Are Your Prescription Records Being Sold?

Posted on Dec 16, 2014 | 0 comments


Confidentiality between doctor and patient has always been a given in the United States, and it’s something we have long taken for granted. However, that confidentiality isn’t as airtight as many may think. On the contrary, pharmacies such as CVS and Express Scripts have been selling anonymous prescription information to data mining companies for years. Why? It’s an effort to target advertisements to patient’s prescriptions and health conditions. The process is called matchback, and it has rightfully raised concerns about federal medical privacy laws.

How ‘Anonymous’ is It?

Matchback is allowed because the names of the patients are said to be concealed, though to many, that doesn’t justify the breach of confidentiality. IMS Health Holdings and other data brokers have collected prescription records numbering in the hundreds of millions, and they say the names of the patients are replaced by unique codes that are generated using algorithms. But, opponents of the practice are concerned that such technological advances undermine privacy laws, specifically the Health Insurance Portability and Accountability Act (HIPAA).

Confidentiality and Transparent Disclosure Concerns

While advocates of the matchback process claim that patient’s names are not directly connected to the prescription information, not all pharmaceutical companies are comfortable with it. For example, industry giant, GlaxoSmithKlinePlc, stopped engaging in the practice after its leadership became concerned about the potential for violating consumer privacy, and because not all websites were notifying users. The company’s legitimate concerns about transparent disclosure for internet users and breeches of confidentiality are at odds with other pharmaceutical companies, like Sanofi, that do use matchback to target consumers.

Money to be Made

Pharmaceutical companies aren’t the only ones who must choose whether or not to engage in prescription drug data mining. Internet companies can profit from it, too, so they have a decision to make as well. Yahoo has decided in favor of matchback. The company has been using IMS Health Holdings, Inc., one of the biggest data brokers, to target ads through matchback since 2011. Even though Yahoo’s privacy policy does address information sharing and disclosure, it does not specifically mention the release of information relative to prescription drugs. Yet, the internet giant, along with IMS, reportedly holds the records of some 100 million people. What’s the draw? Money, of course. Matchbacks can add $100,000 to the price tag of a digital advertising campaign.

Not all internet giants are on board with the selling of ‘anonymous’ prescription records though. Like SmithGlaxoKlinePlc, Facebook, Google and Microsoft don’t use matchbacks in their ad targeting strategies either. Perhaps the money to be made just isn’t worth the risk to them, especially given the breaches of information that occur. Opponents of matchback point to such breeches as evidence that long term tracking poses a risk to patient privacy regardless of how the data is presented, or who is in control of it.

Whether or not the mining of prescription data is legal, many believe that it is unethical. Opponents of the process argue that all health records should be kept confidential. Regardless of whether there is a name or random number attached to it, they claim, medical information is too personal to expose to any level of risk.

Robert Gordon (70 Posts)

Robert Gordon is the editor of medical-directions.com, a health fanatic and avid Kayaker. He spends most of his time reading medical blogs and searching for new content to engage his readership.


Submit a Comment

Your email address will not be published.

CommentLuv badge