Can Aetna and Apple Attain Escape Velocity?

Aetna (now “a CVS Health business”) and Apple announced the coming release of their iPhone and Apple Watch “Attain” app at a launch event in Boston yesterday, with some firepower from both companies on hand — and Apple COO Jeff Williams beamed in from the mothership. (It was a cold day and nobody present wanted to think about going outside to exercise.) The idea here is that it’s going to be different this time, really, because the app will deliver nudges and rewards that are truly tailored to the individual – personalized, simple, relevant and value-driven. As the app learns more about each user’s health history, habits and needs, its recommendations and nudges — daily calorie goals, “time for a walk (or bike ride),” etc. — will get more highly personalized. They will also include things like: “time for that flu shot, and by the way you’re around the corner from a CVS Health store with a Minute Clinic where you can get one” or “here are all the labs within a mile of your office where you can get those labs your doctor ordered drawn at lunch – and here’s your net out of pocket cost at each location.” Rewards can include paying off that new Apple Watch (or CVS gift cards, or other premiums), if goals are met.

As the conventional wisdom goes, most of us lose interest in activity trackers and health apps after a few months, so the challenge Apple and Aetna are trying to meet is keeping us interested, and keeping us interested in doing and tracking meaningful things that can have a positive effect on health. That helps Aetna members — and, of course, that helps Aetna’s bottom line, assuming the value of the health improvements of members exceeds the development and operating costs of the program. There is some research linking incentives to sustained increases in physical activity. (See, e.g., the RAND study commissioned by Vitality, Apple and Aetna’s active rewards partner.)

How does this magic happen? Well, through the application of Apple’s healthcare and artificial intelligence knowhow, applied to the PHI shared from Aetna with the member’s authorization. Both companies emphasize that sharing and use of personal health data will be on an opt-in basis only, will be super-secure, and will not be used for any purpose other than the Attain program. Aetna, of course, has a vast store of member PHI, and adds to it constantly. Apple, of course, famously insists that user data (including health data) belongs to the user and that Apple won’t (and, indeed, can’t) peek. To date, that has been the case with respect to encrypted data on user devices, but this partnership creates a new sort of situation: Apple has to ingest user data from Aetna in order to work its magic and deliver the personalized nudges and incentives through the Attain app. Therefore, for the first time that I am aware of, Apple has created a subsidiary for the purpose of ingesting the data, and that subsidiary has entered into a business associate agreement with Aetna/CVS Health.

(By the way, that subsidiary is called Ollopa LLC – Apollo spelled backwards. What is Cupertino trying to tell us? Is this project a moonshot? A backwards moonshot? What does that even mean? This reminds me of the sugar pills available over the counter to cure all ills under the brand name “Obecalp.” But I digress.)

Let’s dive a little deeper in to the privacy and security frameworks that will apply to the Attain application and the member/user data it uses.

Apple’s general privacy principles, as they apply to health data, continue to apply here (data minimization, user control, transparency and consent and security). Bud Tribble, Apple’s VP for software design, presented these principles at the launch event:

He also laid out how they would be applied in the context of the Attain app, stressing users’ voluntary participation, limitations on data use, data security, and de-identification (each record tagged with a random ID code) that would make it impossible for Apple to identify which health data belongs to which Aetna member:

(Of course, if it were impossible, then it seems to me that Apple – or Ollopa – wouldn’t have to sign a BAA. In other contexts, this sort of tagging with a random code is often referred to as anonymization, rather than de-identification. Why? Because the remaining bits of information — which can’t be entirely scrubbed if the data is to be useful at all — may, when pieced together and possibly combined with some other publicly available information, identify an individual.)

I take Apple and Aetna at their word — they intend to respect user/member privacy when it comes to health data, and they do not intend to use the data shared by members/users for anything other than personalizing the Attain app experience and to support and analyze the Attain product efficacy. Apple seems to be breaking new ground in the way it uses health data, and this may be a hint of the shape of things to come from Apple as it delves more deeply into the healthcare vertical. Protecting health data privacy will be a growing challenge as the type and volume of data used, and the manner of use, evolves over time.

CVS Health’s Chief Security Officer, Jim Routh, gave a brief presentation on how Aetna has been working on moving beyond the password and using continuous authentication technology. He offered a fascinating glimpse of the 30 to 60 “benign attributes” his team uses to authenticate users. One example he offered was: how you hold your phone when you use your favorite app. He also noted that the risk engine doesn’t store that information; it just uses it as part of an algorithm.

These security features will be rolled out to the couple hundred thousand Aetna members in the first wave of Attain users this spring, but they are already in production for apps already used by over 4 million Aetna members.

Once Attain is on firm footing on the iOS platform, plans are in the works to roll it out on Android as well.

It remains to be seen whether this new twist on personal health devices and applications can nudge enough people significantly enough to move the needle on health status, cost and satisfaction, and do it in a sustained and cost-effective fashion. The approaches being taken include some new ingredients, so there is great promise — and this experiment bears watching. As John Halamka noted at the launch event, given the silver tsunami and the smaller generations coming up behind, it is imperative that we develop effective and efficient tools for managing health that can work well with fewer financial and human resources.

And, finally, I am always encouraged to see folks taking privacy and security seriously.

David Harlow
The Harlow Group LLC
Health Care Law and Consulting