Renewed push for companies to better protect your personal health data

Kirstin Garriss
·2 min read

Whether you realize it or not, many forms of data like your browsing history, web searches and location can reveal sensitive details about your health and healthcare choices.

But that information isn’t always protected.

“We need to stand up and say now is the moment to protect your customers and protect your users,” said Alexandra Givens, President & CEO for the Center for Democracy and Technology.

Alexandra Givens is the President & CEO for the Center for Democracy and Technology. This month, the organization released a new report outlining best practices for companies that collect, keep, share and use your data.

“Companies should be limiting their collection, limiting how long they store it for, making sure they store it safely and then having really robust mechanisms in place if law enforcement is going to ask for it or they’re going to share it a third party,” said Givens.

This comes almost one year since the U.S. Supreme Court overturned Roe v Wade last summer with the Dobbs v. Jackson Women’s Health Organization decision. Givens said now more law enforcement agencies may be turning to companies to gain access that private data.

“The stakes were always high for sensitive health information but after the Dobbs decision the stakes for reproductive data are higher than ever before,” she said.

The Washington News Bureau reached out to some of the major tech companies about their privacy policies.

According to Apple’s Health Privacy Overview, “data in the Health App and HealthKit is never shared with any third party without the user’s explicit permission.”

Last year, Google announced its location history is off by default and if you turn it on, the company will delete those entries after you visit.

Moving forward, Givens said transparency from more companies is critical.

“If there are some companies that really lean into their privacy commitments, they’re building their brand around it. They’re making direct promises to you as a consumer saying we are going to protect your data, that’s what you want to look for because if they’re making those statements the federal trade commission can make sure they’re actually keeping to them,” said Givens.

For health-related apps, experts also believe this data should be encrypted whenever possible so only the customer can access it.

The Bureau also reached out to Natural Cycles, the only FDA cleared birth control app, about its privacy policy.

“As a regulated medical device Natural Cycles had advanced data protection policies in place prior to the Dobbs decision. As a company founded by a woman for women we fully support any and all resources – including this report – that aim to help keep women’s data safe. We are of the mindset that every app – even if they have strong privacy protections like ours – should be working even harder to protect data on their user’s behalf. This is why as we started to navigate a post Roe v. Wade world our Data Protection Team worked hard to ensure our users continued to feel comfortable using Natural Cycles to prevent or plan pregnancy. In late 2022 Natural Cycles launched NC° Secure – a comprehensive privacy protection program that includes identity protection in the form of a fully anonymous experience while using the NC° app.” - Natural Cycles’ spokesperson.