top of page
Writer's pictureIRES

Telematics for Health Insurance


By: Marc Springer, CIE, CPCU, MCM, Director of Market Regulation, Risk & Regulatory Consulting, LLC


Most of us will think of automobile insurance when we see or hear the term telematics. However, other lines of insurance also utilize telematics. Although not a new concept, some health insurers have been utilizing telematics for several years and the number of insurers that employ this technology has increased in recent years.  As such, it is important for consumers and regulators to understand telematics for health insurance and this article will focus on defining telematics in general, health insurance telematics including the advantages and disadvantages, privacy concerns, and market conduct examination reviews that include health telematics.


Although telematics may be defined differently, depending on the user, the most common definition used is telematics is the joining of two sciences, telecommunications, a branch of technology including phone lines and cables, and informatics such as computer systems.  Telematics is a term that combines the words “telecommunications” and “informatics” to describe the use of communications and IT to transmit, store, and receive information from devices to remote objects over a network. Today, the term is commonly used in reference to the telematics programs offered by property and casualty insurers. However, telematics is also used by health, life, and long-term care insurers. For health insurance, physical fitness monitors and activity trackers such as FitBit devices serve as telematics. These devices perform many functions such as monitoring heart rate, quality of sleep, steps taken, and stairs climbed each day.  Users have the ability to log their food, activities, and weight to track over time and set daily and weekly goals for themselves.  Some health insurers offer incentives such as premium discounts, gym discounts, etc. for their insureds who agree to share their physical fitness device tracking information with them. Of course, the insured is required to sign an authorization form regarding the sharing of their protected health information (“PHI”) with the insurer.


Numerous consumer surveys that have been conducted over the last five years show that 70% of consumers are enthusiastic about using telematics devices and receiving a premium discount. There are other benefits that are derived from the use of health telematic devices such as the establishment of health goals, the diagnosis of health issues, customized treatment plans, and health management tools that are based on the telematics data transmitted to the insurer and the formation of interactive consumer/insurer relationships.


Disadvantages related to the use of health telematics include:

  • Consumer privacy concerns regarding how their health data is utilized, protected, and shared;

  • Inaccurate device readings or errors that could lead to a false diagnosis;

  • Insureds could become obsessed with meeting and exceeding daily goals which could result in mental health issues; and

  • Regarding non-Affordable Care Act insurance policies, the data captured by the device could be used by insurers to underwrite and rate a policy.


The most significant concern that consumers have regarding health telematics pertains to how insurers protect, utilize and share their health data. As a regulator, there are many steps that can be taken to ensure that insurers are safeguarding, protecting and utilizing health telematics data for its intended use. The first step entails the review of how data is transmitted from the health telematics device to the insurer. The transmission process should include the use of a virtual private network (“VPN”), the use of passwords during the transmission and receipt process and the data must be encrypted. The insurer should also have a process in place to notify insureds if their data is not received during scheduled data transmissions. The next step in the process is to review the insurers’ policies and procedures that govern the employees who have access to the device data. In particular, access to insureds’ data shall be limited and controlled to only those individuals that have a need to know about the data shall have access to the data, since this information is PHI.  For instance, as previously noted, device data can be utilized to diagnose health issues, such as coronary artery disease.  This data, or other adverse data, may be referred to a care manager for evaluation. In turn, the care manager may contact the insured to establish a treatment plan. Under this example, the only employee who should have access to the insured’s health data is the care manager. The care manager has the responsibility to keep the device data in a secured location such as a password-protected data file.


The final step that a regulator may consider pertains to the review of how an insurer is utilizing the data captured by health telematics. It is important to note that the insurer should specify how such data is utilized within their privacy notice that is provided on a periodic basis to all consumers. Also, upon subscribing to a health insurers health telematics program, the consumer should be provided with a data use authorization form that includes detailed disclosure(s) regarding how PHI, such as health telematics data, is utilized within and outside of the insurer including the sharing or selling of the data.  Finally, the consumer must authorize the insurer’s use and sharing of their PHI. In general, health insurers tend to share PHI with a pharmacy, nutrition company or gym for marketing purposes. Again, the consumer must authorize the sharing of their PHI.


Most states do not have laws that directly pertain to health telematics. However, state-specific privacy laws address PHI which includes health telematics data. As such, while conducting a market conduct examination, a regulator may cite such laws if concerns are noted while conducting the three review steps noted above. Although the NAIC Market Regulation Handbook (the “Handbook”) does not include any standards and associated reviews that pertain to telematics, health telematics-related reviews can be conducted while conducting privacy-related reviews as specified in Chapter 20, General Exam Standards in the Operations/Management section of the Handbook. Health telematics has become increasingly popular over the last few years and many of the larger insurers are offering some type of health telematics program. Therefore, the need for regulators to include a review of telematics while conducting a health market conduct examination will ensure that insurers are protecting, utilizing and sharing such data in accordance with state requirements.



 

Marc, a Director with Risk & Regulatory Consulting, LLC (RRC), has over 31 years of insurance industry experience. Marc has participated on a number of market regulation consulting projects for all lines of insurance including, but not limited to life & annuity including suitability, property & casualty, title, health, and ACA including mental health parity. He manages a team related to comprehensive, targeted, and risk-focused market conduct examinations, compliance, market analysis, quality assurance, policies and procedures, and operational reviews. Marc is also a frequent speaker at venues such as the Insurance Regulatory Examiners Society (IRES) Career Development Seminar (CDS) and regularly provides training to numerous state insurance departments each year on market conduct hot topics and other various areas.

16 views0 comments

Recent Posts

See All

Comments


bottom of page