Unbeknownst to millions of Americans who seek health and fitness help on their computers or smartphones, bits and pieces of their personal, sensitive health information are loose on the Internet. And right now there's not much either they or their healthcare providers can do to protect their online privacy—except quit using these services.
Two new published reports have found that multiple leaks are springing from many popular Internet-based medical, health and fitness websites and mobile applications. In addition, the Illinois attorney general has written to a few executives from online health websites, asking what information they “capture, collect, store, aggregate, sell, share or transmit” about their visitors and whether they “benefit financially” by letting third parties access it, giving rise to “troubling privacy concerns.”
Some experts fear that third-party use of this personal health information could lead to employment discrimination, loss of insurance coverage or higher premiums, and fundamental privacy intrusions.
The operators of many consumer-directed health and wellness sites and their counterpart vendors of mobile health applications work in a regulatory gap between the Health Insurance Portability and Accountability Act, policed by HHS' Office for Civil Rights, and the Federal Trade Commission Act, enforced by the FTC. So, right now, it's user beware.