Wearable Health Technology: Health Care Dream or Privacy Nightmare?

Wearable Health Technology: Health Care Dream or Privacy Nightmare?

by Michael H. Cohen, Esq., September 2014

The Dick Tracy watch has officially arrived with the unveiling of the Apple Watch—wearable health technology for everyone—along with the new Health app that analyzes your data.

The Apple Watch is a game-changer: health data is no longer “siloed inside” of other health apps, but rather it is “designed to give users a big-picture look at their entire health profile: exercise, sleep, eating, and even metrics like blood pressure and glucose levels.” The current wearable health technology market includes fitness tracking devices such as Fitbit or Jawbone.

This is good news for people who want to amplify their fitness, nutrition, and overall health, and see their health data at a glance. Surely, more technology will enhance public health, as people take more accountability for their own wellbeing.

And this is, in part, what the whole alternative medicine movement has been about—coinciding with preventative (conventional) medical care, in getting people to tackle obesity and other epidemics of modern life by implementing good self-care.

But is all this health technology eroding our privacy, and giving our personal health data over to big corporations?

Medicine’s Evolution: From Physical to Online to Mobile to Wearable to Implantable

Healthcare technology is evolving, changing the way we experience medicine.

The future of medicine isn’t Obamacare; it’s the movement from physical medicine, to online health (telemedicine), to mobile care (m-health), to wearable health tech, and ultimately, to nanotechnology and implantable medicine.

Physical medicine is the healthcare our parents knew when they grew up. You called your doctor and went in for a checkup, or went to the hospital for surgery or emergency care. This was a reversal over our grandparents’ times, when doctors (mostly male) came with their black bags for house-calls.

With the expansion of online technology and the corresponding decrease in economic incentives for the private practice of medicine, many physicians have moved into telemedicine (also known as telehealth). Telemedicine is exploding, with online sites providing everything from tele-dermatology to tele-psychiatry.

Mobile health is simply an extension of telehealth. You can now visit your physician through your mobile phone and send data that will generate a diagnosis, treatment plan, or prescription. Your doctor might just be an app. Some of these health apps are regulated by the federal Food and Drug Administration (FDA) as medical devices in a new regulatory category known as mobile medical apps. Others simply track health data, and these are not considered medical devices. Either way, Star Trek is here; “phone technology continues to move in the ‘tricorder’ direction, with no end in sight.”

Wearable heath tech is the next phase. Here, we incorporate sensors and other health technology into our clothing (such as a wristband or sneaker), or our jewelry (such as a watch), and use this to monitor various health metrics. This is where we are poised with the Apple Watch.

We still have medical offices, but soon, you won’t visit your doctor; instead, you’ll be wearing your “doctor.” The Apple Watch is the first step in that spiral of health tech developments.

Ultimately, we will move these health data collection and monitoring devices inside our body. And, of course, we’ll have robots—not only performing surgery, but interacting with our wearable and implantable devices.

It won’t be your spouse telling you not to eat that donut, or to go the gym—it will be the device that is part of your belt or earring; or the iteration of your smartphone which will have more computing power tomorrow than any government today.

Privacy Worries and Other Legal Conundrums

Thanks to video cameras installed on street lamps, in stores, and ubiquitously outside (and sometimes inside) the home, we are photographed and videotaped thousands of times a day. It’s virtually (pardon the pun) impossible to escape being found on Google. If you are a U.S. citizen, a radio frequency identification chip (RFID) is embedded in your passport, allowing your movements to be tracked. You can buy apps to track your smartphone.

Is privacy dead?

And who owns your health data? Who can sell that data to others, or use it for their own nefarious ends?

Companies selling wearable technology may promise you that your health data is protected, but can you rely on those promises—and are those promises required by law? Are all your health habits now public knowledge? And who can command the devices you wear?

Currently, there are a patchwork of legal rules. Among them, a federal law known as HIPAA requires that “covered entities” (such as doctors and hospitals, outpatient care centers, pharmacies and nursing facilities) guard the privacy and security of your protected health information (or “PHI”). The “business associates” (those who create, receive, maintain or transmit PHI on behalf of covered entities) also must abide by HIPAA.

But it’s unclear whether HIPAA even applies to wearable health data, which is tracked and collected outside the context of health insurance reimbursement claims.

This past summer, Senator Schumer from New York issued a press release, warning that smartphone apps and wearable technology bracelets could track users’ movements and health data, without their knowledge. Schumer labeled this a “privacy nightmare.” He urged the Federal Trade Commission (FTC) to develop rules that protect consumers from sale of their private health data to third parties.

The FDA does require mobile medical app developers to create a cyber-security plan and submit it to the FDA along with their mobile medical app and medical device submission. But this only applies to mobile medical apps and not to wearable health technology generally.

The FTC also requires mobile apps to include disclosures as to how they collect, use and share consumer data (including health data). But again, wearable health tech is relatively new terrain, and legal and regulatory requirements are unclear.

In addition to privacy issues, FDA medical device regulation, and FTC regulation of mobile and online advertising, there are also questions about the medical standard of care that a physician should apply when interpreting any health data from your wearable health device.

Public Policy Puzzle

Part of the problem is that laws governing healthcare first emerged in the late nineteenth century, and many of these still govern delivery of healthcare in our modern world.

Regulatory agencies—and legislators—are struggling to keep up; but health technology evolves so much faster. Industry practice is disruptive, and constantly a step ahead of the rules.

Legal rules aim to balance two competing ideals: one, protecting the public against unscrupulous practices and practitioners; and two, promoting innovation to advance public health. These goals often conflict.

Is the Future Utopian?

With so much continuously in flux, it’s easy to swing from a positive, utopian vision of our future to a negative, dystopian one, in which our personal freedom is circumscribed by the control others have over our private information. Put simply: the more they know, the more they can control.

Our health data is part of our personal identity: what we do to keep fit; how much we sleep; what we eat; and more generally, what we do for our overall self-care.

Our laws safeguard the privacy and security of our medical data; yet health is so much more than information about medical diagnoses, prescriptions and treatments.

Because technology is morphing so quickly, and innovation moves faster than the speed of law-making, we can’t just rely on government, but require wisdom from a combination of policymakers and industry.

We’re redrawing the map of what it means to be human, and wearing our health data on our sleeves.

The materials above have been prepared by the Michael H. Cohen Law Group for informational purposes only and are not legal advice or counsel. Readers should not act upon any information in this article without seeking healthcare legal counsel.