
Your medical data is being sold without your consent. "Our Bodies, Our Data" exposes the $67 billion industry trading patient records. Duke University's Dr. Washington calls it "vital" reading, revealing how pharmacies, insurers, and data brokers profit from your most intimate health secrets.
Adam Tanner, author of Our Bodies, Our Data: How Companies Make Billions Selling Our Medical Records, is a leading authority on data privacy and the commercialization of personal information.
A fellow at Harvard University’s Institute for Quantitative Social Science and former Reuters correspondent with postings in the Balkans, San Francisco, and Moscow, Tanner combines investigative rigor with a deep understanding of global data ecosystems.
His work, including the Washington Post-notable What Stays in Vegas: The World of Personal Data—Lifeblood of Big Business—and the End of Privacy as We Know It, exposes how industries profit from sensitive information while reshaping privacy debates. A frequent commentator on CNN, NPR, and BBC platforms, Tanner’s insights draw from decades of frontline reporting and academic research.
He was part of the Reuters team named a 2012 Pulitzer finalist for coverage of the Libyan revolution, underscoring his commitment to uncovering systemic truths. Our Bodies, Our Data continues his mission to illuminate the hidden trade-offs between innovation, profit, and individual rights in the digital age.
Our Bodies, Our Data exposes the multi-billion-dollar trade in anonymized medical records, prescriptions, and insurance claims sold by data brokers to pharmaceutical companies, insurers, and marketers. Adam Tanner investigates how this hidden industry prioritizes profit over patient privacy, highlighting risks of re-identification and the lack of comprehensive health records for actual care.
This book is essential for healthcare professionals, policymakers, privacy advocates, and anyone concerned about data ethics. It offers critical insights for patients seeking to understand how their medical information is commercialized without consent.
Yes—Tanner’s investigative rigor and clear storytelling make it a landmark work on medical privacy. It sheds light on systemic exploitation in healthcare data markets, offering a compelling case for regulatory reform.
Hospitals, pharmacies, and insurers sell anonymized records to data brokers like IMS Health (now IQVIA), which aggregate billions of patient profiles. These dossiers—stripped of names but retaining identifiers like birth year and doctor details—are monetized for drug marketing and research.
Advanced algorithms can cross-reference anonymized data with public records to reveal identities, exposing patients to discrimination, insurance denial, or employment issues. Tanner warns that purported “anonymization” often fails to protect privacy.
Tanner argues that while corporations profit from patient data, individuals struggle to access unified health records. This paradox undermines care quality while enabling unchecked commercial exploitation.
The book advocates for patient ownership of health data, transparency in data sales, and stricter regulations akin to European GDPR. Tanner emphasizes empowering individuals to control how their information is shared.
While What Stays in Vegas explores broader data commercialization, Our Bodies, Our Data focuses specifically on healthcare. Both reveal systemic privacy failures, but the latter highlights life-and-death implications of medical data misuse.
Some critics note the technical complexity of data anonymization topics, which may challenge casual readers. However, the book is widely praised for its rigor and urgency in addressing underreported privacy violations.
With AI accelerating data analysis, re-identification risks have grown since the book’s publication. Its warnings remain critical as healthcare AI and personalized medicine expand reliance on patient data.
Tanner details how brokers like IQVIA and Symphony Health operate as middlemen, compiling dossiers on 500+ million patients globally. These firms prioritize pharmaceutical marketing over scientific research, per internal industry documents.
The book critiques the tension between data’s potential for medical advancement and its misuse for profit. Tanner calls for ethical guidelines to ensure patient consent and equitable benefits from data use.
通过作者的声音感受这本书
将知识转化为引人入胜、富含实例的见解
快速捕捉核心观点,高效学习
以有趣互动的方式享受这本书
We do not share this kind of information externally.
Pretty much everyone...has some sort of supply arrangement.
Patients came to my pharmacy.
HIPAA's scope is also limited to 'covered entities'.
IMS has historically shunned public attention.
将《Our Bodies, Our Data》的核心观点拆解为易于理解的要点,了解创新团队如何创造、协作和成长。
通过生动的故事体验《Our Bodies, Our Data》,将创新经验转化为令人难忘且可应用的精彩时刻。
随时提问,选择你的学习方式,共创真正适合你的洞察。

"Instead of endless scrolling, I just hit play on BeFreed. It saves me so much time."
"I never knew where to start with nonfiction—BeFreed’s book lists turned into podcasts gave me a clear path."
"Perfect balance between learning and entertainment. Finished ‘Thinking, Fast and Slow’ on my commute this week."
"Crazy how much I learned while walking the dog. BeFreed = small habits → big gains."
"Reading used to feel like a chore. Now it’s just part of my lifestyle."
"Feels effortless compared to reading. I’ve finished 6 books this month already."
"BeFreed turned my guilty doomscrolling into something that feels productive and inspiring."
"BeFreed turned my commute into learning time. 20-min podcasts are perfect for finishing books I never had time for."
"BeFreed replaced my podcast queue. Imagine Spotify for books — that’s it. 🙌"
"It is great for me to learn something from the book without reading it."
"The themed book list podcasts help me connect ideas across authors—like a guided audio journey."
"Makes me feel smarter every time before going to work"

免费获取《Our Bodies, Our Data》摘要的 PDF 或 EPUB 版本。可打印或随时离线阅读。
Imagine visiting your doctor, sharing intimate details about your health, and walking out with a prescription. What you likely don't realize is that within seconds, your medical information begins a journey through a multi-billion dollar marketplace. While your name is removed, everything else-your conditions, medications, test results, and demographics-is packaged and sold repeatedly to companies you've never heard of. This hidden trade processes millions of health records daily, with firms like IMS Health (now IQVIA) maintaining dossiers on over 500 million patients worldwide. Pharmaceutical giants consider this data so valuable they pay tens of millions annually to access it. Meanwhile, you probably can't even access your complete medical records during an emergency. This paradox sits at the heart of our modern healthcare system-a world where your most intimate details have become valuable commodities traded without your knowledge or consent.
The digitization of pharmacies transformed them from medication dispensers into data collection points. It began in the late 1990s when local pharmacies computerized operations, though its roots trace to 1947 when student Ray Gosselin gathered prescription records-immediately attracting pharmaceutical industry interest. By the 1980s, pharmacy chains recognized the value in these data repositories. Data miners offered payments for prescription files with patient demographics and medication details, minus names. Today, pharmacy chains profit substantially from selling anonymized prescription data while remaining tight-lipped about the practice. As insurance coverage expanded, "clearinghouses" emerged to route claims between pharmacies and insurers while simultaneously harvesting valuable medical information. HIPAA, passed in 1996, protects identifiable health information but leaves anonymized data completely unregulated. The industry transformed when entrepreneurs monetized this digital information flow. Fritz Krieger pioneered this approach in 1998 through Cardinal Health's ScriptLINE service, capturing real-time pharmacy transactions. When approaching CVS, he discovered they already earned millions selling data. Cardinal's CEO suggested making pharmacies partners rather than mere data sources-a strategy that succeeded when major chains joined Krieger's ArcLight venture, expanding the profitable trade in patient data with minimal ethical consideration.
IMS Health, a secretive $2.9 billion company (as of 2015), collects anonymized medical records on hundreds of millions of unaware patients. Its founder, Ludwig Wolfgang Frohlich, fled Nazi Germany in 1935 and established a Madison Avenue medical advertising agency by 1943. Frohlich and colleague Arthur Sackler revolutionized pharmaceutical advertising during the post-war "miracle drugs" era. Despite industry competition, they maintained a covert alliance, meeting privately to divide business and share client information. Frohlich created Intercontinental Marketing Services (IMS) as a market research company that ingeniously had clients paying for research that would ultimately justify more advertising. IMS grew by gathering prescription data from doctors and pharmacies, initially offering small gifts before increasing payments to approximately $50 monthly for doctors and a penny per prescription for pharmacies. Paradoxically, while building an empire profiting from others' medical information, Frohlich vigilantly protected his own privacy - concealing both his Jewish heritage and homosexuality amid persistent American anti-Semitism.
By the early 1980s, data miners began ranking doctors by prescribing habits, allowing pharmaceutical companies to target high-prescribers and compensate sales reps accordingly. This transformed pharmaceutical marketing into a precision operation. Before computers, drug reps relied on pharmacists for information, but by 1988, companies were gathering prescriptions from thousands of pharmacies for about a penny each. IMS's Xponent service (1993) promised significant sales increases: "winning just one more prescription per week from each prescriber yields an annual gain of $52 million." This doctor-identified data became a powerful secret weapon. When Shahram Ahari joined Eli Lilly in 1998, these reports were "super-top-classified" - reps couldn't mention them to doctors. Unlike traditional research requiring consent, most people unknowingly contribute to commercial longitudinal data files. Data miners compile anonymized dossiers from insurance claims, prescriptions, electronic records, and lab tests, creating comprehensive profiles that advance research while raising privacy concerns. This commercial analysis gained momentum in the 1970s as companies sought to reduce healthcare costs. Medicare and Medicaid's creation in 1965 accelerated claims data computerization, creating vast information repositories. While some pioneers refused to sell patient information due to re-identification risks, others embraced the opportunity.
Despite industry claims about anonymization, re-identification is increasingly possible with advanced computing. Even insiders admit that with enough data, identifying individuals remains possible regardless of obfuscation techniques. Computer scientist Latanya Sweeney demonstrated this in 1997 by identifying Governor William Weld in "anonymized" insurance records using only birth date, ZIP code, and gender - three data points that could identify 87.1% of Americans. Our unique data patterns create digital fingerprints revealing identities. New York Times reporters re-identified a woman among 657,000 anonymized AOL users through search patterns, while Princeton researchers matched Netflix rental histories with IMDB reviews to identify users. Medical data is particularly vulnerable as specific combinations of age, location, and health characteristics make patients identifiable. With constant digital traces generated through phones, apps, searches, and purchases, re-identification becomes increasingly feasible. Meanwhile, data breaches directly expose millions of records - between 2009 and 2016, over 1,300 breaches exposed more than 170 million patient files, including Anthem's breach affecting 78.8 million people.
Major health insurers have established specialized data analysis companies: UnitedHealth's Optum, Anthem's HealthCore, and Blue Cross Blue Shield's Blue Health Intelligence, which holds data on 125 million people. Non-healthcare entities have also entered this space-IBM accesses over 300 million patient records, while LexisNexis maintains the largest medical claims database covering 250 million patients. This business model dates to 1981, when Ernie Ludy's MedStat Systems offered companies free analysis in exchange for permission to sell anonymized data to pharmaceutical companies-a venture so profitable he sold it for $339 million in 1994. Companies trading medical data typically avoid transparency about these practices. While Walmart's executive VP claimed, "We do not share this kind of information externally," CVS acknowledged, "Pretty much everyone in the business has some sort of supply arrangement for de-identified prescription data." When questioned about privacy vulnerabilities, IMS Health provided only brief statements about their commitment to privacy and security.
What's needed is simple: more transparency, consent, and control. Your health data contains your most intimate secrets, with greater risks than other personal information. Yet the current system trades this information as a commodity without your knowledge. Many would willingly share health information if they understood the purpose. The issue isn't using medical data for research - it's the lack of patient control and transparency. Despite the big data revolution, randomized clinical trials remain medicine's gold standard, with executives rarely providing specific examples of insights gained beyond vague "cost efficiencies." The solution: HIPAA protections should extend to all health information, not just "individually identifiable" data, and should apply broadly beyond current "covered entities" to include health device makers, fitness trackers, apps, and DNA services. These aren't anonymous data points - they're the intimate details of our lives and bodies. If anyone should control that information, it should be us.