Back when mobile banking was first made available, consumers fell in love with the new technology and adopted it very quickly. The same is happening with fitness devices and apps which, in 2013, generated over $230 million in sales.
It’s predicted that by 2017 sport and fitness apps will grow by over 60%, according to IHS Electronics and Media. These devices can be used to track weight loss, show how many calories are in certain foods and even map out someone’s favorite jogging route, but privacy experts worry that, as useful as many of these tools might be, many consumers aren’t aware that these devices keep and sometimes share their sensitive health information.
Theresa Payton, the author of “Privacy in the Age of Big Data” and the former White House Chief Information Officer for Pres. George W. Bush, says that “All technology is hackable, and if there’s a data breach, these devices could open up your whereabouts, your workout patterns, your weight, height, friends’ contact information, everything.“ Payton goes on to say that “It makes it easier [for hackers] to socially engineer a fake identity and convince people they’re somebody that they’re not.”
Incredibly, electronic health records being sold on the black market can be up to 20 times more valuable than the data from stolen credit cards. According to Stephen Boyer, the CTO of BitSite Technology, a security ratings firm, a person’s medical chart is an incredibly rich source of personal information that could include things like insurance details, phone numbers, Social Security numbers, past home addresses and, most frighteningly, a person’s entire medical history.
In other words, more than enough information to commit not only insurance fraud but also identity theft. And, since many of these new fitness bands and apps are linked to health records, they expose consumers to an unwarranted increase in risk that their health records will be hacked.
The fact is that the Health Insurance Portability and Accountability Act (HIPAA) that protects patient data was implemented long before our any of these new devices or apps became available, way back in 1996.
These devices and apps, even though they collect information that cyber criminals would find extremely valuable, don’t have to follow the HIPAA rules, and the makers of these apps and devices are free to share your data with whomever they like. Yes they say that they will keep your information safe but, in this day and age, there’s no such thing as “safe” anymore.
So, if you’re using one of these new devices or apps, you would be well advised to find out exactly what kind of information they have access to about you, what their rules are for sharing that info and for keeping it safe and, wherever possible, make sure that you share as little as possible about yourself and your health records.
The simple fact is that your financial health, as well as your actual physical health, may someday depend on keeping this information safe.
Please make sure to come back and join us for Part 2 of this important 3 Part blog series.