What Privacy-Conscious Consumers Should Know About Health and Wellness Apps

What Privacy-Conscious Consumers Should Know About Health and Wellness Apps

If the 2018 Cambridge Analytica scandal taught us anything, it’s that we can’t trust tech companies to be transparent about the ways they use our data. Yet while consumers are increasingly cautious about privacy settings on social media, many don’t think twice before strapping on a fitness tracker or logging health data into a wellness app. However, these devices and apps may be sharing the most sensitive data of all. If you want to protect your personal health information from being shared and sold without your knowledge, this guide is for you.

If you want to protect your personal health information from being shared and sold without your knowledge, this guide is for you.

Who Is and Isn’t Required to Protect My Personal Health Information?

“The HIPAA Privacy Rule pertains to health care providers, health plans, and health care clearinghouses and to the business associates of these entities,” the Consumer Federation of California explains.

The majority of users mistakenly believe their privacy is protected with a wearable. From Twice, “HIPPA regulations don’t protect your wearable data….any consumer data created by or uploaded to a smartphone app or a wearable device does not fall under HIPAA rules. In fact, to avoid HIPAA oversight, many wearables label themselves as wellness tools in their privacy policies or terms and conditions.”

There are also potential ethical concerns about your data privacy. From Glance, “there is the chance that direct-to-doctor data transmission will be compromised or accidentally shared with those who are not involved with the care of the patient. The Health Information Technology for Economic and Clinical Health Act (HITECH) deals specifically with this type of potential breach in ethics.”

Why Should I Be Worried?

Litigation Management, Inc. asserts that “in the wearable fitness and health device industry, technology is advancing faster than the development of laws and regulations. As mobile health (“mHealth”) and wearable device capabilities increase, questions remain as to whether manufacturers and developers are taking prudent steps to protect personal health data privacy, stop data from being sold to third parties, and secure against hacking.”

“Information about a person derived from wearables data such as the time, duration, and proximity of an activity to other tracked individuals combined with demographic information can provide crucial and detailed context to each individual interaction. … Wearables gather a new class of sensitive data about people: not only who they are, what they do, and who they know, but also how healthy they are, what movements they make, and how well they feel,” explains the American Bar Association.

How Can I Protect Myself?

“New regulations in the US specifically targeting fitness and health apps could encourage developers to be more responsible with their sensitive data, but so far there has not been any progress,” Proton VPN explains. As a result, “The best way to stay private while using fitness tracking or health monitoring apps is to take matters into your own hands.”

“When purchasing a new wearable, learn about the technology used, security measures offered, which data it collects and how it manages them. It is a fundamental first step to avoid unnecessary risks….Wearables don’t need to access all the information about you. It is possible that in some cases they don’t need to know your location, access your photos, or your agenda. Establish the privacy settings appropriately depending on the type of device and the use you will make of it,” NuoPlanet recommends.

What Medical Practices Can Do to Protect My Personal Information

Healthcare IT News: “HIPAA is inextricably linked to patient privacy, but building a trusted, long-term patient relationship goes beyond HIPAA compliance and requires a deeper commitment to keep patient PHI safe and private.…To enable safe and secure data sharing without losing control or placing a burden on users, healthcare organizations should embrace a data-centric security approach.”

Until new regulations come into play, consumers will continue to contend with vague privacy policies and information hidden in the fine print. Unfortunately, that means the best way to protect your personal health information is often to opt out of popular fitness trackers and apps. At the very least, customers should read privacy policies and research health-based tech companies so they understand what information they’re sharing when they use a service.

Photo: Pixabay