If you thought only you, your doctor, and your pharmacist know what prescriptions you take, you’re wrong.
IMS Health also knows, and it’s now taking its multibillion dollar company public.
The global health data-collection company, which started in 1954, has kept a fairly low profile while tracking and selling patient information over the past several decades. The data — which includes disease diagnoses, treatments, their costs, and whether or not the patient followed the treatment plan or filled the required prescriptions — is then sold to pharmaceutical and medical device companies, government agencies, and finance firms.
“We have one of the largest and most comprehensive collections of healthcare information in the world, spanning sales, prescription and promotional data, medical claims, electronic medical records and social media,” IMS explains in its January 2 IPO filing to the Security and Exchange Commission. The Connecticut-based company also boasts that it has nearly 90 percent of the world’s prescription sales data. Most of IMS’ business, 64 percent, comes from international markets such as China, India, Brazil, and Russia.
This type of mass data collection isn’t new. It started to gain popularity in the 1980s, CVS Caremark’s executive vice president, Per Lofberg, told Forbes. The practice initially sparked concerns over doctor, rather than patient, privacy. The information is telling of physicians’ prescribing habits, and particularly whether they favor a particular pharmaceutical company’s drug. Doctors can opt out of the tracking, but few know that’s an option or they’re even being tracked.
Once pharmaceutical companies know a doctor’s preference, sales representatives can make their move, persuading them with gifts, speaking contracts and other perks. Those perks, while legal, must be reported to the U.S. Department of Health and Human Services, according to federal law. In 2012, pharmaceutical companies spent more than $24 billion marketing to physicians, largely from targeted in-person sales pitches.
Even though patient identifiers aren’t included, privacy advocates worry that patient privacy is still at risk if IMS’ data is combined with other available information. IMS acknowledged advocates’ concerns for whether simply “de-identified, anonymous or pseudonomized health information are sufficient,” but offered no recourse. The company did say, however, data protection and privacy laws pose a significant business risk and would hinder its “current and future activities,” according to the SEC filing.
Andrew Kress, IMS’ senior VP, brushed aside privacy concerns in an interview with the New York Times back in May. “You can read a dark side to any of this, but the reality is that most manufacturers that IMS does research for are really trying to engage in a much more productive dialogue with the health care providers,” Kress said.