Inter­pel­la­ti­on Ben­da­han (19.4577): How is the risk of data trans­fer within an insurer monitored?

Sub­mit­ted text

Insu­r­ers have more and more means at their dis­po­sal to coll­ect data about their cus­to­mers. Tech­no­lo­gi­cal deve­lo­p­ments (such as the smart watch) now make it pos­si­ble, for exam­p­le, for insu­red per­sons to trans­mit health data and thus obtain a small reduc­tion in their insu­rance pre­mi­um. Pre­mi­ums can also be influen­ced by recor­ding and trans­mit­ting one’s own beha­vi­or (for exam­p­le, dri­ving beha­vi­or). Some insu­rance com­pa­nies also send their poli­cy­hol­ders health que­sti­on­n­aires. In doing so, the­re is a risk that the data coll­ec­ted will be pas­sed on within the com­pa­ny to ano­ther insu­rance com­pa­ny, or even to third par­ties, even though the com­pa­ny has indi­ca­ted that it will not pass on the information.

1. what mea­su­res are curr­ent­ly in place to ensu­re inter­nal and exter­nal Con­trol trans­mis­si­on of data by insu­r­ers?

2. can the Fede­ral Coun­cil gua­ran­tee that the­re will be no trans­fer of infor­ma­ti­on bet­ween the basic and sup­ple­men­ta­ry insu­ran­ces if the insu­red per­son has taken out both insu­rance poli­ci­es with the same company?

(3) Can the Fede­ral Coun­cil ensu­re that the data coll­ec­ted in the con­text of an insu­rance poli­cy are not for the decis­i­on to take out ano­ther insu­rance be used?

(4) Does the Fede­ral Coun­cil con­sider it com­pa­ti­ble with the law for health insu­r­ers to use data coll­ec­ted under the basic or sup­ple­men­ta­ry insu­rance as Basis of decis­i­on for the other insu­rance sin­ce one is not allo­wed to make a pro­fit and the other is?

State­ment of the Fede­ral Coun­cil dated 19.2.2020

1 In its regu­lar audits of insu­r­ers, the Fede­ral Office of Public Health (FOPH) checks whe­ther sen­si­ti­ve per­so­nal data (dia­gno­ses, detail­ed medi­cal reports) are stored in the pati­ent file and how access to this data is regu­la­ted. It also checks that medi­cal exami­ners only pass on to the respon­si­ble offices of the insu­r­ers the infor­ma­ti­on that is neces­sa­ry to deci­de on the obli­ga­ti­on to pay bene­fits, in par­ti­cu­lar in accordance with Artic­le 57 Para­graph 7 of the Fede­ral Health Insu­rance Act (KVG; SR 832.10).

2. The trans­fer of data bet­ween basic insu­rance and sup­ple­men­ta­ry insu­rance is only per­mit­ted with the con­sent of the insu­red per­son. In addi­ti­on, the Fede­ral Admi­ni­stra­ti­ve Court in its ruling of March 19, 2019 (A‑3548/2018) regar­ding the lega­li­ty of a data exch­an­ge bet­ween sup­ple­men­ta­ry insu­rance and basic insu­rance within the frame­work of a smart­phone app, ruled that the Coll­ec­tion of per­so­nal data by the sup­ple­men­ta­ry insurer from the KVG insurer not lawful is, sin­ce the insu­red per­son had not valid­ly con­sen­ted. The sup­ple­men­ta­ry insurer is to be regard­ed as a third par­ty within the mea­ning of Artic­le 84a (5) let­ter b KVG.

Sin­ce the­re is no strict sepa­ra­ti­on bet­ween basic insu­rance and sup­ple­men­ta­ry insu­rance, the Fede­ral Coun­cil can­not rule out the pos­si­bi­li­ty that data may be exch­an­ged bet­ween insu­r­ers wit­hout the con­sent of insu­red per­sons if the two clas­ses of insu­rance are within the same legal enti­ty or the same insu­rance group be ope­ra­ted. For this rea­son, in view of the high sen­si­ti­vi­ty of the health data, the Fede­ral Coun­cil con­siders it essen­ti­althat the insu­red per­son their express writ­ten con­sent in each indi­vi­du­al case for editing of their per­so­nal data must be given.

The Fede­ral Coun­cil has alre­a­dy com­men­ted on this issue in its respon­se of Novem­ber 27, 2019, and rejec­ted the moti­on 19.3960 “Legal Basis for the Dis­clo­sure of Data to Pri­va­te Health Insu­rance Insti­tu­ti­ons” pro­po­sed by the Natio­nal Council’s Sta­te Poli­cy Com­mit­tee. In addi­ti­on, in ful­fill­ment of the Heim postu­la­te (08.3493) a Report “Pro­tec­tion of pati­ent data and pro­tec­tion of insu­red per­sons” of Decem­ber 18, 2013. was crea­ted. This inven­to­ry enab­led it to exami­ne in detail how insu­r­ers ensu­re the pro­tec­tion of pati­ent data. The Fede­ral Coun­cil atta­ches gre­at importance to this topic and has the­r­e­fo­re under­ta­ken to draw up a new report, which is curr­ent­ly being pre­pared.

3. and 4. For the Fede­ral Coun­cil it is important that the Trans­mis­si­on of data bet­ween basic insu­rance and sup­ple­men­ta­ry insu­rance avo­ided which are natu­ral­ly different.

Artic­le 84 KVG sti­pu­la­tes that insu­r­ers may only pro­cess per­so­nal data to ful­fill the tasks assi­gned to them under the KVG. In addi­ti­on, pro­ce­s­sing must also com­ply with the prin­ci­ple of pro­por­tio­na­li­ty: Only per­so­nal data that is actual­ly neces­sa­ry to achie­ve the pur­po­se for which it was coll­ec­ted may be pro­ce­s­sed (Art. 4 Para. 2 of the Fede­ral Data Pro­tec­tion Act [FADP; SR 235.1]). Coll­ec­ting and pro­ce­s­sing data bey­ond this pur­po­se would not be in com­pli­ance with the law.

Howe­ver, wit­hout a strict sepa­ra­ti­on bet­ween basic insu­rance and sup­ple­men­ta­ry insu­rance, the Fede­ral Coun­cil can­not gua­ran­tee, based on the legal bases men­tio­ned abo­ve, that the data coll­ec­ted in the con­text of basic insu­rance will not be used by the sup­ple­men­ta­ry insurer to refu­se to con­clude a contract.