What is a health data broker?

A health data broker is a company that collects, aggregates, and sells personal health information — typically without a direct relationship with the people whose data it holds. Data brokers sit in the background of the health information ecosystem, largely invisible to the people they profile.

Health data is among the most commercially valuable categories of personal information. It predicts purchasing behaviour, insurance risk, employment suitability, and much more. The market for health data is worth billions of dollars annually.

Where they get the data

Health data brokers source information from multiple channels:

• Health and wellness apps — many apps share data with advertising partners and data brokers, either explicitly in their terms of service or through SDKs embedded in the app that collect data independently.
• Loyalty card and purchase data — pharmacy purchases, grocery shopping with a loyalty card, and online health product purchases all generate inferential health data.
• Wearables — fitness trackers and smartwatches often share data with third parties.
• Public records and aggregation — prescription data, insurance claims data (in some jurisdictions), and publicly available medical records.
• Social media — public posts and inferred characteristics from engagement patterns.

What happens to the data

Compiled health profiles are sold to insurers, employers, pharmaceutical companies, advertisers, and other data brokers. Insurers in markets without strong regulatory protection have used health data to price policies or deny coverage. Employers have used it in hiring decisions. Advertisers use it to target people at moments of health vulnerability.

The data is often described as "anonymised," but health data is notoriously difficult to truly anonymise. Research has repeatedly shown that health datasets can be re-identified with relatively few additional data points.

What you can do

Complete avoidance of data collection is difficult in modern life. But health tracking specifically is an area where the privacy architecture of the tool you choose makes a real difference. An app that requires an account and syncs to the cloud is, almost by definition, a data source. An app that stores data locally — with no account, no server, no transmission — has nothing to sell.