If you're in legal I'm sure you're interested in compliance. It is exciting after all, lol. Anyway... here are some you need to consider when it comes to compliance and your tech.
#AI #LawFirm #GDPR #HIPPA #SOC2 #GeneralDataProtectionRegulation #HealthInsurancePortabilityandAccountabilityAct #ArtificialIntelligence #ServiceOrganizationControl2
Who Really Owns All Your Health Data? – Lifehacker
Credit: René Ramos / Lifehacker/Diamond-1982 /KanisornP //iStock /Warut Lakam /Moment / Getty ImagesWho Really Owns All Your Health Data?
Hint: It’s not you.
By Meredith Dietz, November 6, 2025
Table of Contents
Table of Contents
Sleep patterns. Heart rates. Menstrual cycles. Weight fluctuations. Medication schedules. The location of major world leaders. Every morning, millions of people strap on smartwatches, open period-tracking apps, and upload their most intimate details to the cloud. We’re told this data will optimize our health, help us live better lives. But there’s a darker question lurking beneath the surface: Who actually owns all this information, and where exactly is the line between optimization and surveillance?
First things first: What HIPAA actually protects
In discussing this topic with friends and family, most everyone I know assumed their health data enjoys robust federal protections under HIPAA (the Health Insurance Portability and Accountability Act). Sadly, they’re wrong. HIPAA applies exclusively to “Covered Entities,” aka health plans and healthcare providers. The fitness tracker on your wrist? Not covered. The period-tracking app on your phone? Not covered. The sleep monitor beside your bed? You get the picture.
“When we think we are protected and we’re not—that’s when we run into danger,” says Ron Zayas, an online privacy expert and CEO of Ironwall by Incogni. “So when you let a company collect your health data, it is safe to assume two things: 1) you are not covered by HIPAA protections. and 2) the company is going to sell your data.” The reason is simple economics. Selling user information often generates more revenue than the product itself. Your health data is intensely personal, which makes it intensely valuable.
What happens when we don’t own our health data
I remember firsthand when my friends and I frantically deleted apps period-tracking apps after the Supreme Court overturned Roe v. Wade in 2022. What once felt like simple tools for monitoring my cycle suddenly looked a lot like potential evidence in criminal investigations. We were terrified our menstrual data could be subpoenaed to prove we’d had abortions, and this fear wasn’t paranoid. As Zayas explains, governments can purchase the same data anyone else can and cross-reference it with location information from mobile phones. “When you had—or skipped—your period can imply if you are pregnant or trying to get pregnant,” he says. “Governments can buy this information and tie it to your recent trips to decide if you had an abortion or miscarriage.”
At the same time, I love all kinds of health-related “optimization.” I love sharing my runs on Strava and checking my sleep score on my Garmin. Outside of my vanities, health gadgets can deliver life-changing benefits—monitoring blood sugar, tracking heart rate variability, detecting irregular sleep patterns. But what happens when that data shows you’re not exercising enough, or eating poorly, or sleeping irregularly? Could your rates increase? Could you be denied coverage?
Like with the period-tracking fears, the very real concern here is that same data streams that help you feel in control of your health—that make your daily life more “optimized”—can be exploited for insurance profiling, targeted advertising, or even employment decisions, if data-sharing policies aren’t strictly controlled. Let’s take a look at the fine print to see where exactly your data is going, and what you can do to protect yourself.
The fine print nobody reads
Julia Zhen, a third-party information security risk manager at a major nonprofit, says, “If you want to know what information is being gathered and/or stored—which are two distinct acts—start with the privacy policy for the app itself.” On top of that, third parties like the Google app store have their own terms of service, creating multiple points of data collection to investigate.
Zhen recommends a shortcut: Search for keywords like “sell” or “share” within privacy policies to quickly understand what happens to your data. “Most of the time, companies are de-identifying individuals from their data because they want to aggregate information and speak to certain demographics,” she explains. That aggregation still might raise ethical concerns, but according to Zhen, it’s industry standard practice these days.
Editor’s Note: Read the rest of the story, at the below link.
Continue/Read Original Article Here: Who Really Owns All Your Health Data? | Lifehacker
#Health #HealthData #HealthInformation #HealthInsurancePortabilityAndAccountabilityAct #HIPAA #Lifehacker #MedicalRecords #Ownership
Jezebel: Sex. Celebrity. Politics. With Teeth: 19 Republican Attorneys General Want Police to Investigate People for Abortions https://jezebel.com/19-republican-attorneys-general-want-police-to-investig-1850648742 #Jezebel #healthinsuranceportabilityandaccountabilityact #socialpolicyofthejoebidenadministration #dobbsvjacksonwomenshealthorganization #antiabortionmovementintheunitedstates #abortionintheunitedstates #heritagefoundation #jacksonhealth #danielcameron #xavierbecerra #rogerseverino
Jezebel: Sex. Celebrity. Politics. With Teeth: Biden Administration Moves to Ban Healthcare Workers From Reporting Abortions to Police https://jezebel.com/biden-administration-moves-to-ban-healthcare-workers-fr-1850329390 #Jezebel #healthinsuranceportabilityandaccountabilityact #104thunitedstatescongress #health2cmedical2cpharma #reproductivehealth #matthewcortland #medicalprivacy #michaelbennet #jamilaperritt #socialissues #dataerasure #maziehirono #privacylaw #medicallaw #law2ccrime #midwifery
