Consumers have a range of new tools available to them to help them actively monitor their health. As the capabilities of these wearables increase, people continue to invest in devices that can track their heart rate, sleep patterns, and exercise levels. Some devices also help healthcare workers remotely monitor their patients’ glucose levels, blood pressure, and other significant vital signs.
All these devices contain sensitive information about their owners that hackers are keen to access and sell to data brokers. If you have never given any thought to privacy issues and data breaches, like many consumers, now is the time to find out how to protect your next-gen wearables.
Main concerns about data privacy
According to cybersecurity experts, the value of personal health data is far more than that of a stolen credit card. Anyone with access to your data can use it to know everything about your movements, whether this is for data collection or criminal activities. Sensitive information about your health may lead to discrimination from various sources, including your employer, insurer, bank, etc. If someone gains access to just one of your passwords, it can give them access to your email, banking, or other sites.
There are already some laws in place helping to protect some of your personal information. These include the Health Insurance Portability and Accountability Act of 1996 (HIPAA) or the Genetic Information Nondiscrimination Act of 2008 (GINA). Still, these cannot always protect the information generated by something like your participation-based wellness program. For example, even though significant snippets of data are removed, information like zip-code and dates of birth can quickly help hackers re-identify names, according to a team of Harvard researchers.
Putting protection in place
It appears that the protection of health data is not up to the consumer but up to governments and private companies.
Extending HIPAA to Apps and Wearables
HIPAA is a far-reaching health privacy law but only covers information provided to healthcare providers and health plans. In addition, HIPAA rules do not protect user data generated by or uploaded to wearables or health apps.
In the absence of governance that can protect such data, some states seek the best way to expand their definitions of personal protected data to include the data generated by wearables and apps.
Creating consumer awareness
Many consumers are not aware that some apps share their data for marketing and advertising purposes. This is because these apps do not provide precise data usage terms. Because consumers lack awareness, they are more trusting and share sensitive information on apps or related devices.
Adopting a uniform policy
Besides the expansion of the HIPAA, tech companies should all have to conform to a transparent privacy policy that is uniform with clear parameters. These need to be consumer-friendly and require revokable consent for data disclosure that goes beyond the categories permitted. This will need to be undertaken nationally and not just on state levels.
Consumer protection of wearable devices
Experts warn that regulations are likely to take years still to effect. Consumers also need to consider that any newly introduced laws are often soon outdated at how technology changes.
However, there are some steps you can take to ensure data privacy on wearables:
- First, you should only enter the information required by the device.
- Second, you should limit the number of apps that are allowed access to your healthcare information.
- Avoid insurance policies that demand you wear a trackable device to ensure that your health data doesn’t go to third parties.
- Always check the default privacy settings on devices and apps and turn off anything you don’t feel comfortable sharing.
Conclusion
Personal health information is highly private, and it’s not only consumers who demand its protection. As the demand for individual health information increases, governments and companies work to protect you from breaches to your health and other data.
