Little privacy protection for personal health data culled from fitness-tracking apps

Privacy protections aren't keeping up with fitness-tracking apps and devices that collect personal health information and the developers who store and sell the lucrative data, The Washington Post reports.

"This is really, really a privacy nightmare," says Deborah Peel, the executive director of Patient Privacy Rights, who claims that the health data these apps collect have basically zero protections. Yet, she calls it "the most valuable information in the digital age, bar none." 

Though the Food and Drug Administration and the Federal Trade Commission regulate some aspects of this market, they haven't done enough, according to Jeffrey Chester, executive director of the Center for Digital Democracy. He calls it "part of a much wider system of data collection."

"Information about consumers' most intimate health conditions is going to be sold to the highest bidder," he says in the article. "Employers might get access to it, insurers might get access to it, or mortgage lenders--which could lead to a vast array of negative discriminatory practices."

The story notes that upon its buyout by Facebook, fitness app Moves, which uses motion sensors built into smartphones and GPS information to keep a record of users' locations and activities, changed its privacy policy, which previously said the company would not disclose data to third parties without consent. Now, it says "we may share information, including personally identifying information, with our affiliates ... to help provide, understand and improve our services."

Such consumer-generated data doesn't come with HIPAA protections, which apply to information produced by covered entities such as doctors and hospitals.

App developers have to deal with a patchwork of legal issues, including privacy and security protection, as FierceMobileHealthcare recently reported.

An FTC study found at least one app vendor sharing personal health data and information it collected with an ad company and others. FierceMobileHealthcare's Judy Mottl has warned that lawmakers and the public need to sit up and take notice of the trend toward mobile app developers sharing data with third party vendors.

To learn more:
- read the Post article