Fitbit (NYSE: FIT) announced last Wednesday that it is adding HIPAA compliance protocols related to its privacy and security for its Fitbit Wellness division. The U.S. Health Insurance Portability and Accountability Act (HIPAA) is the primary U.S. law governing the security and privacy of personal health information used by health insurance plans and other covered entities. This is a big step for Fitbit and opens Fitbit to opportunities in terms of a healthcare play, as meeting HIPAA compliance will allow Fitbit to share user data from its corporate wellness platform with healthcare providers, health plans and self-insured employers.
As reported in MedCity News, Amy McDonough,vice president and general manager of Fitbit Wellness, said “We think there will be opportunities in the future to more deeply integrate with healthcare organizations”. At the moment, Fitbit states that Fitbit users will have to consent for their data to be used and that program managers will only get a subset of their data, such as steps taken, distance walked or minutes of activity. More personal information, including sleep patterns and heart rate will not be shared with employers, McDonough said.
As the world’s largest wearables manufacturer, this move has a big impact, as Fitbit Wellness provides hardware, software and services to corporate wellness programs within the enterprise, having launched its initial offering in 2010. Fitbit Wellness works with organizations across all industries, including Appirio, Boston College, Box, Houston Methodist, Indiana University Health, Sharp Healthcare, TransUnion and Target. It has longstanding partnerships with leading corporate wellness organizations such as StayWell, Humana and Vitality, as well as health plans including Anthem. To date, over 50 of the Fortune 500 companies across a variety of industries are Fitbit Wellness customers.
What remains to be seen is what additional health data Fitbit users may opt to have their healthcare providers see only, which is a likely option that Fitbit will have to consider and these communications would be protected under HIPAA. One has to assume that additional Fitbit product offerings are in development that could add value to Fitbit Wellness customers in terms of making actionable health data from Fitbit users more available to healthcare professional teams. This could be particularly relevant to Fitbit users who suffer from chronic health conditions that require more regular monitoring to keep patients optimally healthy. Regardless, this HIPAA compliance is an exciting development and one certain to be followed by other major wearable developers that want to play in this space.
