Data Brokers
Your Health Insurance Company Knows What You Bought At The Grocery Store.
You probably assume your health insurance company knows about your medical history.
Your claims. Your prescriptions. Your diagnoses.
That is the part you signed up for.
What most people do not know is what else they know.
Your race. Your education level. What you watch on TV. Your marital status. Your net worth. What you order online. Whether you are behind on your bills. What you post on social media.
And yes. What you buy at the grocery store.
All of it being fed into algorithms that predict how much your healthcare could cost them.
And in some cases, being used to decide what you pay.
How This Actually Works
In 2018 ProPublica published an investigation that should have made far more headlines than it did.
The piece revealed that the health insurance industry had quietly partnered with data brokers to build detailed profiles on hundreds of millions of Americans. Not profiles built from medical records. Profiles built from consumer behavior data.
LexisNexis, one of the largest data brokers in the world, confirmed it uses 442 non-medical personal attributes to predict a person's medical costs. Its database contains over 78 billion records pulled from over 10,000 public and proprietary sources. Criminal records. Property records. Bankruptcy filings. Neighborhood safety scores. Cell phone numbers.
All of it assembled into a health risk score attached to your name.
Here is where it gets specific.
If you are a woman who recently changed your name, the algorithm flags you as potentially newly married. That means a possible pregnancy. Pregnancies are expensive. Your risk score goes up.
If you purchased plus-size clothing, the system considers you at risk of depression. Mental health care is expensive. Your risk score goes up.
If you are low income and a minority, the data brokers categorize you as more likely to live in a dangerous neighborhood. Higher health risks. Your risk score goes up.
If your parents did not finish high school, the algorithm factors that in. People whose parents did not finish high school tend to have higher healthcare costs. Your risk score goes up.
If you recently downsized your home, the system notes it. People who downsize tend to have higher healthcare costs. Your risk score goes up.
None of these are medical facts about you. None of them involve a doctor, a diagnosis, or a lab result. They are inferences drawn from consumer behavior data purchased from data brokers and fed into a predictive model.
And as one data broker salesman told a ProPublica reporter during the investigation, the potential for error is real.
"God forbid you live on the wrong street these days," he said. "You're going to get lumped in with a lot of bad things."
The Companies Doing It
LexisNexis is not alone.
Multiple major data analytics companies have built entire business lines around selling health risk scores to insurers. One company analyzed the investment types and kinds of cars that people own as inputs to predict health costs. Another built models using a combination of neighborhood safety data, income estimates, and purchasing patterns to rank patients by expected cost.
When asked directly whether the scores could be used to set insurance prices, executives at LexisNexis initially cited three federal laws they claimed prevented it. Privacy experts examined those laws and said none of them actually applied. LexisNexis backed off the claim when the reporter pointed this out.
In other words, there is no law clearly preventing your grocery store purchases from influencing what you pay for health insurance.
The ACLU reviewed the practice and noted that the Affordable Care Act prohibits insurers from discriminating based on pre-existing conditions or gender. But it says nothing about race, religion, national origin, or any of the hundreds of other attributes that data brokers track and sell.
Data scientist Cathy O'Neil, author of the book Weapons of Math Destruction, put it plainly. Drawing health risk conclusions from purchasing data and neighborhood statistics could lead directly to discrimination against the poor. It could result in poor people being charged more, making it harder for them to get the care they need. And it could even influence whether employers decide to hire someone whose data suggests they might rack up high medical costs in the future.
The AI Denial Machine
The data broker story is only one layer of what the health insurance industry has built using data and algorithms.
The second layer is arguably more direct and more devastating.
In 2023 a class action lawsuit was filed against UnitedHealthcare, the largest health insurer in the United States, and its subsidiary NaviHealth. The lawsuit alleged that UnitedHealthcare had deployed an artificial intelligence algorithm called nH Predict to deny coverage to elderly Medicare Advantage patients.
Not to assist doctors in making decisions. To override them.
The lawsuit alleged that UnitedHealthcare employees were directed not to stray from the algorithm's outputs, even when the patient's own physician had determined that continued care was medically necessary. Patients who had suffered serious injuries or illnesses were being cut off from rehabilitation facilities and skilled nursing care based on what a computer model predicted their recovery timeline should look like.
When federal administrative law judges heard appeals on these denials, roughly 90% were reversed. Meaning the algorithm was wrong nine times out of ten when patients actually pushed back.
But only a tiny fraction of patients ever appeal. The lawsuit noted that UnitedHealthcare was aware of this. Internal documents showed the company knew that only about 0.2% of policyholders would appeal denied claims. The algorithm did not need to be accurate. It just needed to deny enough claims that the savings from the patients who did not appeal would outweigh the losses from the ones who did.
A U.S. Senate Permanent Subcommittee investigation found that UnitedHealthcare's denial rate for post-acute care jumped from 10.9% in 2020 to 22.7% in 2022, the first full year after the NaviHealth algorithm was fully deployed. Denial rates for skilled nursing facilities specifically increased nine times over the same period.
UnitedHealthcare was not alone. Cigna was sued for allegedly using an algorithm called PXDX that allowed its doctors to deny claims in batches of hundreds or thousands at a time. Humana faced similar accusations. The practice was not limited to one company. It was an industry strategy.
A federal judge allowed the breach of contract and good faith claims against UnitedHealthcare to proceed in February 2025. The case is ongoing.
What Your Smartphone Has To Do With It
The data that feeds these systems does not come from nowhere.
It starts with your behavior. Your purchases. Your location. Your search history. Your social media activity. Your loyalty card swipes at the grocery store.
Every digital interaction you have generates data points that flow through a vast commercial pipeline. Data brokers sit in the middle of that pipeline, collecting, aggregating, and selling profiles to whoever is willing to pay.
Health insurance companies are paying.
And the single biggest generator of behavioral data in your life is the smartphone in your pocket.
Your location history tells them where you shop, which doctors you visit, which neighborhoods you frequent, and what your daily routine looks like. Your search history tells them what health concerns you have been researching. Your app usage tells them about your fitness habits, your diet, your sleep patterns, and your stress levels. Your purchase history tied to your Google account tells them what you eat, what you drink, and what size clothing you buy.
All of that is getting packaged and sold. And some portion of it is ending up in a health risk score that an algorithm is using to make decisions about your coverage before you ever get sick.
What You Can Do About It
The most direct step is reducing the data you generate in the first place.
Stop using grocery loyalty cards if you can. Pay with cash for purchases you would rather keep private. Be deliberate about which apps have access to your location. Audit your Google account and consider turning off location history entirely.
And look seriously at what operating system your smartphone runs.
Most Android smartphones run Google's software, which means Google is collecting your location, your searches, your purchases, and your app usage by default. That data feeds the commercial ecosystem that data brokers tap into. Your grocery run last Tuesday. The doctor's office you searched for last month. The medication you looked up last week. All of it logged and potentially available to anyone willing to buy access.
The Ghostphone runs GrapheneOS. No Google services running in the background. No location history being built and stored on Google's servers. Apps sandboxed so they cannot share data with each other or with external brokers.
The health risk score that an algorithm builds about you depends on data that exists about you.
On a Ghostphone, most of that data simply does not get generated.
That is not a feature. That is the point.
The Ghost Phone
No Google data collection. No behavioral profile. No health risk score built from your grocery receipts.
Ed Warren is a Digital Privacy Consultant with over 15 years of experience in the surveillance and data security industry.
