Using a fitness tracker like a Fitbit could help you access cheaper deals through your health insurer.

But Australian privacy laws are so weak that your data could end up somewhere you don’t want it to go.

“While the health department isn’t going to be giving away all your health data, there are ways in which private insurers are potentially getting information,” said former physiologist David Glance, a digital security lecturer at the University of Western Australia.

That is because private insurers will sometimes share responsibility for the care you are given in a public hospital.

“In WA, if you go into a public hospital they will try to get you to put some of that care onto your private insurance [if you have it],” Dr Glance said.

That is attractive to the hospitals as they can effectively double dip funding: They receive a payment for you as a public patient and another payment from the private insurer.

“And then, of course, the insurers have the data about your hospitalisation,” Dr Glance said.

Internationally, that sort of information has been used to determine health insurance premiums and access to coverage.

But that is not happening in Australia.

“Australian private health is run on a community ratings system so individuals are not risk-rated,” a spokeswoman for Private Health Australia said.

That means health insurance is run as a pool with everyone paying the same premiums for similar cover.

As a result, young and healthy Australians tend to subsidise their older and sicker counterparts.

Personalised data

Private insurers are nonetheless starting to use personalised digital data from wearable devices and fitness trackers.

Health insurer AIA, for example, runs a scheme called Vitality that rewards members with discounts on insurance, shopping vouchers and cheaper flights for making healthy lifestyle choices.

Insurers like AIA are legally barred from sharing this information with other companies.

But Dr Glance said the danger in Australia is “we have no privacy laws to speak of” and the penalties for breaking them are too weak to serve as deterrents.

“We are talking about slaps on the wrist for most organisations if they abuse health data,” Dr Glance said.

For example, in 2020, online GP booking group HealthEngine was fined $2.9 million for sharing personal details of more than 135,000 patients to third-party health insurance brokers.

It was paid $1.8 million for the information which, although non-clinical, did detail why patients were seeking treatment.

In a globalised world, there is also no guarantee that national rules will protect individuals’ health data.

“In the US, [DNA analytics company] 23andMe have been selling their genetic profile data for profit to pharmaceutical companies,” Dr Glance said.

Although the data is said to be used to develop new drugs, “it’s being sold, [and] you have very little say in that and it could be leaked”.

Julie Cheeseman and Sophie Dawson, partners with lawyers Bird&Bird, said Australia’s health privacy laws may soon change.

“Privacy law reform is under way and could significantly affect the position, including by specifically requiring that consent be current, specific and voluntary, and by lifting the bar in relation to notice and other requirements,” they said.

“That law reform process is currently on hold until the federal election is held, and is likely to play out over the next couple of years.”

Personal benefits

The main benefit of wearing such devices is that they will likely encourage you to keep fit and healthy.

That not only has the obvious upside of improving the quality of your life but also keeps a lid on your insurance premiums.

So people working out whether to buy a fitness tracker will have to weigh up these benefits against the potential downside of their data being illegally shared by insurers.

And it’s also worth nothing that your digital health data can help you access better insurance deals.

“Some insurance companies use it as part of their life and wellbeing offer,” said Antoinette Mullins, principal of Steps Financial.

Such insurers cut premiums if customers hit certain health and lifestyle goals, such as daily step counts or hours slept.

“Clients had to opt in and then agree to share the digital data with the insurer,” she said.

“Many were reluctant to do it, but I have a few clients who benefited from reduced premiums.”

The practice is not widespread, though. And some of the insurers that did offer the feature for a while have since withdrawn from the market.