In the past I’ve used NikeID, which communicates with a chip inside my sneakers to track my run data.

Confession: I once attended a digital media conference and entered a contest to log the most steps on the conference floor. I tied my step-counting device to my ceiling fan and let it go all night.

For some, there is concern that personal health data can be hacked, stolen, or exploited for marketing purposes without consent.  

For those of us in the digital advertising sector, we have a responsibility to be clear about where our data comes from, consumer protection laws, as well as the benefits of advancing our health through data collection.

Given this, below is a brief summary of how personal body data is being collected, protected, and used in the digital advertising sector today.

Current state of digital privacy

In terms of digital marketing, healthcare and pharmaceutical sectors have long worked under state and federal laws to protect sensitive personal health information.

For example, HIPAA, the Health Insurance Portability and Accountability Act, works to protect confidentiality of patients and control the flow and purpose of information used by insurers.

Additional laws are in place that govern how and when healthcare providers can contact patients for the purpose of selling new drugs and treatments.

These laws typically boil down to intent: is the marketer protecting the public from health risk, or are they trying to make money?

If there is a health risk to an identified class of patients, their personal information is more likely to be accessed.

Additionally, Google and the Federal Drug Administration protect consumers with a thorough legal-medical review (LMR) process of each ad campaign.

The privacy of your personal health information generated by apps and websites (also known as Patient Generated Data) is largely protected by HIPAA if the data is tied to a personal identifier, such as a user account associate.

However, it is important to note that apps are developed around the world and enforcement of HIPAA policy is difficult unless complaints are filed.

In fact, eHealth presents a new challenge for HIPAA. In 2015, the Office of the National Coordinator for Health Information Technology (ONC) and HIPAA began a two-year project to understand the sector and draft new policy on this matter.

Until then, consumers should not quickly assume that app developers – particularly those outside the U.S. – are storing secure, HIPAA-compliant data.

Wearable tech

With the recent introduction of wearable technology and smartphone apps accessing our bodies, our personal body data is being trusted to technology companies and app developers who operate largely based on their own privacy terms and conditions.

Companies such as Apple have vigorously protected consumer data, however many app providers are relatively anonymous to the general public.

They are vulnerable to data breaches, hacks, and their own marketing principles.

Apple’s HealthKit and Health apps collect health and fitness data including heart rate, calories burned, cholesterol, and blood sugar.

They also can connect with healthcare providers to share lab results, medications, and more. The insight provided makes a doctor more informed about the holistic status of one’s health; however fears of data security persist.

Many of the free apps available for download will earn revenue by selling your data, which could be associated with your account or user name identifier.

According to the Wall Street Journal, “many of the roughly 40,000 health apps and wearable devices on the market today make money by selling user data to marketers and other companies.”

Epidemiological data

Epidemiological data is patient-anonymous data that allows the medical community as well as marketers to better track disease outbreak, rises in specific types of illnesses, and more.

For example, the Incidence & Prevalence Database covers over 4,500 diseases, procedures, symptoms and other health issues for incidence, prevalence, morbidity, mortality, comorbidity, treated or diagnosed rates, cost and much more.

Forecasting tools such as this allow pharmaceutical advertisers to concentrate efforts in predicting illness patterns and making treatments marketed and available at the right time and place.

Personal genomics

Personal genomics through DNA sequencing provides your body’s genetic information for use in predictive forms of medicine.

This could reveal genetic links to cancer, inherited predisposition to disease such as Alzheimer’s, or even help a doctor determine which medications will be most effective in treating your illness.

DNA sequencing is available from popular online companies such as 23andMe,, and

Laws have been enacted in some U.S. states and by the federal government, such as the Genetic Information Nondiscrimination Act (GINA) to protect citizens from being discriminated against based on their genetic profile.

This information, if attained by an insurer or employer, may identify the person as a health risk or insurance risk.

In summary, respected companies such as Apple will fight to keep personal health info safe, but the far reaches of its App Store reveal thousands of anonymous tech companies that are vulnerable to data breach and are perhaps willing to sell your information for profit in exchange for free apps.

Google and the FDA work to regulate advertising claims among pharmaceutical companies and healthcare providers who partner with agencies schooled in LMR best practices.

The upside of this data is in predictive medicine and personal insight into your health and fitness, which is a huge benefit for many people.

July is Data Month here at Econsultancy, so be sure to check out our latest reports and blog posts.