combining them with public databases. As an extra protection, wellness vendor Limeade and wearable device maker Fitbit prohibit third-party partners from attempting to re-identify the information they share.
But not all vendors do the same.
Houston workers who checked the fine print said they weren’t sure whether they were joining an employee wellness program or a marketing scheme.
Last fall the city of Houston required employees to tell an online wellness company about their disease history, drug and seat-belt use, blood pressure and other delicate information.
The company, hired to improve worker health and lower medical costs, could pass the data to “third party vendors acting on our behalf,” according to an authorization form. The information might be posted in areas “that are reviewable to the public.” It might also be “subject to re-disclosure” and “no longer protected by privacy law.”
Employees could refuse to give permission or opt not to take the screen, called a health risk assessment — but only if they paid an extra $300 a year for medical coverage.
Wellness In The Workplace
Check out more KHN stories in this ongoing series:
“We don’t mind giving our information to our health care providers,” said Ray Hunt, president of the Houston Police Officers’ Union, which objected so strongly along with other employees that the city switched to a different program. “But we don’t want to give it to a vendor that has carte blanche to give that information to anybody they want to.”
Millions of people find themselves in the same position as that of the Houston cops. As more employers grasp wellness as the latest promised solution to soaring health costs, they’re pressuring workers to give unfamiliar companies detailed data about the most sensitive parts of their lives.
But whether or not that information stays private is anything but clear, an examination by Kaiser Health News shows.
In many workplace wellness programs, “it seems by taking the health risk assessment you are waiving your privacy rights,” said Jennifer Mathis, director of programs at the Bazelon Center for Mental Health Law.
At worst, shared information about sensitive conditions could support discrimination by employers, banks, life insurance companies and others. Wellness data is already escaping into what one expert calls “the great American marketing machine” that pitches products according to your diseases and lifestyles, privacy scholars say.
Wellness vendors charge employers a per-person fee to assess workers’ health and motivate them to exercise, eat well, see doctors and take pills. Companies push workers to participate with gift cards, insurance discounts and other rewards or penalties.
As employers flock to the wellness parade, corporate wellness vendors make up what research firm IBISWorld predicts will be a $12 billion industry by 2020 — six times its estimated size in 2011.
Privacy advocates see a void of regulation or even voluntary standards to ensure the information is used as intended. By all accounts the amount of worker wellness data being collected — through the Web, company surveys, wearable devices, gym records and lab tests — is exploding.
“The privacy issues are profound,” said Pam Dixon, executive director of the World Privacy Forum, an advocacy group. “If people are being asked to wear a biometric electronic device, or use a mobile app or work within a wellness program, that data can be used in ways that may be very, very surprising to people.”This KHN story also ran on CNN. It can be republished for free (details).
Numerous wellness vendors say flatly that privacy is critical to their reputation and that they don’t share information on individual workers with employers, data brokers or marketing companies. But as the Houston employees found out, the fine print isn’t so plain or reassuring.
— Few workers know that wellness contractors are often unbound by the strict privacy law, known as the Health Insurance Portability and Accountability Act (HIPAA), that restricts doctors and hospitals.
— A review of privacy policies shows that many wellness vendors adopt policies allowing them to share identifiable data with unidentified “third parties” and “agents” working to improve employee health.
— Wellness companies and their contractors routinely share almost completely unregulated “de-identified” data showing group heath results with employers, researchers and others. Scientists have shown such information can be “re-identified” and used for marketing, potential credit screening and other purposes.
Wellness vendor Audax Health, whose work with Houston resulted in “an overwhelming number of employees who were uncomfortable with the privacy statement,” according to a city statement to employees, said it keeps information strictly confidential. Audax’s online portal for employees is called Zensey.
“We do not sell or resell personal health information to anyone,” including marketing companies and data brokers, David Sclar, Audax’s chief privacy officer, said through a spokesman. “We do not allow third parties to market to Zensey users.”
But Audax’s own fine print contradicts the second part of his statement, saying the vendor may direct marketing pitches from third parties to wellness members based on “attributes” it collects from those employees. Audax is majority-owned by insurer UnitedHealth Group.
Other big wellness vendors, including venture-capital backed Welltok, include similar language in their disclosures. Under the heading, “Information Collected by Third Parties,” Welltok says its CaféWell portal might “target advertisements to you based on products and services you may be interested in.”
Jeff Cohen, Welltok’s co-founder, expressed surprise at the statement.
“That goes against everything we represent — probably one of those where a lawyer told us to put it in there,” he said in an interview. “I’m going to go back and talk to our compliance person” about the language, he said.
Cohen said Welltok doesn’t “use and sell and share the data from our platform about users to third parties.”
But as of Sept. 25, the disclosure language was unchanged. And that’s what matters legally, privacy lawyers said.
Primary wellness vendors such as Audax and Welltok aren’t the only ones collecting employee health data. Wearable device makers, test labs, gym chains, data centers, workout-app publishers are also part of the gold rush.
As frequent partners of employers and wellness providers, each of those companies also gathers worker information of varying sensitivity — often with employers pushing workers to participate — in what amounts to a widening wellness data web.
The most advanced employee wellness programs can even “ping your cell phone when you’re at the gym” to record your visit through a geo-location app, said Erick Hathorn, a consultant to wellness companies and contractors. “Or they can ping it 30 minutes later to know you stayed.”
Lose It!, one of the most popular diet apps for smartphones, works with employee wellness plans to track your calories and weight via a wireless scale.
That’s a lower level of protection, even without identification, lawyers said.
Nobody at Boston-based Lose It! was available to answer questions about corporate wellness and privacy, a spokeswoman said.
“What are the vendors doing with the data they collect? They aren’t telling us,” said Ifeoma Ajunwa, who teaches health law at the University of the District of Columbia. “Are they selling it? I would be surprised if they’re not selling it, because it’s valuable.”
Two years ago Under Armour bought MapMyFitness, another app promoted for use in corporate-wellness programs, and turned it into an ad vehicle for its athletic apparel.
The app records workout routes, times and speeds and shares data with wellness vendors and Under Armour itself, according to a disclosure statement. Users see ads for Under Armour gear and other products on their smartphones and computers.
Data from MapMyFitness and other apps bought by Under Armour “is going to be extraordinary,” company CEO Kevin Plank told industry analysts this year. “This will help us sell more shirts and shoes,” he has repeatedly said.
An Under Armour spokeswoman referred a reporter asking about data policies and wellness programs to MapMyFitness’ privacy statement.
More than 13 million Fitbits and other wearable health devices will be used in corporate wellness plans by 2018, ABI Research has projected. Data gathered by the Fitbit can include height, weight, heart rates and sleeping and exercise patterns.
“Now Fitbit has that information and the wellness program has it,” said Robert Gellman, a privacy consultant and former congressional staffer. “I don’t know of any best practices from wellness industry [to handle the data]. It’s the Wild West.”
Fitbit did not respond to several requests to discuss privacy. The company won’t “sell any data that could identify you” and shares information only when necessary to provide the service, when the data are anonymous or with user permission, its written policy says.
Employer wellness programs even follow you to the supermarket.
A firm called NutriSavings assigns health grades to thousands of food products and lets grocers record member shopping. Stores report scores — but not specific purchases — to the wellness vendor, says NutriSavings. Members get rewards from their employer based on what they buy.
Wellness information isn’t just valuable for selling stuff. Privacy advocates especially worry that the results might be shared with data brokers who crunch information and sell it to banks and other financial firms.
“That’s where the data then moves into other parts of the economy — lending decisions, credit decisions, mortgage decisions,” said Scott Peppet, a law professor and privacy specialist at the University of Colorado. “Once these data are in the hands of a data broker, they can be blended into any kind of formula.”
Credit-card companies could raise rates for employees that wellness programs reveal to be couch potatoes, inferring that they are more likely to default. Life insurers could deny coverage or raise prices based on unhealthy wellness results. Insurer John Hancock has already started offering discounts to life insurance customers who agree to wear a Fitbit, share data and attain certain scores.
No one knows whether data brokers are getting workplace wellness information. But despite what many employees believe, not all wellness information is protected by HIPAA, which authorizes only doctors, insurance plans and others close to a patients’ care to see their medical data.
“People assume all their health information is covered by HIPAA and that’s just not true,” Gellman said. “Wellness programs are on the border. Some are and some aren’t. How can a mere mortal tell? A lot of information can escape into the great American marketing machine, which is desperate to get information on a person’s health.”
Wellness vendors are supposed to obey HIPAA restrictions if they’re part of an employer’s insurance plan. But it’s far from clear what that means.
The National Committee for Quality Assurance, a respected health care certification group, asks workplace wellness groups it accredits to observe HIPAA rules and require the same from third parties they work with.
But NCQA recognizes only about 30 wellness vendors out of hundreds. Even a “HIPAA-compliant” program could induce workers to waive their rights without knowing it, consumer advocates said.
Nor does HIPAA protect the de-identified health information that wellness providers routinely share with employers and other, unidentified outside parties, according to their privacy policies. De-identified data might include blood pressure, cholesterol, drug use and disease history.
Researchers have shown that such information can be linked to the subject by combining it with voter lists, credit-card records and other databases. Harvard investigators used birthdays and zip codes in a de-identified genetics survey two years ago to figure out who more than a fifth of the participants were.
Until recently, Audax’s policy stated that the company could use de-identified employee data “for any business purpose.” It removed that language after KHN inquired about privacy.
Fitbit and Limeade, a wellness provider in Bellevue, Wash., forbid third parties using their anonymized data from trying to re-identify the users.
But that policy — the kind recommended by Federal Trade Commissioner Julie Brill and others — is unusual among wellness providers, KHN’s review shows.
“We haven’t really stepped into regulating this or decided if to regulate this,” said Peppet, who favors employer wellness efforts despite his concerns about confidentiality. “I’m expecting over the next couple of years we’ll probably see some problems.”
Julie Appleby contributed to this story.
Before they were removed following an outcry over privacy, backscatter X-ray security scanners at airports also raised worries among some travelers and scientists about exposure to potentially harmful radiation.
After all, the machines use ionizing radiation to produce those very graphic body images. Now, with the TSA considering redeploying a second generation of such scanners, a new report allays some concerns while leaving other questions unanswered.
The machines, pulled in 2013, expose travelers and airport workers to a dose of radiation well within acceptable limits – a factor of ten below recommended safety standards – concludes the National Academies of Sciences, Engineering and Medicine, a private nonprofit organization chartered by Congress to provide expert technical advice. Even in a worst-case scenario, the report says, if the device malfunctioned and focused the beam on one part of the body, it would not cause tissue damage or result in overexposure.Use Our Content This KHN story can be republished for free (details).
The scanners were installed in airports in 2008 as secondary screening devices, but were stepped up to the primary method after a passenger tried to set off a bomb in his underwear on a 2009 Christmas Day Northwest Airlines flight. One at a time, passengers step inside the scanners, plant their feet hip width apart, and raise their arms, as if surrendering. A panel slides back and forth and, seconds later, the scan is completed. The committee studied two devices, a Rapiscan Secure 1000 and an AS&E SmartCheck scanner, that are now in storage.
The airport scanners currently in use enlist radio waves – rather than ionizing radiation – to produce images, which are displayed on standard outlines of human bodies, instead of depictions of a person’s actual physique – as was the case with backscatters.
The study, called for by the Department of Homeland Security, followed legislation introduced on Capitol Hill in 2012 seeking additional review, as well as concerns by some scientists that the devices, whose radiation doesn’t penetrate the skin as deeply as medical X-rays, could nonetheless pose a skin cancer risk or other problems.
Four experts from the University of California, San Francisco wrote the assistant to the president for science and technology in 2010, saying existing research wasn’t adequate and that the devices might pose a skin cancer risk.
While it found the dose to the skin is not elevated, the report may not end the debate.
“I don’t know if anything could,” said Harry Martz Jr., director of the Nondestructive Characterization Center at the Lawrence Livermore National Laboratory in California. Martz chaired the committee of scientists, physicists, statisticians and other experts who wrote the report.
That’s partly because the NAS committee was specifically directed not to analyze whether the safety standard – set by the American National Standards Institute/Health Physics Society – is adequate.
So are the machines safe?
“We were not asked if they were safe or not, just whether they meet the standard, said Martz.
The committee was also specifically barred from commenting on whether the TSA should use the machines even though the radio-wave alternative exists, which doesn’t use ionizing radiation.
That the dose of radiation falls well below safety thresholds – and is less than what a body absorbs from cosmic radiation while flying across the country – is not surprising, but is only one part of the equation, said David J. Brenner, director of the Center for Radiological Research at Columbia University Medical Center. He did not work on the report, but has seen a copy.
“If you’re going to travel in an airplane, you can’t really avoid the radiation from cosmic rays. But there is an alternative to this radiation exposure [from X-ray scanners],” Brenner said. “The fact that we have other risks in our lives doesn’t mean we shouldn’t try to minimize those that we can.”
Earlier studies generally found the devices provide a level of radiation well below health and safety standards, the report noted. After conducting its own tests using additional research methods on the two scanners, the committee concluded that the dose absorbed even by small children or developing fetuses would not exceed the standard.
It cautioned that any second generation machines should have a way to ensure that they do not screen a traveler longer than the short time needed to get an image – and that daily tests on the scanners are used to check that they are operating within limits.