Dystopia Now: Insurance Company Secretly Spying On Sleep Apnea Patients
from the tomorrow's-dystopia,-today dept
So for years digital rights activists have worried about insurance companies getting their hands on everything from your smart car data to your pacemaker information and using that to deny you coverage, charge you more money, or make an extra buck selling said data to the highest bidder. That’s especially a problem in an era where consumer privacy rights are under constant siege, alongside the right to repair and open access these devices (and any data they might store about you).
If you thought this rather dystopian future was activist hyperbole or still a decade or so out, you may be disappointed.
Propublica recently released a rather interesting story about a CPAP (continuous positive airway pressure, used to treat sleep apnea) user who found that their insurance company had been accessing sleep data generated by the device, and using it to deny coverage:
“Last March, Tony Schmidt discovered something unsettling about the machine that helps him breathe at night. Without his knowledge, it was spying on him. From his bedside, the device was tracking when he was using it and sending the information not just to his doctor, but to the maker of the machine, to the medical supply company that provided it and to his health insurer.”
CPAP machines are essential to sleep apnea patients, whose health and quality of life is dramatically and negatively impacted by the fits and starts of interrupted sleep. But like so many health care sectors, these users already face all manner of hostile restrictions from their insurance companies, who often won’t cover the machines if users don’t rent them from specific companies at a steep premium. The insurance companies simply say they’re trying to ensure that consumers actively use the machines as intended; critics say say insurance industry is simply trying to shift the cost of such services to unsuspecting patients.
“But the companies? practices have spawned lawsuits and concerns by some doctors who say that policies that restrict access to the machines could have serious, or even deadly, consequences for patients with severe conditions. And privacy experts worry that data collected by insurers could be used to discriminate against patients or raise their costs.”
?The doctors and providers are not in control of medicine anymore,? said Harry Lawrence, owner of Advanced Oxy-Med Services, a New York company that provides CPAP supplies. ?It?s strictly the insurance companies. They call the shots.”
In Schmidt’s case, he quickly found that the device’s manufacturer, ResMed, had access to his usage data. As did his supply company, Medigy. As did his health insurer, Blue Cross Blue Shield. Of course because US privacy laws remain stuck in the era of the wild west this is all perfectly legal, resulting in Schmidt running into a brick wall when he began to complain about the privacy implications of being monitored and having his medical information shared with a bevy of companies. The Better Business Bureau wouldn’t help. Neither would the federal government.
Again, insurance companies say they’re simply monitoring usage and denying coverage to avoid paying for CPAP machines that aren’t being used (which does happen, since adjusting to sleeping with a mask and tubes is often a challenge). But as the story makes clear, a lot of the system is structured (surely entirely coincidentally!) to ensure that health care patients are paying out far, far more money than the $500 hardware actually costs. Usually courtesy of deductible structures and mandated rental requirements that can making actually having insurance more expensive than going without:
“The rental fees can surpass the retail cost of the machine, patients and doctors say. Alan Levy, an attorney who lives in Rahway, New Jersey, bought an individual insurance plan through the now-defunct Health Republic Insurance of New Jersey in 2015. When his doctor prescribed a CPAP, the company that supplied his device, At Home Medical, told him he needed to rent the device for $104 a month for 15 months. The company told him the cost of the CPAP was $2,400.
Levy said he wouldn?t have worried about the cost if his insurance had paid it. But Levy?s plan required him to reach a $5,000 deductible before his insurance plan paid a dime. So Levy looked online and discovered the machine actually cost about $500.”
Levy said he called At Home Medical to ask if he could avoid the rental fee and pay $500 up front for the machine, and a company representative said no. ?I?m being overcharged simply because I have insurance,? Levy recalled protesting.
Of course as the internet of broken things, wireless, and other sectors make clear, once your data is collected and sold, you’re part of a system where you have little control, since using this data to make an extra buck takes absolute priority over security, privacy, or consumer welfare. And as more and more sectors begin to gobble up your daily data (from driving habits to how many times you opened your smart refrigerator), there’s an ocean of problems just over the horizon that current privacy laws and regulatory agencies are utterly ill-equipped (and usually unwilling) to address.