Are health apps harmful to your privacy? 6 tips to help protect your sensitive information

It may feel like good self-care to track your daily steps, monitor your sleep and get reminders to take your meds or vitamins. But the health apps you use to stay well may be putting your privacy at risk.

Many health apps collect and store troves of personal information about you. This data can end up in the hands of third and fourth parties when the app maker shares it with another company, which shares it with yet another company.

About one in five Americans uses a smartwatch or fitness tracker and corresponding app, according to a 2020 Pew Research Center study. And health apps have expanded far beyond just tracking fitness.

In addition to ubiquitous apps like Apple's Health app, Fitbit, Google Fit, and MyFitnessPal, there are hundreds of health apps available with the touch of a smartphone screen. Other popular health apps include:

• Drinker's Helper, to help you cut back on or quit alcohol
  
• Fooducate, a weight loss motivation app
  
• Headspace, a guided meditation and mindfulness app
  
• Medisafe, an app that alerts you to take your medications
  
• MindDoc, a mental health and mood logger
  
• Moody Month, a wellness app for women based on monthly cycles
  
• Replika, which lets you "form an actual emotional connection" with an AI chatbot
  
• Rise, a sleep and energy tracker app designed to help you sleep better
  
• Waterlogged, an app that helps you up your daily water intake
  

If you use health apps like this — and many of us do — it's smart to learn how they can affect your health privacy.

Health apps may sell your private data

A study done by the BMJ medical journal found that about 79 percent of health apps share user data outside of the app.

This health data may be shared with big tech companies, data brokers, product manufacturers, drug makers, insurance companies, health researchers, service providers, and others.

Some of these data buyers may use your information to target you with ads or try to sell you services. For example, the BMJ found that one medical appointment booking app cashed in on user data by tipping off a personal injury law firm about app users who were seeing a doctor for injuries. The firm could then approach the app users as potential clients. 

Privacy experts also worry that insurance companies could use private health data harvested from apps to make insurance decisions — such as whether to sell you a life insurance policy and how much to charge in premiums.

Keep in mind that health apps may collect a wealth of data about you, including your:

• Alcohol use: what and how much you drink
• Diet: what you eat and how many calories you consume
  
• Diseases and health conditions
  
• Daily steps and exercise
  
• Health metrics such as blood pressure or blood sugar
  
• Fitness data such as average resting heart rate
  
• Medications you take for specific health conditions
  
• Moods and mental health issues
  
• Sleep hours, patterns and quality
  
• Weight and weight loss or gain over time
  

Many health app users may want to keep this sensitive information private. This data, especially when taken as a whole and paired with data like your phone number, can provide a very detailed picture of the state of your health and may even allow companies to identify you.

Help safeguard your data when using health apps

Not ready to swear off health apps forever? There are ways you can protect yourself while using the apps. Here are steps you can take to safeguard your privacy when using digital health tools.

1. Beware of "free" apps

There's an adage that if you're not paying for a product, you are the product. Keep in mind that many "free" apps coax you to make in-app purchases, contain advertising or may ask you to give away data in exchange for the use of the "free" service.

2. Nix unused apps

You probably have at least a few unused health apps sitting on your phone. Protect your privacy by taking two steps: First, delete or deactivate the account associated with the app — even if you have to log in on your computer or contact support to do so. Next, delete the app from your phone. Taking both steps may help to protect your personal information.

3. Consider app alternatives

Apps do make life easier, but you may want to think about whether you really need that health app — especially if it tracks medications you take. The BMJ found that apps related to medicines may be especially likely to sell or share data because "these apps collect sensitive, specific medical information of high value to third parties." If you need a reminder to take your pills, maybe a vague calendar alert would work just as well. 

4. Know the privacy policy

Look at the privacy policy on any health apps you want to keep — or any new ones you're thinking about downloading. Look for any information about if and how the app shares data with third parties. It may be a bad sign if the policy is overly complicated and hard to understand, or if there's no information about third-party sharing, according to a report on health apps and privacy from Consumer Reports.

5. Check your permissions

Many health apps request permissions to access all kinds of information from your phone. This may include permission to: access your photos, track your location, read and write to device storage, look at the Wi-Fi connection, and read phone status and identity, including your phone number. Go to the settings on your phone and turn off any unnecessary permissions.

6. Shut down social sharing

It's not just companies and researchers who may get ahold of your private health information. Many apps have a "social" component that may share your data with your friends, family members, and even strangers you've connected with on the app. Each app may work a little differently, but check the privacy controls in the app to turn off "sharing" with anyone you don't want to see your stats.

Health apps can be a great tool for staying on top of your wellness goals. But they also come with downsides in terms of privacy. So it's important to know the risks and take steps to protect yourself against privacy risks before you start tracking your moods, logging your meals, or baring your soul to your new AI friend.

* The inclusion of websites, apps, brands, service providers or links does not imply endorsement or support of any company, product, and/or provider listed herein, nor should it be inferred that NortonLifeLock is endorsed by, sponsored by, or affiliated with such brands.