The Future of Privacy Forum (FPF) released Best Practices for Consumer Wearables and Wellness Apps and Devices, a detailed set of guidelines that responsible companies can follow to ensure they provide practical privacy protections for consumer-generated health and wellness data:
“Fitness and wellness data from apps and wearables provide significant benefits for users, but it is essential that companies incorporate Fair Information Practice Principles to safeguard this data,” said Jules Polonetsky, FPF’s CEO.
“Overcoming privacy concerns associated with wearable technologies is necessary to ensure their equitable access and use by global populations,” said Derek Yach, Chief Health Officer & Gillian Christie, Health Innovation Analyst, Vitality. “The Future of Privacy Forum’s guidance on consumer wearables and wellness devices showcases these challenges and explicitly outlines best practices for companies engaged in designing and deploying these technologies.”
The Best Practices build on current legal protections and app platform guidelines by providing specific guidance to ensure consumer apps include appropriate privacy protections, as well as developing responsible guidelines for research and other secondary uses of consumer-generated wellness data. The U.S. Department of Health and Human Services (HHS) articulated significant gaps in regulating health information privacy and security in a report released last month. HHS recognized that while technological innovation has advanced at an extraordinary pace in recent years, privacy and security protections of health information have not kept up. The Best Practices released today begin to build norms for such data by making recommendations for privacy practices that:
- Provide consumers choices about the sharing and use of their data;
- Support interoperability with global privacy frameworks and leading app platform standards; and
- Elevate data norms around research, privacy, and security.
“Some data collected from wearables may be relatively trivial, but other data can be highly sensitive,” said Kelsey Finch, Policy Counsel, FPF. “These principles are tailored to provide appropriate protections calibrated to the nature and sensitivity of the data.”