Over the past several years, the issue of data access has come to the forefront of financial services. Namely, questions have centered on whether consumers control access to their personal financial data and how best to ensure said access. Some of these questions remain unanswered—and part of that is due to a lack of precedent, at least specific to financial services.
While these questions are newer to the financial services industry, it would be naive to think these debates haven’t happened (and, we might add, been resolved) elsewhere. In fact, precedents in the healthcare and telecommunications industries provide useful corollaries to what’s happening in fintech, and might even offer a crystal ball for where we’re headed.
Before the Health Insurance Portability and Accountability Act (HIPAA) became law in 1996, most medical records weren’t digitized, and consumers couldn’t easily switch providers or ensure that specialists had their complete, up-to-date medical records. It was pretty clear that this left consumers worse off: They could not effectively get the holistic care they needed, and they were often essentially blocked from choosing the right provider for their needs.
So HIPAA was born out of a recognition that the industry would become more efficient—and more effective—just by digitizing medical records. Digitization in turn begged all kinds of questions about privacy and portability, which became two of the main tenets of HIPAA. (In this way, fintech has followed in healthcare’s footsteps, once the tech became available. The data access debate in financial services has become acute as online banking became common and digital services the norm. Before the technology existed to enable financial data portability, the debate itself was mostly moot.)
HIPAA eventually gave everyone the right to access—and make use of—their own medical records, including sharing them as they wished. That means that now patients can have their entire medical record transferred to any provider or be granted digital access or hard copies. Essentially, legislators realized that it wasn’t appropriate for healthcare providers or the digital records companies to stake out ownership over the data; instead, HIPAA embraced the attitude that consumers have rights over their own data, and the various industry stakeholders who touch that data need to be good stewards of it.
This was important to acknowledge, because there had historically been a financial disincentive for doctors and hospitals to share information. For example, if a doctor doesn't have a patient's record immediately available, the doctor may order a test that has already been done—and bill for it. Keeping electronic medical records (EMRs) from talking to each other also makes it easier to keep patients from taking their medical records—and their business—to a competing doctor. This dynamic exists to some degree in financial services, too: If a consumer can’t use a separate investing tool, or easily upload their financial histories to a mortgage provider, maybe they’ll just stick with their bank to invest or take out a loan.
There are opportunities for the financial industry to learn from healthcare’s growing pains. Over time, healthcare has collectively returned to the central issue: how to provide the best patient care possible, which has ensured that data portability remains protected.
Before the Telecommunications Act of 1996, telecommunications law hadn’t changed much in 60 years—even though plenty had changed when it came to phones and cable. Prior to the act passing, consumers couldn’t change phone providers and take their phone numbers with them; their number was essentially tethered to that network. Given how much longtime phone numbers were linked with an identity, switching providers was pretty unattractive. So they didn’t.
The Telecommunications Act changed all that by giving consumers the right to keep their phones. It turns out that seamless, neutral number porting is not only convenient for consumers, it underlies competitive dynamics in the telecomms market—part of why more than 2,000 carriers still exist. In fact, one economist estimated that number portability has resulted in $8 billion to $10 billion in consumer benefits. To ensure privacy and accuracy, the telecomms space relies on a neutral, third-party provider, just as financial technology does with trusted intermediaries (like Plaid). As it did in healthcare, fintech’s data portability ensures that consumers have choice when it comes to finding the best products and services for their lives.
Arguments against consistent, neutral data access often locate their power in ideas about consumer protection: either that powerful parties are better equipped to control access, or that security is at stake. But where sensitive information is concerned, there’s no greater risk than in healthcare, and HIPAA has figured out how to address it securely. Other arguments, as the Center for Financial Services Innovation points out in a whitepaper, are driven by concerns about competition—concerns that the telecoms industry, which knows monopolies all too well, appropriately navigated.
These arguments translate to the financial sphere, too, but regardless of motivation, it’s clear that restricting financial data access would stall the technological advances consumers have already seen and benefited from—just as healthcare and telecommunications stalled with restricted data portability. At the end of the day, financial technology is designed to make lives better. And the issue of data access will fundamentally impact the future of consumers’ financial lives.