By Cassie McGrath

April 17, 2025

Are you wearing a smart watch or smart ring right now? How about smart glasses or a hearing aid?

All these devices are considered wearables, and the market for them has grown exponentially in recent years—from $20 billion in 2015 to $109.3 billion in 2023.

Some of the devices, like watches and rings, collect user health data such as heart rates and blood oxygen levels. And while 75% of 1,000 of patients reported they were comfortable with their physician having access to their health data according to a July 2022 survey from the American Medical Association, 82% of 2,414 US residents in a 2022 Trusted Future study expressed concern about data privacy outside clinics.

But data privacy laws are lacking in the US compared with the European Union. The Health Insurance Portability and Accountability (HIPAA), a well-known patient privacy law that falls on hospitals and health plans, generally doesn’t apply to wearable companies.

That means that outside of the 20 US states with data privacy laws, there’s no federal requirement for wearable companies to protect health data. They can even legally sell it to third parties.

In the face of this, data privacy experts told Healthcare Brew that more transparent companies can build stronger brand loyalty among users and gain a competitive edge.

Cost of concealment

Issues with data privacy have cost many businesses, experts said.

For example, family ancestry company 23andMe, which has access to users’ DNA information, experienced a data breach in 2023 that cost them $30 million in a settlement. In March of this year, the company filed for bankruptcy.

“Consumers flock to companies that advertise and make sure that they’re fully transparent around their privacy practices,” Ron De Jesus, field chief privacy officer at data privacy company Transcend, told us.

Customers were also urged to leave period-tracking and fertility apps following the overturn of Roe v. Wade due to concerns that data about their cycles could be shared with states and law enforcement agencies.

“If they say they’re not going to share my information, [and] I later find out that they do share my information, that’s going to be a breach of trust for me, which may cause me to lose affinity for that brand,” Pat McGloin, managing director of health and life sciences at health advertising company Merge, said.

Signing off

It all comes down to user agreements. You know, those things that no one actually reads. (And by no one, we mean approximately 9% of users, according to the Pew Research Center.)