Wearables spark Washington debate over privacy rules in digital health

On July 9, 2025, René Quashie, Vice President of Digital Health at the Consumer Technology Association (CTA), testified before the U.S. Senate Committee on Health, Education, Labor, and Pensions (HELP) during a hearing focused on advancing privacy protections in the age of wearable devices, apps, and artificial intelligence.

What happened 

In his testimony, Quashie discussed the transformative potential of digital health technologies, like wearables, remote monitoring tools, and AI-driven platforms, in enhancing patient care, improving health outcomes, and expanding access, especially in underserved communities. He acknowledged the increasing reliance on consumer-generated health data and stressed the urgent need for a comprehensive federal privacy framework that applies uniformly across all sectors. 

Quashie warned that the absence of a clear national privacy law not only weakens consumer trust but also creates legal uncertainty for innovators. He advocated for legislation that ensures transparency, control, and accountability while allowing innovation to thrive. CTA, he noted, has been active in establishing industry best practices and supports efforts to align U.S. data privacy policy with international standards.

What was said 

According to the CTA senate hearing document, “I want to begin by highlighting the innovation happening in health care right now and why it is important. Advancements in wearables, AI, and other advanced technology are transforming not only how patients access care but are also putting them in control by delivering personalized insights and screening for signs of chronic disease before a costly adverse event. This is more important than ever as patients across the country face incredible barriers to accessing care, driven by provider shortages. More than 77 million Americans live in a primary care health care professional shortage area and more than 122 million Americans live in a mental health professional shortage area.”

Related: HIPAA Compliant Email: The Definitive Guide (2025 Update)

FAQs

Are wearables like Fitbits and Apple Watches covered by HIPAA?

No, most consumer wearables are not covered by HIPAA because the companies that make them, like Apple, Fitbit, or Garmin, are not considered covered entities or business associates under the HIPAA Privacy Rule.

What laws currently regulate the privacy of data collected by wearables?

Currently, there is no comprehensive federal privacy law that specifically governs wearable health data outside of HIPAA. Instead, data collected by consumer wearables falls under a patchwork of laws like the Federal Trade Commission (FTC) Act. 

Can healthcare providers use data from wearables in clinical decision-making?

Yes, but with caution. Providers must ensure the data is accurate, validated, and integrated securely. If data from a wearable is transmitted through a HIPAA-covered app or platform (e.g., via Apple Health shared with a doctor), HIPAA protections may apply at that point.