HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

HIPAA Compliant Wellness Platform Launched By Fitbit

Yesterday, Fitbit, America’s leading manufacturer of activity and fitness trackers, announced it has developed a HIPAA compliant wellness platform which it aims to use to corner the lucrative healthcare market.

The company has flirted with health and fitness trackers for the healthcare sector for some time; however, until now one of the major stumbling blocks has been the Health Insurance Portability and Accountability Act (HIPAA), which places a number of restrictions on the use of electronic devices capable of recording, storing and transmitting Protected Health Information (PHI).

No electronic device can be fully HIPAA-compliant, as compliance with HIPAA Rules is dependent on the actions of the users of the devices. Therefore, rather than being billed as a HIPAA compliant wellness platform, Fitbit announced that it ‘supports’ HIPAA compliance, having incorporated the necessary safeguards – as demanded by HIPAA – to keep stored and transmitted data protected from prying eyes.

According to James Park, CEO and Co-Founder of Fitbit, “We prioritize protecting our consumers’ privacy and keeping their data secure.” He went on to say, “Our compliance with HIPAA safeguards formalizes this commitment, and, more importantly, it creates opportunities for more effective relationships with corporate wellness customers.”

Get The Checklist

Free and Immediate Download
HIPAA Compliance Checklist

Delivered via email so verify your email address is correct.

Your Privacy Respected

HIPAA Journal Privacy Policy

The latest B2B wellness platform is likely to be welcomed by healthcare providers looking to offer patients and employees the opportunity to join wellness programs, and also to make those programs more effective. The company’s wearable devices have potential to help patients and employees improve their health, by engaging them and motivating them to become more active; thus reducing the risk of suffering ill health in the future.

Fitbit hopes that its secure wellness platform will be adopted by HIPAA-covered entities, and that its devices will allow healthcare providers to keep a close check on the effectiveness of their wellness programs, without running the risk of violating HIPAA rules.

Vice President and General Manager of Fitbit Wellness, Amy McDonough, said in a recent press release, “We are excited about this new initiative and believe it will allow Fitbit Wellness to serve a broader market, and is another step forward in achieving Fitbit’s goal of empowering users to lead healthier, more active lives.”

Even though data recorded by the fitness and activity trackers can now be shared securely – satisfying the HIPAA Security Rule – the HIPAA Privacy Rule forbids the sharing of PHI unless consent to do so has first been obtained from the individuals using the devices.

Before data can be shared with any third party, consent to share information must first be obtained from users of the devices. Users of the fitness trackers may be concerned about the data that could potentially be shared with third parties, but Fitbit has confirmed that not all data recorded by, or entered into the devices will be shared.


For example, personal information recorded by the device – such as heart rate readings and sleep pattern data will not be shared. Instead, only simple fitness metrics recorded by the devices will be transmitted, such as the number of steps taken and daily activity levels.

In addition to sharing information on individuals, Fitbit also plans to offer insurers and healthcare providers the option of receiving aggregate data. McDonough says this data will allow different offices to compete with one another via the company’s wellness platform. She believes the new HIPAA compliant wellness platform has tremendous potential to help organizations develop “a culture of health.”

The announcement of the latest business to business offering coincides with the Fitbit Captivate Roadshow: A series of events aimed at improving awareness of the benefits of the company’s wearable devices and also of developing wellness programs for employees and patients. The first event took place yesterday in Chicago, with the next event due to take place in Fitbit’s home city of San Francisco at the end of the month. The last event in the Fitbit Captivate roadshow will take place in New York on October 13.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.