Stop wearable medical devices from sharing your data
Wearable medical devices are everywhere. If you’ve used a smartwatch or other activity tracker to record your steps, heart rate, or how many hours you sleep, you’ve used a wearable medical device.
Wearable medical devices provide us with valuable health information like steps taken and how many times we scratch at night
You play a key role in protecting this valuable health information.
Wearable medical devices are also making a difference in the lives of patients. Dermatologists recommend one such device to find out how often a child with eczema scratches while asleep. Armed with this data, the child’s dermatologist can tell how well treatment is working and adjust the treatment plan if necessary.
What makes wearable medical devices so helpful is all the data they collect. This data is helpful to more than you and your dermatologist. Insurance companies, researchers, companies that sell relevant products, and others want this data.
Who can see medical information gathered by wearables?
It depends. Wearable medical devices collect large amounts of personal health data. This data is often stored in the cloud and may be made available to companies that pay to access it. This might include insurance companies, advertisers, and others.
Before you start using a device, you agree to certain terms like what the device maker can do with your data. By default, when you click “agree,” you may unknowingly give a device maker consent to share your data with third parties.
This happens because consumer-protection and privacy laws haven’t caught up with the technology, says board-certified dermatologist Ivy Lee, MD, FAAD, Chair of the American Academy of Dermatology’s Augmented Intelligence Committee.
What can happen if data from a wearable medical device is shared
We share so much information online these days, that letting third parties see how many steps we take or how often we scratch at night may seem harmless. It’s not.
Here’s how this data could be used:
Companies could target you with online ads for related products and services. For example, people who have psoriasis might start seeing online ads for psoriasis medications or products that relieve itch.
Health insurers could buy your data. Communities with higher rates of skin conditions like eczema, psoriasis, or skin cancer could pay more for their insurance. Your own health data could be shared with insurance companies to help them determine whom they'll cover.
Your identity could be stolen. If the organization you’re sharing your information with lacks a strong data protection system, you could become the victim of identity theft. To protect your information, wearables should have a strong data protection system for the wearable and its corresponding app.
To protect your information, it helps to limit the data that wearable medical devices can share. By doing this, you control:
Who has access to this data.
How much data they can access.
When they have access.
How to protect your health information when using a wearable medical device
Device makers actually reveal a lot about what they do with your health data. Taking the following steps can help protect your data.
Find out what happens to your information. “You should see information on data storage, use, security, and privacy within the section called Terms and Conditions,” says Dr. Lee. If you cannot find this information, find an email address, phone number, or other contact information for the company.
Then contact the company to ask what happens to this information.
If you don’t want to bother with contacting the company, proceed with caution or find another wearable.
It’s also important to know that many Terms and Conditions start with “We respect your privacy.” Don’t stop reading when you see this. Further on, you may see, “We may share your information with third parties.”
If you feel uncomfortable with what you read, find another wearable medical device that has Terms and Conditions you’re comfortable with.
Set your profile setting to private. The default setting for a wearable medical device may be “public” rather than “private.” When set to “public,” the device maker has permission to share your data.
The device should let you set your profile setting to “private.” If it doesn’t, you know that all the data it collects can be shared. If you don’t feel comfortable with this, find another wearable medical device.
It’s also a good idea to check your profile setting every few months and every time a new version is released. Sometimes, the profile setting automatically returns to the default setting of “public” with each new release or once every few months.
Check to see if your wearable medical device is regulated by the U.S. Food and Drug Administration (FDA). Medical devices that are regulated by the FDA must comply with “Ensuring of Cybersecurity of Devices.” This means that as of March 29, 2023, manufacturers of cyber devices, which includes wearable medical devices, must “provide reasonable assurance that the device and related systems are cybersecure.”
It's important to know that many wearable medical devices, including ones recommended by doctors and other healthcare professionals, are not regulated by the FDA.
To see if a wearable medical device is regulated by the FDA, go to: Devices@FDA.
Before disposing of a cell phone or tablet, remove all your health information. This advice comes from the U.S. Health & Human Services, which recommends that you:
- Delete all your health information.
- If you’re not going to use the SIM card in another device, remove and destroy the SIM card.
Dermatologists think carefully before recommending a wearable medical device
Dermatologists understand that using a wearable medical device raises concerns about their patients’ privacy.
Before recommending a wearable medical device, your dermatologist learns whether it is safe, effective, and trusted. Dermatologists look at how the device performed in studies, possible side effects, and how the device maker handles privacy and shares data.
If you have concerns about using a wearable medical device that your dermatologist recommends, talk with your dermatologist about your concerns.
Wearable medical devices collect data that can help you track important health information from how many steps you take to how often your child scratches during the night. If you use one of these devices, take the steps listed above to keep your data private.
Kapoor V, Singh R, et al. “Privacy issues in wearable technology: An intrinsic review.” Paper presented at: International Conference on Innovative Computing and Communication (ICICC 2020); February 20-22. Shaheed Sukhdev College of Business Studies, University of Delhi, Delhi, India.
Kiani C, Kain A, et al. “Wearables and smart skin as new tools for clinical practice and research in dermatology.” J Eur Acad Dermatol Venereol Clin Prac. 2022 Mar;1(1):66-8.
Kim, J. “Data brokers and the sale of Americans’ mental health data: The exchange of our most sensitive data and what it means for personal privacy.” In: Duke University’s Sanford School of Public Policy. Last updated 2/2023. Last accessed 5/30/2023.
Levine L. “Digital dermatology: Opportunities for atopic dermatitis.” Dermatol Times. 2023;44(2).
Redmond SJ, Lovell NH, et al. “What does big data mean for wearable sensor systems?” Yearb Med Inform. 2014 Aug 15;9(1):135-42.
U.S. Department of Health & Human Services. “Protecting the privacy and security of your health information when using your personal cell phone or tablet.” Last updated 6/29/22. Last accessed 5/30/23.
Paula Ludmann, MS
Hassan I. Galadari, MD, FAAD
Mona Gohara, MD, FAAD
Roopal Kundu, MD, FAAD
Ivy Lee, MD, FAAD
Jennifer G. Powers, MD, FAAD
Sanna Ronkainen, MD, FAAD
Last updated: 6/22/23