Internet Security

Is the Health Data Captured by Your Smart Watch Vulnerable

Written for Symantec

If you’re wearing a smartwatch or other device that tracks your activity—miles run, calories burned, weight lost—you’re not alone.

Whether you’re biking to improve your health or walking to lose weight, the information generated is fairly personal, as is the login information you use on the various apps and accounts that track your data. So just how secure is that health data your smartwatch collects?

What happens to your health data?

These technologies—the devices and apps—are operated by many businesses. And these companies are collecting, handling and analyzing all sorts of health information—yours, perhaps. The US Department of Health and Human Services (HHS) says, as the electronic sharing and storage of health information increases, and as we share more personal health information online, the data may be at risk of being shared improperly. Why?

  • New types of entities that collect, share and use health information are not regulated by HIPPA, the Health Insurance Portability and Accountability Act.
  • Individuals may have a limited or incorrect understanding of when the law protects their health data—and when it does not.
  • Health information collected in more places without consistent security standards may pose a cybersecurity threat of which individuals may not be aware.

Privacy concerns raised

In 2013, the Privacy Rights Clearinghouse studied more than 40 popular health and fitness apps and reported, “there are considerable privacy risks for users.” The organization went on to say that “consumers should not assume any of their data is private in the mobile app environment—even health data that they consider sensitive.”

Help protect the health information that lives on your fitness tracker

The Clearinghouse offered a few tips that, given the HHS’s recent report, may still be worth keeping in mind when it comes to mobile health apps and technology. These are some that stood out to me:

  • Research the app before you download it.
  • Make your own assessment of the app’s intrusiveness based on the personal information it asks for.
  • Try to limit the personal information you provide. If the app allows it, try the features first without entering personal information.
  • If you stop using an app, delete it. If you have the option, also delete your personal profile and any data archive you’ve created while using the app.

As interesting as it is to capture and review the data available through these new technologies, it’s important to keep in mind that the health information that’s captured may be vulnerable.

Editor’s note: This content was lightly edited and updated on Jan. 22, 2018.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Start your protection,
enroll in minutes.