Is my health data safe on my smartwatch?

Thousands of individuals track their fitness activities carefree in their smartwatch, while many others add additional information such as the calories they consumed, amount of water they had, their period cycle, and more, considering the information will stay between their watch and the smartphone it is connected to. But does it actually stay between your smartwatch and the smartphone? Sorry to burst your bubble but ‘Absolutely Not!’ Let’s learn a little about how your health data is processed in your smartwatch, who owns that data (which is not you), and how in-demand your personal health data is.

To start with, you may want to trust your smartwatch company to respect your privacy as there is no alternative, but you would not want to trust the third parties that your smartwatch company may share your personal health data with. The ‘Privacy Policies’ in many smartwatches clearly mention that your health data might be shared with third parties.

This is where your health data comes at the risk of being sold to the agencies who later target you in accordance with your health history. Interestingly, a person’s PHI (Personal Health Information) is way more valuable and in-demand in the black market as compared to the credit card credentials or PII (Personal Identifiable Information), for its long shelf life. A stolen credit card information can be changed within minutes by the victim but a person cannot change his medical history.

As per the current black market rate where a person’s PII or credit card information is sold for $1 to $2, the PHI on the other hand goes for the average rate of $350 per record. It may give you a rough idea of how valuable your personal health information could be to someone and how desperately hackers are waiting to steal it. Millions of people suffer every year due to their health records being impermissibly disclosed, stolen, or exposed, as per a report by health and human services.

There are numerous ways of using someone's personal health information other than targeting the victim based on their medical history. It can be used to make fake insurance claims, to resale prescriptions, and much more. Before you leave to change your password to enhance the security of your device, let’s take a look at how hackers steal your personal health information.

Bluetooth- Bluetooth is what pairs your smartwatch with the phone. However, several vulnerabilities in it allows the hackers to snoop on your personal information.

Bugs- At times, it is due to the coding error in the software or a weak authentication system in the device which may lead to data loss, privacy leaks, and more.

Apps- Third party apps containing malware are the most common ways of stealing personal data. A hacker can create a basic application with the intent of stealing personal data by inserting a function in it which automatically shares your health data to him under your nose.

Back-end Servers- The cloud storage of the company which stores your health-data is always at the risk of getting attacked by hackers, leading to thousands of health records getting stolen at once, which the hackers may term as ‘Hitting the Jackpot.’

Although the software developers are working day and night to make their devices more and more secure, the risk still exists. According to the experts, implementation of Blockchain Technology in smartwatches is the need of the hour, which keeps the user data across a network of people which is encrypted, immutable, and extremely difficult to hack. Another challenge that the industry is yet to face is handling the sudden massive shift of users from centralized networks to the decentralized one as there’s only one blockchain powered smartwatch company in the market (FitMint Wear) as of now.