To most Americans, the name MarketScan means nothing. But most Americans mean everything to MarketScan.

As a repository of sensitive patient information, the company’s databases churn silently behind the scenes of their medical care, scooping up their most guarded secrets: the diseases they have, the drugs they’re taking, the places their bodies are broken that they haven’t told anyone but their doctor. The family of databases that make up MarketScan now include the records of a stunning 270 million Americans, or 82% of the population.

The vast reach of MarketScan, and its immense value, is unmistakable. Last month, a private equity firm announced that it would pay $1 billion to buy the databases from IBM. It was by far the most valuable asset left for IBM as the technology behemoth cast off its foundering Watson Health business.

advertisement

The financial trajectory of MarketScan was perhaps unimaginable in 1981, when a former insurance executive named Ernie Ludy founded the company. His idea was to simply collect patients’ data and parcel it out to big companies that were seeking to control costs by getting a more granular view of their employees’ health care use. The biggest companies were looking for savings from the data, not new ways to make money.

“Because we had a 360-degree view of our patients, you could absolutely sell it and get a view that Amazon or Google might love,” Ludy told STAT in a rare interview. “The industry wasn’t developed like that initially. I thought we were in sacred territory when we had this kind of data. ”

advertisement

Today, a multibillion-dollar marketplace has formed around anonymized health information bought and sold without patients’ knowledge or explicit consent. No longer just for big companies, patient data have become far more valuable as they are fed into an exploding array of software and artificial intelligence tools whose financial returns enrich technology entrepreneurs and their investors, not patients whose medical problems are their secret ingredients.

Surveying the industry, Ludy is disturbed by what he sees.

As one of the first to understand the power of aggregated health data, his optimism for disruptive change is now colliding with discomfort over the way consumers are losing control over their own information and the ability to benefit — and not be harmed — by its use.

Since he founded MarketScan, sources and uses of data have changed dramatically. Google, Facebook and Twitter were formed, creating impossibly deep wells of ancillary demographic and health information from internet searches, geolocation tracking, and unguarded social media posts. Medical data mining companies have made a business of scraping the details of consumers’ daily lives into medical dossiers that, if combined with MarketScan’s de-identified information, could be used to re-identify the individuals within its databases.

“I don’t believe there’s nearly enough governance around how people can use personal information, whether it’s health care (data) or not,” Ludy said in the interview. He added that consumers are not only owed better transparency and disclosure, but a portion of the wealth — through royalties or another vehicle — that is generated from their data.

“That would mean some of the exponential value that technology companies are gaining by using this derivative information gets shared,” Ludy said.  “Without data, there is no AI. Without data, there is no machine learning.”

MarketScan, which has been sold four times now, may not be the only national database of sensitive patient information, but it is especially large and influential. And as a forerunner, its evolution and growth through multiple owners traces the arc of how Americans’ health data became an open secret in an industry that now treats their information as its hottest commodity.

When Ludy launched his company, he set forth a mission to build “the most trusted name in health care information,” a goal he enforced through layers of encryption, security protocols, and audits. But 40 years later, the walls he carefully constructed around the information are buckling under the weight of a new economic model.

“To me, the whole idea of an autonomous economy and autonomous society is much larger than health care, but health care data falls into that realm,” Ludy said. “I just don’t believe that anywhere there are the appropriate controls.”

MarketScan was never an attempt to build a dossier on patients that could be directly sold for profit. As a former executive at Blue Cross Blue Shield in western Pennsylvania, Ludy had a singular goal: disrupt an insurance industry whose ever-rising fees and premiums were exacting a tremendous financial toll on individuals, employers and the broader economy.

He started by reaching out to the biggest corporations. If they would agree to give him data on their employees’ paid medical claims, he would return to them an analysis of their cost drivers, benefit designs, and manageable risks that would give them leverage in negotiations with insurers. Armed with better information, the corporations could begin to slow the rise of their health costs for themselves and their employees.

His company, initially named Medstat, became the first example in health care of a now pervasive model known as software as a service — and its launch in 1981 opened a portal into highly sensitive medical data that had never before existed.

Ludy vividly remembers the core-rattling excitement of landing his first client. After years of developing its analytics capabilities, in early 1984, he signed a contract with Chevron. The massive energy company was the first in the nation to become self-insured under the federal employee benefit law known as ERISA, and its director of benefits needed help managing his risks and losses.

“Chevron was the door opener,” he said. “It was approved by the benefits committee of the board. That was an incredible day. It was a huge contract.”

Each deal, he said, ranged between $250,000 and $2 million a year, and many more followed. Ford and Hewlett Packard signed contracts, so did Federal Express, UPS, and Walmart. By far the biggest was General Electric, which became the company’s 17th client and was bigger than the first 16 combined. “They were so large we had to shut down sales for six months,” Ludy said. “GE proved we could do it at scale.”

From there, Medstat inked deals with Medicare, several state Medicaid plans, hundreds of hospitals, and two dozen commercial insurers all clamoring for the company’s insights. By late 1994, 1,400 clients were supplying Ludy’s company with data on patients’ medical encounters and costs. The company could see one of every two hospitalizations in the United States and had compiled several years of data on tens of millions of patients.

Not a single one of those patients had directly consented to their data being shared with Medstat.

Instead, their employers, insurers, and the hospitals that cared for them offered that consent, based on forms signed when employees were hired, received care, or changed their benefits. If an organization’s intent for sharing the information did not align perfectly with the wishes of a customer or employee, there was no way to get it back, opt out, or sue for some perceived loss of value.

“There are very few protections for individuals for health data that are de-identified,” said Kayte Spector-Bagdady, a lawyer and bioethics professor at the University of Michigan. The de-identification of the data means it is no longer protected under HIPAA or other federal regulations surrounding the use of health information.

Those rules apply only to the health entities that initially collected the data, not the commercial companies that compile and re-deploy it in search of profit. That hands-off approach means technology companies that in recent years have amassed the largest stockpiles of highly sensitive health data, such as IBM, Google and data aggregators such as Verana Health, Datavant, and IQVIA, face the fewest restrictions on its use.

“It’s reached the point where it’s much easier for researchers at academic medical centers or who are federally funded to just go buy your data from the private entities of the world.”

Kayte Spector-Bagdady, lawyer and bioethicist

“The federal government has allowed commercial and industry entities to run amok without almost any regulation whatsoever,” Spector-Bagdady said. “It’s reached the point where it’s much easier for researchers at academic medical centers or who are federally funded to just go buy their data from the private entities of the world.”

The implications of the data trade, and its privacy risks, become even harder to understand as ownership of patient information changes over time. MarketScan has been sold several times during its history — first from Medstat to Thomson Corp., which later combined with the media company Reuters, and then to a New York-based private equity firm named Veritas Capital. In June 2012, Veritas re-branded the company as Truven Health Analytics, and its executives promised to make the databases even bigger and more broadly sourced.

By 2015, thanks to its steady expansion by different owners, MarketScan held detailed medical data on more than 200 million patients nationwide from more than 8,000 clients. Its impressive size and scope made it an ideal target for technology companies with grand designs to disrupt the nation’s $3.5 trillion health care industry.

Chief among them was IBM.

IBM’s acquisition of Truven for $2.6 billion in early 2016 opened a new chapter in MarketScan’s history. The deal was based almost entirely on the potential to combine its sprawling databases with the power of IBM’s Watson artificial intelligence engine to “change the face of health care.”

“This is going to be a goldmine of insights,” John Kelly, a senior vice president of cognitive solutions and research at IBM, told Forbes after announcing the deal.

His description underscored what MarketScan had become — a commodity to be traded among companies looking to monetize its sensitive medical data. IBM wanted to merge its contents with datasets of medical images and patient records obtained through other acquisitions. Watson, IBM promised, would use that data to give pharmaceutical companies a new way to discover drugs and help hospitals cut unnecessary costs while targeting patients in need of more care.

IBM saw it as a $200 billion market opportunity. By then, it had already formed partnerships with an array of other businesses that bought into the idea, including CVS Health, Johnson & Johnson, and the device maker Medtronic.

The level of interest generated tremendous buzz and positive headlines for IBM. But where some saw a chance to harness the power of big data, others saw encroachment by IBM and other data aggregators on the confidentiality of conversations between doctors and patients. The company’s possession of such detailed information on patients, whether de-identified or not, meant that it was being used for something far different than the reason it was originally disclosed.

“As a patient you may have confided in me secrets you may not have even told your spouse or your best friends because you’ve held on to it for so long, but the moment I document it in the medical record, I can’t tell you who’s going to be able to see that anymore,”  said Harlan Krumholz,  a cardiologist and director of the Center for Outcomes Research and Evaluation at Yale University.

“Monetizing my own sensitive health data in ways that may not be consonant with my preferences should be out of bounds,” he added. “It’s a business model gone awry.”

IBM’s efforts to use the repository to transform broad swaths of the health care system ultimately fizzled. The company struggled to create the cloud storage and computing infrastructure needed to combine all the data so it could be analyzed by its AI and analytics machinery.

As its business foundered, IBM ceded its first-mover advantage to an expanding ecosystem of digital health companies with novel strategies to link data and derive insights that could accomplish the kind of disruption IBM envisioned. Between 2014 and 2021, when IBM put its Watson Health division up for sale, the firms operating in that sector collectively raised more than $80 billion to bankroll their ambitions, according to Rock Health, a venture capital firm that tracks investments in digital health businesses. About one-third of that money was raised in the last year alone, including investments by the private equity firm that will soon own MarketScan.

Francisco Partners had previously purchased stakes in the telemedicine and drug coupon company GoodRx, the virtual appointment booking company ZocDoc, and Edifecs, a company that builds software to enable a more seamless exchange of data. The firm declined to comment on the acquisition or its plans for the MarketScan database.

To some, no matter how the firm decides to use the data, the deal is a disquieting reminder of the lack of controls over highly sensitive health information. But to Ludy, who agrees with those concerns, it dredged up a more complicated set of emotions. He now works as an executive partner for Ardan Equity Capital, a Florida-based private equity firm that also invests in the digital health sector. He said he has empathy for employees and managers of the company who have gone through so many destabilizing transitions. On another level, though, the sale was a reminder of what he had accomplished.

“It’s a remarkable (testament) to the sustainable asset value of MarketScan over its 40-year life cycle,” he said. “When you create something that lasts 40 years it makes you feel good.”

Ludy said he now expects MarketScan to become part of a broader effort to develop software that can generate faster and more meaningful insights from health data — and make medical services more targeted, effective, and valuable.

“That’s the opportunity — driving these new business models for capturing the digital dividend of automating so many of the transactions,” he said. “We’re accustomed to seeing this in other industries. It just hasn’t happened in health care.”

Kate Sheridan contributed reporting.