Brooklyn Law Review


Recently, insurance companies have gained greater insight into their policyholders’ health habits by incentivizing them to take steps towards a healthier lifestyle through the use of wearable devices. This note addresses the recent trend of insurance companies that offer discounts to policyholders who use Fitbits, or other wearable wristbands, to track and report health information. At first glance, this idea seems like a win-win for insurance companies and policyholders–insurance companies can reduce risk by encouraging healthier habits for their policyholders, and policyholders receive discounts on their health insurance. Despite this synergy, however, this type of program threatens personal privacy, particularly in the realm of health insurance. Now, not only will health insurance providers gain full access to an individual’s full health profile—which may include information regarding an individual’s illnesses or other conditions and influence the price of their premium or the status of their coverage—but they will also have access to all of the other information collected by these devices, such as the location of the user at a given time. Even more threatening is the fact that privacy regulations surrounding the collection of this type of information is less than sound, creating opportunities for third parties and hackers to also gain access to an individual’s personal health information. While laws and regulations “protect” some of this information by requiring companies to implement safeguards and, in some states, to notify individuals of leaks or hacks, these safeguards inadequately protect consumers from other possible dangers. This note suggests that, due to these increased risks that go hand-in-hand with technological advancements and increased data collection, the United States should adopt new regulations to govern the collection, storage, and dissemination of this information in order to protect consumer privacy.