Fitness trackers that help monitor the quality of your sleep, heart rate, and other biological indicators are a popular method to assist Americans in improving their health and overall well-being.
Various trackers are available, including popular brands like Apple, Fitbit, Garmin, and Oura. Although these devices are increasing in popularity and have legitimate applications,
most consumers need to know how much of their personal information is available to or accessed by third-party companies. This is crucial because individuals can’t alter their heartbeats or DNA sequencing just like they could with a credit card or bank account number.
“Once the toothpaste is out of the tube, you can’t get it back,” said Steve Grobman, senior vice chief technology officer and president of McAfee’s computer security company.
The Christmas season is an ideal time to buy fitness devices for consumers. Here’s the information about security concerns connected to fitness trackers and personal health information.
Choose a brand name even if they’re compromised.
Fitness equipment can be expensive regardless of inflation, but skip security to save a few bucks. While a less well-known brand may provide greater bells and whistles at lower costs,
a reputable company that has been compromised will be more concerned about its image and do things to assist the affected customers, said Kevin Roundy, senior technical director at cybersecurity firm Gen Digital.
Indeed, issues with data security, from hacking by criminals to accidental sharing of sensitive information, could — and have affected the most well-known brands, such as Fitbit and Strava, which Google purchased in 2021 along with Strava.
However, security experts say it’s best to purchase from a trusted manufacturer who can create safe devices and has the credibility to maintain them.
“A smaller company might just go bankrupt,” Roundy declared.
Data from fitness trackers apps aren’t protected as health information is
There could be other issues besides having someone’s private information exposed in a data breach. For instance, fitness trackers are typically connected to a phone’s Bluetooth and leave personal information vulnerable to being hacked.
Additionally, the information that fitness trackers gather isn’t classified as “health information” under the federal HIPAA standard or state laws such as the California Confidentiality of Medical Information Act.
This means that revealing personal data may get used for purposes that a consumer would never anticipate.
For example, the personal data could be sold or shared with third parties, such as law enforcement agencies or even data brokers officials, explained Emory Roane, the policy counsel for Privacy Rights Clearinghouse, a consumer privacy advocacy and education group.
Some fitness trackers use consumers’ health and fitness data to generate revenue from ads, and if this is an issue, you’ll need to ensure that you have the option to remove yourself. Read the terms and conditions of service to know the rules before you purchase this fitness device, Roundy said.
The default settings for location, social and other settings might need to be modified.
The default settings of a fitness tracker may have a lower level of security. To increase security,
examine the settings that can be changed, for instance, the ones that relate to social media or location and other shared data, according to Dan Demeter, the security researcher at cybersecurity company Kaspersky Lab.
By the state, consumers may also choose to opt-out of sales or disclosure of private information with third parties. In certain cases, the rights of consumers are being increased, according to Roane.
Users of devices should be aware of the information they share publically about their location and activities. They should also be aware of what they let become public by default.
These data can be searched online and used by malicious actors. Even if they’re not acting maliciously, third parties like insurance companies and employers could gain access to this kind of information.
“It’s not only about present data but also past data,” Demeter explained. For example, a shady actor could be able to see every time a person runs — the days and hours – — and when, and then use that information to benefit them.
There are also a variety of scams that use digital technology. Criminals can use information about your residence to make an offer appear more credible. They may claim, “I know you lost your wallet at so and so place, which lends credibility to the scammer’s story,” Grobman explained.
The location data may be unreliable in other ways, too. Roane gives the example of a woman looking for healthcare services related to reproductive health in states where abortion is not legal.
Use strong passwords and two-factor authentication, and Don’t share your credentials.
Secure your account using a secure security password that you won’t share on another account and by activating two-factor authentication on your app. Also, don’t share passwords. This isn’t a wise option, but it could cause a lot of harm in certain situations. For instance, Roane said the victim of domestic violence might be tracked by her perpetrator, provided he has access to her account passwords.
Make sure you keep your device and app updated with security patches.
While no security measure is 100% foolproof, the aim is to be as safe as possible. “If somebody tries to profit from our personal information, we just make their lives harder, so it’s not easy to hack us,” Demeter declared.