Do Medical Privacy Laws Apply to Health Tracking Apps?

By Christopher Coble, Esq. on November 30, 2015 | Last updated on March 21, 2019

Getting on the scale after the Thanksgiving holiday is never fun. But with Christmas coming up and Resolution Season just around the corner, perhaps you've already got a plan for getting back in shape.

As opposed to the post-holiday weigh-in, a fitness plan that includes a fancy new health tracker or health tracking app can be fun - you can see, and share, your workouts and progress. As with any sharable or social tech, however, you may want to be careful about how much information you put out there. Because the same privacy laws that apply to your personal medical records may not apply to health tracking apps.

HIPAA and Your Health

The Health Insurance Portability and Accountability Act, HIPAA for short, is the federal law that covers your medical privacy. HIPAA requires doctors and medical professionals to protect your identifiable information as it relates to your physical or mental condition or health care you've received. This private medical information can only be disclosed with your permission or in a limited number of special circumstances.

There are limits to HIPAA's reach, however -- as a report by ProPublica pointed out, the privacy law "only covers patient information kept by health providers, insurers and data clearinghouses, as well as their business partners." Therefore, some health tests and trackers like at-home paternity tests, wearable tech like Fitbit, personal genome company 23andMe, and other online medical resources don't have to comply with HIPAA's disclosure requirements.

Private Info Made Public

DNA testing company 23andMe has already faced lawsuits regarding its advertising and use of personal genetic information, and there are other instances of medical tech companies and online health information repositories disclosing personal medical information. Cops have been turning to looking for DNA matches in criminal investigations. And Fitbit's sexual activity tracking data was turning up in Google searches.

When you voluntarily share medical or health information with websites and apps that are not medical professionals, there is a risk of public disclosure of that information. You should review the app's privacy policy and limit the personal information you share. Seeing your holiday weight disappear is great, but seeing your medical information in public is not so good.

If you believe your personal medical information has been released or revealed without your permission, you should contact an experienced health care attorney near you.

Related Resources:

Copied to clipboard