Now that we’ve most likely scared you to death about using your fitness device or app, we come to Part 3 with advice on how to protect yourself.
Simply put, never take your privacy for granted in any way. Even though that new, shiny app or device might look wonderful and help you to have a “healthier lifestyle”, that in no way means that the team that manufactured your device put in the effort to make sure that the data stored on it about you is secure.
While it might be too late to look at their information before signing up, it might be a good idea to take a look at the privacy disclosures that the company who sold you your device or app gave you when you did. What you want to look for are phrases like “advertisers” and “third-party”, phrases that might mean that the data you store on your device or app is open to potential sale.
Keep in mind that it’s almost 100% certain that any free apps you are using will be selling your data to marketers. Some paid apps do as well but, in most cases, they don’t.
Theresa Payton, the author of “Privacy in the Age of Big Data”, recommends that if you’re going to use a fitness app or device you use a “dummy” email address and a fake name in order to make it much harder for hackers to find out who you are if they somehow hack into your account. She says that “I wouldn’t use the email that I use for my insurance account, for example,” adding that “If there’s a breach, you don’t want somebody to be able to pull together the whole picture.”
Jason Wang, the CEO of TrueVault, suggests that you send the customer service team behind your device or app an email to ask if they have taken the steps to become HIPAA compliant. Some might respond that no, they’re not completely compliant, but also tell you that their security systems are examined on a routine basis.
“If they’ve been audited, they’ll be more than happy to share that report with you, because they’ve probably paid a lot of money for it,” he says. “If they can’t really tell you anything, then it’s a sign that company hasn’t thought about HIPAA.”
It’s also recommended that you input the bare minimum of information about yourself into your app or fitness device as well as check out their privacy settings page to make sure exactly what you can leave out. For example, some don’t need your date of birth or your ZIP Code in order to function correctly.
It’s also highly recommended that you don’t link your app or device to social media, something that makes it nearly 2 times as easy for a cyber-criminal to find out who you are using your device or app. “I’ve got a close private network on [a fitness app] myself,” Payton says. “But I’m very careful not to link my social media accounts so I don’t allow somebody to link two and two together.”
We hope that this 3 Part blog series has opened your eyes to the fact that fitness devices and apps, while they certainly can help you to become and/or stay healthier, can be extremely unhealthy for your privacy. Hopefully these blogs have opened your eyes to the risks involved and, when you use or purchase a new fitness app or device, you keep them in mind and keep your valuable private information safe and secure.