Guest Post by: Katie Conroy
Are Health Apps and Wearable Tech Compromising Your Medical Information?
Health-related smartphone apps, fitness trackers, and wearable tech like Apple Watches and Fitbits are making it easier than ever to optimize well-being. Unfortunately, these technologies are also making it easier for strangers to access your medical information. From the exact route of your daily run to specific medical conditions and even your identity, you might be surprised at what information a hacker or identity thief could pull from your favourite tech.
Simple Sasquatch helps answer some questions about health-based technology and how to stay safe in the digital world.
Which Companies Follow HIPAA Guidelines?
- According to the Hill, “Any third party that conducts business with a HIPAA-covered entity must have a
contract in place that details their responsibilities and requires HIPAA compliance. Regarding wearables, HIPAA does not apply if the tech company does not share the health data with health-care providers.”
Can Big Tech Companies Access My Health Data?
- Wearable technology provider, Fitbit, recently acquired Twine Health. Fitbit says, “We are excited about the momentum in our healthcare business. Our healthcare solutions and our programs span not only wellness and chronic condition management but also different demographics with seniors in our Medicare Advantage populations as well as commercial populations.”
- “Amazon, Google and Microsoft are among the companies vying for a piece of [healthcare] pie in areas such as retail pharmacies, using artificial intelligence for disease detection and healthy-living apps,” NPR says, “and so is Apple.”.
- Healthcare IT News: “Facebook has been accused of misleading users in its Group platform about who can see their private information, and argues Facebook did not disclose how much information could be visible to outsiders — including health information.”
What About Hackers, Data Breaches, and Identity Theft?
- According to the Chicago Tribune, “Patients still have cause to worry months after they leave the hospital.” That’s because the “data they gave to health systems — Social Security numbers, birth dates, health insurance information, medical information and credit card numbers” might have “been compromised in breaches.”
- As ZDNet reports, “The most expensive offering on the market is provider information which can be used to forge a medical background, an alarming prospect given the harm which could be done when someone [poses] as a medical professional.”
How Can Consumers Protect Their Medical Information?
- Smartwatch data is especially alluring to hackers because of the wealth of personal health information, from daily steps taken to doctor office visits. When used for work purposes, the data on your smartwatch is even more valuable.
- IEEE Senior member Douglas Walled suggests using standard cybersecurity measures to safeguard your smartphone data, like using a strong password: “People usually think they have good passwords, but in reality they are often not as creative or complex as they imagine. An easy to remember phrase with a couple of consistent rules (always capitalize the first letter of a word, period between words, replace ‘a’ with ‘@’ and ‘o’ with ‘zero,’ end with ‘!,’ for example) will make for an extremely hack-resistant password, and it can be easy to remember without always reusing your dog’s name and the year you got him or her.”
- “If you suspect that someone used your information to get medical services, get copies of your medical records,” the FTC advises. “Contact each doctor, clinic, hospital, pharmacy, laboratory, and health plan where the thief may have used your information.”
The healthcare industry is rapidly growing, and it’s inevitable that big tech companies will continue entering the field, blurring the lines between technology, apps, and medical data. Unfortunately, HIPAA regulations rarely extend to cover businesses like Apple and Facebook — and data breaches do happen. It’s up to each of us as consumers to monitor our medical records and report any suspected thefts or suspicious activities. Know your local and state laws; use strict privacy settings on any apps, websites, or technologies; and try to use HITRUST-certified, HIPAA-compliant providers whenever possible.
About the Author:
"Katie Conroy enjoys writing and created advicemine.com where she shares advice from her experiences, education & research. She particularly enjoys writing about lifestyle topics and created the website to share advice she has learned through experience, education and research."