RFK Jr. Wants Every American To Wear A Health-Tracking Device, And Security Experts Have Serious Concerns
During a House Energy and Commerce Health Subcommittee hearing, Health Secretary Robert F. Kennedy Jr. said he'd like all Americans to use wearable health products, such as Fitbits, Apple Watches, Oura Rings, WHOOP and glucose monitors, to 'control' their health and 'take responsibility' for it.
According to Poltico, Kennedy said people can use wearables to track 'what food is doing to their glucose levels, their heart rates and a number of other metrics as they eat it, and they can begin to make good judgments about their diet, about their physical activity, about the way that they live their lives.'
While this remains just a suggestion and not a mandate, it's been announced that the Department of Health and Human Services will launch a campaign to encourage Americans to wear these devices.
Wearables can track your heart rate, menstrual cycle, fitness regimen, blood sugar levels, sleep patterns, location and more. They're a great way to understand your health (for example, the Oura Ring lets you know when it thinks you're getting sick) and to stick to a workout regimen (the Apple Watch is both loved and hated for its 'close your rings' reminders).
While they can be helpful for the average person, these devices store lots and lots of our data — is it safe for all of this information to be out there? And what happens if this data ends up in the wrong hands — including the government's? Experts weigh in.
First, know that no one has said the government will actually collect this health data.
Related: It Turns Out That Most People Wipe Their Butts Completely Wrong, But This Doctor Is Here To Teach Us The Right Way
There is a major difference between the government having access to health data and the government simply encouraging folks to use wearables for their own health tracking, said Alex Hamerstone, the advisory solutions director for TrustedSec, an ethical hacking company.
'Those are obviously two very different questions, and there's no indication at this point that they're looking to have the government have access to that data,' he noted.
The government does, though, already have access to lots of health data. 'If you look at the percent of people who receive health care through Medicare and Medicaid and state programs, and so on and so forth, they already have a lot of very detailed information,' Hamerstone noted.
'I know there are guardrails around it and things like that, but not to get into any kind of political thing, but a lot of those guardrails seem to be falling down,' he noted.
You should also understand that no matter who is privy to it, health data is very valuable.
You've probably heard the phrase 'data is the new currency,' meaning your personal data has inherent value to companies. It's how they sell you ads and understand your needs.
But 'health data is just kind of a different category of data,' said Hamerstone.
Having your credit card hacked is temporarily annoying, but you're not liable, and typically, after some phone calls and logistics, your life will go back to normal.
'But if someone gets access to your private health care data, that's much different. It's a different kind of data,' Hamerstone said.
'So, somebody knowing how many steps you take is one thing, but if you start to get into things like glucose levels or very detailed medical information, those things could start to affect other parts of your life,' he added.
This could impact insurance rates and insurance options, Hamerstone said.
Some experts are worried about the government's ability to protect health data because of past breaches.
Related: Older Women Are Revealing Their Biggest "Life Regrets," And Every Young Person Needs To Hear This
Kevin Johnson, the CEO of Secure Ideas, a security testing and consulting company, has concerns about the government's ability to protect any data that is gathered through the use of wearables.
For instance, in 2018, there was a major security breach involving the Strava fitness app and the U.S. government in which soldiers' locations at military bases were shared via Strava.
'So, the idea that the government is saying we're going to encourage ... wearing of these when the government had a significant security problem due to this, that's one of the concerns that I just don't understand how we forgot that happened,' said Johnson.
Overall, Johnson said, there are 'significant security issues with wearable devices.'
'My company and other companies have tested these devices. We've found vulnerabilities. We have found ways that the wearable technology gives an attacker access to your data because of security lapses in the hardware and software. We've seen multiple cases where attackers are able to gain access to things that are unrelated to the health care data because of security problems,' Johnson said.
There have also been privacy violations when data brokers get access to this data, whether they gain access illegitimately or legitimately, Johnson said.
(And the companies collecting the data from wearables do often sell your data to data brokers, Johnson noted.)
You may not care if someone has your heart rate data from your smartwatch, but it's so much more than 'just' that.
'There are always security concerns when it comes to connected technology,' said Dave Chronister, the CEO of Parameter Security.
And your wearable device is most likely connected to your smartphone — meaning it has access to lots of your personal data, according to Johnson.
'No device or platform is completely secure,' Chronister noted. 'Attackers often target the backend systems, such as cloud servers, via compromised employee credentials or software vulnerabilities.'
'Devices that rely on Bluetooth or Wi-Fi can also be exploited, and if the device supports messaging or sync features, phishing or spoofing attacks are possible,' noted Chronister.
These devices can also get stolen or lost, which also puts your data at risk, Chronister added.
Johnson said he's often heard people say things like, 'Oh, it's just my heart rate data, that's not a big deal,' but it's actually so much more than that.
'The issue is, we're not just talking about heartbeat. We're not just talking about your sleep schedule. We're talking about your location. We're talking about most of these apps tie into your contacts so that you can invite friends,' said Johnson.
More, it also may include your reproductive health data, glucose levels or heart irregularities, Chronister said.
'These can paint a sensitive, personal portrait of someone's health and behavior,' Chronister added.
Health data from wearables isn't protected like your medical records.
'It's important to understand that data from wearables is not protected under HIPAA like your medical records are,' said Chronister. HIPAA protects patient health records from things like doctor's appointments.
'Instead, it is governed by the company's terms of service ... which often include loopholes that allow for data sharing or sale, especially in the event of a merger or acquisition,' Chronister explained.
This is true even if the company says they'll never sell your data. 'That promise can be overridden by fine print or future policy changes,' he added.
'Consumers should be aware that once their data is out there, they may lose control over how it is used,' Chronister said.
What can you do to protect your security if you use wearables?
'Almost all of these types of devices have some level of privacy controls in them that you're able to select what data you give,' said Johnson.
If you decide to get a wearable, make sure you check your privacy settings and adjust them accordingly, he noted.
'And this is very important — regularly go in and validate that the privacy settings are still set the way you want them to be,' Johnson added.
This is really the most you can do to protect your data, and it certainly won't totally protect you from data breaches or data brokers.
'Unfortunately, individual users have very limited control. You are largely at the mercy of the device manufacturer and app provider,' Chronister noted.
While you can follow privacy precautions, such as by 'turning off unnecessary Bluetooth connections, using strong account passwords, and checking app permissions ... those measures only go so far,' Chronister said.
'The real issue is how companies store, share and protect your data behind the scenes,' Chronister noted.
Chronister stressed that 'it's critical to understand the long-term implications of voluntarily handing over personal health data to private companies. This information can be sold to marketers, shared with third parties, or exposed in a breach.'
He voiced specific concern about how this data can be combined via different apps and companies over time to build 'incredibly detailed personal health profiles.'
So while it may not be a big deal if one company has your sleep data and another has your activity levels, these companies can be acquired, or data can be combined to create a fuller picture of your private health information.
'And AI is really a wild card. Going forward, it will increasingly be able to draw conclusions and make predictions about your current and future health. This raises serious questions about how such insights could affect things like insurance eligibility, premium rates, or even creditworthiness,' Chronister said.
When it comes to health data (and data of any sort), 'the risks are inherent even with the government not involved,' Hamerstone said.
Once that data exists, it's at risk of being lost or stolen by bad actors, he added.
Keep that in mind before you start using wearable health technology, and if you're already a user, it's important to be aware of the risks so you can make informed decisions and do what you can to protect your privacy.This article originally appeared on HuffPost.
Also in Goodful: This Woman Is Going Viral For Begging Women Not To Get Married Right Now, And Personally, I Couldn't Agree More
Also in Goodful: People Are Sharing Their Biggest "How Doesn't Everyone Know This?" Facts, And I'm Honestly Embarrassed I Never Realized Some Of These
Also in Goodful: "I Can't Wait For This To Go Out Of Style": People Are Sharing Popular Modern Trends That Are Actually Pretty Toxic
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
USA Today
an hour ago
- USA Today
US pediatric group breaks with CDC advice, recommends COVID vaccines for young children
The American Academy of Pediatrics released its vaccine recommendations on Aug. 19 in a break from federal guidance shaped by Health and Human Services Secretary Robert F. Kennedy Jr. The AAP, in tandem with multiple other professional medical associations, previously decried a May announcement made by Kennedy Jr. that the COVID-19 vaccine would no longer be included in the Centers for Disease Control's recommended immunizations for healthy children and pregnant women, a move that went against previous expert guidance and bypassed the normal scientific review process. The AAP, a professional organization of over 65,000 board-certified pediatricians dedicated to advancing children's medicine, said in a June 26 statement that it would "continue to publish its own evidence-based recommendations and schedules," as the creation of federal immunization policy is 'no longer a credible process." Kennedy Jr. drew further ire from medical communities when he fired all 17 original members of the Advisory Committee on Immunization Practices, the committee of health experts that provides guidance on vaccine use to the CDC, replacing them with members that critics have called unqualified. Some of the members, like Kennedy Jr., have a history of anti-vaccine advocacy and involvement in anti-vaccine groups. Here's what to know about the new AAP guidance and how it differs from federal guidelines. What is the AAP guidance on COVID-19 vaccines for children? The AAP schedule lists which vaccines children should get at certain ages and provides updated guidance on influenza, RSV, and COVID-19 immunizations for children and adolescents from birth to age 18. The schedule recommends that all children between six months and 23 months receive the latest COVID-19 vaccine to reduce the chance of serious illness. Children and adolescents aged 2 to 18, without other high-risk factors like immunosuppression, can receive and should be offered the vaccine if they were not previously immunized, according to the guidance. Children, teens, and adults alike who are at increased risk of serious infection should receive the vaccine if they have not already, AAP said, adding that its recommendation differed from the CDC, which it said is now staffed with people who have a history of spreading vaccine misinformation. "The AAP will continue to provide recommendations for immunizations that are rooted in science and are in the best interest of the health of infants, children, and adolescents," AAP President Dr. Susan J. Kressly, MD, said in a statement. "Pediatricians know how important routine childhood immunizations are in keeping children, families and their communities healthy and thriving." What is the federal guidance on COVID-19 vaccines for children? The CDC did not go as far as completely removing COVID-19 vaccination from its immunization schedule despite Kennedy Jr.'s insistence. Instead, the agency changed its language from recommending the vaccine annually to suggesting parents consult with their child's physician on whether to vaccinate. Kennedy Jr. previously said that the CDC planned only to recommend the COVID vaccine for people over the age of 65 and those at high personal risk of infection, though the agency's website still contains information recommending it for everyone over the age of six months. A notice on the top webpages on the topic reads, "COVID-19 vaccine recommendations have recently been updated for some populations. This page will be updated to align with the updated immunization schedule," as of Aug. 19. This change to whom the vaccine is recommended could make it harder for others who want the COVID-19 vaccine to get it, experts warned. Since insurance coverage typically follows federal recommendations, anyone who wants the shot but isn't on the CDC's recommendation list may have to pay the price out of pocket HHS Communications Director Andrew Nixon defended the decision in a statement to USA TODAY, accusing the AAP, which receives funding from pharmaceutical companies like Pfizer, of failing to have proper conflict-of-interest safeguards in place. "By bypassing the CDC's advisory process and freelancing its own recommendations, while smearing those who demand accountability, the AAP is putting commercial interests ahead of public health and politics above America's children," Nixon said. Kennedy Jr. shared a separate response on social media on Aug. 19, pointing out that the agency's top donors are four companies that "make virtually every vaccine on the CDC recommended childhood vaccine schedule" and saying that the AAP recommendations are "corporate-friendly" and may "promote commercial ambitions of AAP's Big Pharma benefactors" instead of public health. "AAP should also be candid with doctors and hospitals that recommendations that diverge from the CDC's official list are not shielded from liability under the 1986 Vaccine Injury Act," his post concluded. USA TODAY reached out to AAP for comment on Aug. 19 but has not received a response. The new Advisory Committee on Immunization Practices didn't vote on COVID-19 vaccine recommendations when they met in June and are expected to reconvene in "September/October," according to the CDC. The FDA has signaled intentions to revoke the Pfizer COVID-19 shot for young, healthy children. In early August, HHS announced that it would pull $500M in funding from mRNA vaccine research and development.
Politico
an hour ago
- Politico
RFK Jr. attacks pediatricians' group over vaccine recommendations
In May, the Centers for Disease Control and Prevention dropped its recommendation that all children 6 months and older get Covid shots. Kennedy at the time said the move was based on 'common sense' and 'good science. ' The AAP, however, said it had retained its guidance for young children to get the shots because they are still at risk of severe cases of the disease. 'COVID-19 continues to result in hospitalization and death in the pediatric population,' the group said in a release explaining its recommendations, adding that 'children younger than 2 years old are especially vulnerable to severe COVID-19 and should be prioritized for vaccination.' The pediatric group did not immediately respond to POLITICO's request for comment regarding Kennedy's remarks. Earlier Tuesday, HHS spokesperson Andrew Nixon accused the pediatricians of 'freelancing its own recommendations, while smearing those who demand accountability' in a statement to POLITICO. AAP President Susan J. Kressly defended her group's guidance in response, saying they were 'based only in the science, the needs of children, and the care that pediatricians have for the children in every community.' Despite the disagreement over vaccination of young children, both the new CDC guidance and the pediatricians continue to recommend shots for children with underlying conditions that could put them at risk for severe disease. Both have also scaled back recommendations for healthy children older than 6 months, saying that parents of children without underlying conditions should decide on vaccination in consultation with their pediatrician . Why it matters: The pediatricians' split with the CDC underscores the depth of the distrust between the medical establishment and Kennedy — a longtime vaccine skeptic who once said the Covid vaccine was 'the deadliest vaccine ever made' in defiance of scientific consensus.
Yahoo
3 hours ago
- Yahoo
Iowa attorney general signs letter calling on DEA to ban ‘designer Xanax'
Iowa Attorney General Brenna Bird. (Photo by Aaron Sanderford/Nebraska Examiner) Iowa Attorney General Brenna Bird is calling on the U.S. Drug Enforcement Administration (DEA) in a joint letter to take emergency action to schedule a drug that has been linked to deaths in the state and across the country. Bromazolam is described in the letter penned by Sunday and 20 other state attorneys general as a 'designer Xanax.' The prosecutors say the drug is increasingly contributing to overdose deaths and posing a growing threat to public health. It is also highly potent and unpredictable, Pennsylvania Attorney General Dave Sunday's office wrote, especially when mixed with opioids. Narcan, which is used to reverse an overdose, is ineffective against the drug in such emergencies. Bromazolam is unscheduled under the federal Controlled Substances Act. 'Despite its clear dangers, bromazolam remains unscheduled at the federal level, creating significant challenges for law enforcement and public health officials trying to respond to this emerging crisis,' the attorneys generals wrote. 'Without scheduling, this drug continues to evade traditional regulatory and prosecutorial tools, hindering interdiction efforts and enabling continued distribution through illicit channels.' 'Taking emergency action to schedule bromazolam will help law enforcement remove it from circulation, give prosecutors the tools to hold traffickers accountable, and send a clear signal that this dangerous substance has no place on our streets,' the attorneys general wrote. 'Bromazolam, or 'Designer Xanax' is a lethal, counterfeit drug with no medical use that is highly addictive and killing Americans,' Bird said in a statement. 'It is already an illegal drug in Iowa, and I strongly urge the DEA to take swift and definite action at the federal level to give law enforcement the tools they need to stop this crisis, save lives, and hold traffickers accountable.' This story was originally published by Pennsylvania Capital-Star, which is part of States Newsroom, a nonprofit news network supported by grants and a coalition of donors as a 501c(3) public charity. Pennsylvania Capital-Star maintains editorial independence. Contact Editor Tim Lambert for questions: info@ Solve the daily Crossword
