Asking individuals to provide their health information on a health risk assessment (HRA) can cause a bit of tension. For many people, their health information is intensely personal and carefully guarded.
Those are understandable concerns. However, explaining to participants why they should complete their HRA can be one way to help quell any concerns your population may have. The data that is shared with health professionals can help inform life-saving interventions. For example, if an individual receives results that indicate they may be at risk for developing diabetes due to high sugar consumption, health wellness professionals can provide them with resources about diet modification that could help reduce their risk.
Still, participants may be hesitant. One of the most common questions HRA administrators get (especially when the HRA is being offered by an employer) is “How is health risk assessment data shared?” Here is a short description you can share with your population to help them feel informed and safe.
1) Aggregate/Population Level Data - This is data that does not identify a specific individual, it looks at the population as a whole. Organizations and providers use aggregate data to design programs that could help to improve the health of their general population, without getting down into the individual-level detail. Examples of this could include a workplace wellness initiative to provide healthy snacks in a lunchroom if an employer notices that a high percentage of their population doesn’t eat nutritious foods (without knowing who answered what in the general population).
2) Individual Level Data- This is data that specifically identifies an individual. What's important to know is that most most of the time, Protected Health Information (PHI) and Personally Identifiable Information (PII) are removed so an individual can't be identified. In very few cases, individual-level data will include PII/PHI, such as when shared with health professionals, but they have to follow strict guidelines regarding PII. In fact, individuals must request their PII be shared with a third party, such as a health counselor or physician, keeping them in charge of their own health data. Third-party administrators, such as insurance companies, are not allowed to share any personally identifiable information openly or with an employer.
There are some legal exceptions to this, such as if HRA results need to be shared with an employer in order to provide or justify reasonable accommodation requests. These exceptions, however, are limited. The data gathered and results are strictly prohibited from being shared with managers or supervisors.
Health Risk Assessment Privacy Protection
Make sure your population understands that there are a number of federal regulations put into place that protect them from discrimination based on their answers. These regulations include the Americans with Disabilities Act (ADA), the Genetic Information Nondiscrimination Act (GINA), and the Health Insurance Portability and Accountability Act (HIPAA). These regulations require entities that administer the HRA (such as physicians, wellness companies, and health plans) as well as the HRA vendors themselves (such as Wellsource) to keep all participant data private and secure while allowing this data to be shared in certain, specific ways.
Are you ready to learn more about the Wellsource Health Risk Assessment? Request a consultation today.