For the last year, Charlie Wynkoop has been tracking his exercise with a digital fitness device he wears on his wrist and syncs with his smartphone.
"If you pass your goal, it plays some da-da! music to make you feel good about yourself," says the 56-year-old project manager from West Los Angeles. The device calculates and tallies points allocated for good behavior.
FOR THE RECORD:
Healthcare Watch: In the July 27 Business section, an article about the privacy of health product users misspelled the last name of Derek Newell, chief executive of the Palo Alto healthcare technology company JIFF, as Newall. —
And it encourages Wynkoop to keep his activity level high. "I have found myself at 9 at night thinking I should walk around the block — because I'm only 300 points away from my goal," he says.
But Wynkoop inputs only the information about himself needed to determine whether he's met his fitness goals — his age and weight, for example. More than that, he won't share. "I would be leery," he says.
Digital devices and smartphone apps that track what we eat, how much we exercise, our weight, blood glucose and blood pressure, among other things, are widespread.
Nationwide, sales of digital fitness devices jumped threefold from 2012 to 2013, according to a recent report by the California Healthcare Foundation. More than half of U.S. consumers say they're interested in buying a health monitor that can be used with their smartphone, computer or other device.
There's no shortage of mobile health apps, either. According to Forrester Research, by the end of 2013, 40,000 health and wellness apps were available for download. And more are coming.
As consumers increasingly use mobile apps and devices to capture and store health-related information, they can release personal data that may not be as confidential as they thought.
"Most apps are created by independent app developers, and you, for the most part, don't know what's happening to the information" you input, says Paul Stephens, director of policy and advocacy with San Diego-based Privacy Rights Clearinghouse.
He says hundreds of companies, most of which are unknown to consumers, compile data and create dossiers on you that they exchange with other data brokers and with companies. For example, Stephens says, "We're seeing a frightening trend where healthcare providers are buying the data to monitor the habits of their patients."
Information in the wrong hands can thwart efforts to buy long-term care and life insurance policies or even to land a job, if insurers and prospective employers gain access to health data you didn't intend to divulge, or even current habits that may increase your risk of developing a disease in the future.
Medical identity theft, in which your name and ID are used by another person to gain access to medical services, is also a concern, experts say.
Deven McGraw, a Washington, D.C., health privacy expert and lawyer, says consumers may be surprised to learn that all the information they upload is most likely not covered by the Health Insurance Portability and Accountability Act. HIPAA is the federal law implemented in 1996 that requires most healthcare providers and insurers to keep your medical information private.
"The coverage boundaries are really just for health plans and doctors and hospitals, not the vendors of tools like social media, apps and body sensors. As a result, it doesn't matter how sensitive the information is; it won't be protected," McGraw says.
In California, the Confidentiality of Medical Information Act adds a possible extra layer of privacy protection. The law requires those who collect healthcare information to safeguard those data. But the law may not apply to all mobile applications.
Experts say consumers face a significant challenge to control their digital data. But there are steps you can take to help protect yourself.