From electronic health records to telemedicine, technology continues to transform how older adults manage their health. Digital health technology is one important way in which it’s impacting our daily lives.
What is digital health technology?
According to the U.S. Food and Drug Administration (FDA), digital health “includes categories such as mobile health (mHealth), health information technology (IT), wearable devices, telehealth and telemedicine, and personalized medicine.” It involves using information and communications technologies across all health disciplines to manage risk factors and illnesses and promote overall well-being.
What are digital health products?
Digital health products include wearable devices, digital health apps, and other products that can help older adults monitor their health—or the health of someone you love from afar. Some digital health technology examples include:
- Fitness trackers (e.g., Fitbit)
- Smart watches (e.g., Apple Watch)
- Step trackers
- Fall alert products (e.g., Life Alert)
- Remote blood pressure monitors
- Sleep trackers
- Connected pacemakers
These products are sometimes called the “internet of medical things,” or IoMT. The IoMT refers to the connection of medical devices and apps to larger health information technology systems.
How do digital health products benefit older adults?
Digital health products are designed to save time, boost accuracy and efficiency, and yield valuable insights, whether used on their own or together. On an individual level, they can make it easier for you to manage chronic health conditions. Health devices can also improve how you exercise and encourage you to add more physical activity to each day.
On a systemic level, digital health products can:
- Provide seamless ways to communicate health information with healthcare providers.
- Reduce costs for both providers and patients.
- Minimize inefficiencies in healthcare delivery.
- Provide more personalized, tailored healthcare.
- Provide early diagnosis for life-threatening diseases.
- Increase access to healthcare in underserved communities.
Yet, while these digital health benefits are compelling, this growing area of healthcare also brings real concerns about data privacy and security.
Online privacy vs. security: What’s the difference?
The terms “privacy” and “security” are often used interchangeably online. But there’s a difference between the two:
- Privacy refers to how your personal information is used after it's collected—and how much control you have over the process.
- Security refers to how protected your personal information is in the first place.
What are some privacy concerns with digital health products or wearables?
The biggest issue when it comes to digital health privacy is that a lot of data is being collected while digital products are in use. Some of this data is referred to as personal health information (PHI)—also called protected health information. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), protected health information is defined as "individually identifiable information relating to the past, present, or future health status of an individual that is created, collected, or transmitted, or maintained by a HIPAA-covered entity in relation to the provision of healthcare, payment for healthcare services, or use in healthcare operations."
This sensitive information is potentially vulnerable to data breaches as well as misuse in marketing. One study showed that personal health data can be easily obtained online with common third-party advertising tools designed for social media marketing.
"Patient confidentiality is a cornerstone of the healthcare industry. Patients share personal information with doctors and health institutions so that they can be treated and advised appropriately," said Chandler Givens, Head of Consumer Privacy at Avast.
"The same should be true with digital health technology. But, as a consumer using a digital health product today, it’s difficult to know exactly what information is being collected, where it’s going, and how it’s protected," Givens continued.
Some products are covered by HIPAA, a federal law designed to prevent a patient’s sensitive health information from being disclosed without their consent or knowledge. This law was amended in 2009 with the Health Information Technology for Economic and Clinical Health (HITECH) Act, which was intended to improve privacy and security protections for healthcare data.
However, many wearable fitness trackers and other digital health products are not considered “covered entities” under HIPAA. Therefore, they are not required to protect the data they collect on the consumer’s behalf. This creates new data privacy risks that leave consumers vulnerable. For example, many wearable devices upload consumer data to the cloud (servers accessed on the internet instead of locally). In the cloud, this data is at risk for cyberattacks and data leakage. In addition, research has shown that some mobile health applications leave residual personal data on the hardware of the device they ran on (e.g., a smartphone). This can allow the information to be utilized or accessed for purposes other than what the consumer agreed to.
What are some security concerns with digital health products?
The FDA regulates medical devices for safety and effectiveness concerns, which gives the agency authority over cybersecurity issues. However:
- The FDA approves Class II and III devices, but not Class I devices. Many digital health products are Class I devices and therefore don’t need FDA approval.
- Even when digital health products fall under the FDA’s authority, the agency is primarily concerned with physical safety, not cybersecurity controls. Therefore, any guidelines they issue related to data privacy are recommendations and not a requirement.
The Federal Trade Commission (FTC) often steps in regarding consumer data privacy and security for non-regulated digital health products, and it will likely play a greater role in these matters as time goes on. But until more specific laws are put in place, it’s still a bit of a “wild, wild west” scenario in terms of device security. That’s why it’s critical to be proactive in protecting yourself and your loved ones.
How can you keep your personal health information safe?
If you’re wondering how to protect healthcare data, the first step is simply being aware. You should understand that your health devices are actively collecting information from you—and you might not know what happens with that information. Make it a habit to:
- Read the Privacy Policy of every digital health product you use to get a better understanding of your rights to information privacy.
- Do a quick online search to identify any known privacy or security issues with the device you are using or want to use.
- Maintain good digital health. This means:
- Using strong passwords when shopping or banking online.
- Installing software updates immediately on your devices when prompted (don’t ignore them).
- Minimizing digital data collection by following these tips from Avast.
- Using reputable security software, such as Avast Free Antivirus.
Digital devices can empower you with greater control over your own health—and concerns over digital health privacy shouldn’t stop you from using them. Instead, following personal cybersecurity best practices can help you reap the benefits of health innovation while keeping your sensitive data as safe as possible.
This content was developed in partnership with Avast. Learn more about Avast’s privacy and security software and how it can help protect your information and data.