Skip to main content

Big Data and Privacy Stay in the Headlines as Stakeholders Up the Ante on COVID Mandates

Analysis  |  By Laura Beerman  
   September 13, 2021

"Some of the findings may sound crazy, but in 2021, it's not far from reality in the insurance industry," says one insurtech source.

As we navigate year two of the coronavirus, privacy in the time of COVID-19 continues to shine a light on the permanence and proliferation of personal data and preferences regarding it. Some of the statistics, including those from a recent Breeze survey, may surprise you but the implications likely won't—nor the seriousness given that the first major company in the U.S. has announced it will raise individual premiums based on employee vaccination status data.

Employers and payers alike are increasingly using big data and from a variety of sources to design predictive analytics and assess insured risk. Breeze is one of those companies, an insurtech startup that offers health coverage related to disability, critical illness, and other wraparound benefits. In its August 2021 survey of 1,000 U.S. adults, 56% overall replied that insurance companies should not be allowed to price policies based on big data. Notably, that figure jumped to 83% for those 55 and older. Following this first question, however, the results changed radically when payer use of that data impacted consumer pocketbooks. In exchange for more affordable premiums:

  • 55% would wear a health-plan-mandated biometric tracker (e.g., Fitbit)
  • 51% would be comfortable with payer prescription drug use monitoring
  • 42% would also agree to a health plan tracking their consumer activity and purchases

"The story here is not only the groundbreaking technology that's changing the industry, but also the privacy concerns and public sentiment on big data in insurance," says Breeze's Director of Communications Mike Brown.

Other noteworthy results included consumer response on insurance companies analyzing their DNA, installing home cameras to monitor daily habits, and tracking online/social media activity. These were at far lower approval rates, however.

Noting that in the past seven to 10 years, Big Data has altered insurance underwriting forever, Breeze CEO Colin Nabity adds, "Insurtechs are trying to figure out how do we get more creative with all of this data that has not been traditionally used. The more data available from more sources, the greater the predictive analytics and the better the opportunity to assess risk and drive down costs."

As the survey results indicate, incentives help. But for health plan members, do carrots or sticks work best? And how are stakeholders proceeding? We know the answer when it comes to Delta Airlines. Following the FDA's full approval of the Pfizer vaccine, the company announced in late August that "unvaccinated employees enrolled in Delta's account-based healthcare plan will be subject to a $200 monthly surcharge." Delta is self-insured with UnitedHealthcare acting as its third-party administrator. The airline declined a HealthLeaders interview request regarding the legal and compliance complexities of their decision-making process but did indicate that more than 60,000 employees (75% of their workforce) have been vaccinated.

As to the decision, one health law expert speculates that Delta will levy the surcharge as part of a wellness program, allowable under the Health Insurance Portability and Accountability Act (HIPAA) and that will not change under now-frozen wellness program rules. This perspective comes from Lindsay Wiley with the American University Washington College of Law. Wiley notes that a HIPAA exception "allows group health plans (employment-based plans) to establish premium discounts or rebates or modify copayments or deductibles as an incentive for employees who adhere to 'programs of health promotion and disease prevention'— better known as 'wellness programs' ".

This is an effective strategy for employers and payers alike as more consider vaccine mandates tied to financial consequences and data monitoring. Another August 2021 survey, this one from Willis Towers Watson, finds that 59% of the responding 961 employers track employee vaccination status with 19% more planning to do so. Seventeen percent offer vaccine incentives and 14% are planning or considering to do so. Another 18% are considering incentives, penalties, or both—with only 2% of respondents currently imposing surcharges.

These results come as requiring vaccination status is cited, incorrectly, as a HIPAA violation. While the HIPAA Privacy Rule may see a change in 2021, the proposed changes did not pertain to COVID-19. The U.S. Department of Health and Human Services Office of Civil Rights (OCR) has issued the most recent federal COVID guidance on topics ranging from online vaccine scheduling to PHI public health disclosures tied to health information exchanges.

In addition, President Biden signed an executive order requiring that all federal employee and government contracts get the COVID-19 vaccine. The Administration also announced its six-point plan for containing coronavirus spread, including in schools and at work.

Slow or fast, Big Data keeps up as the Delta variant continues to surge and payers, employers, and other stakeholders seek tools that balance privacy and legality, economic concerns, and public safety.

Laura Beerman is a contributing writer for HealthLeaders.


A surprising number of consumers would agree to significant personal data tracking in exchange for lower premiums.

These statistics coincide with growing COVID-related privacy concerns and mandates tied to financial carrots and sticks.

Careful due diligence by employers with their compliance, legal, and payer partners will be crucial.

Get the latest on healthcare leadership in your inbox.