Wearable Health IoT Devices: A Vision on Compliance, Security and Feature Directions

The wearable Internet of Things (IoT) technologies have been very popular over the past few years. All the time, millions of people wear smartwatches, fitness trackers, and sleep monitors to monitor their health. Such devices allow gathering physiological and behavioral information in real time, which assists in personalized healthcare, early diagnosis, and preventive therapy. Wearable health IoT systems are increasingly becoming part of our daily lives and, therefore, are gathering numerous personal data points, which brings up some serious concerns about data protection, system security, and rule compliance. Trends in personalized medicine and remote monitoring have precipitated the global attention to wearable IoT in healthcare, which is further increased by the COVID-19 pandemic that highlighted the importance of monitoring health-related data beyond the clinical environment [1, 2]. An example is that, as of 2022, more than one-third of adults in the U.S. were wearing a health-related wearable, which was 14% higher than in the past years. The advantages of these wearables include early warning of abnormalities (e.g., irregular heartbeats), better interaction with patients, and big data in health research [3, 4].

The wearable IoT devices lie at the nexus of technology, healthcare, and personal data that pose complex problems in legal, technical, and ethical spaces [5]. It is noteworthy that the issue of privacy and data protection has been recognized as a primary issue in wearable health technology. Wearables constantly monitor sensitive personal health data, heartbeat rates, sleep patterns, and physical activity data, and it is frequently sent to cloud applications or third-party software. The real-time gathering and sharing of sensitive data brings grave requirements in the data protection law and heightens the privacy issues of the users. The data is highly personal (and can reveal medical conditions), and its misuse or unauthorized use will be catastrophic. The creators and producers of wearables have had a big challenge in ensuring that they comply with the law that is meant to protect such data.

In terms of the legal aspect, wearable health devices are currently in a mess of legal systems. The General Data Protection Regulation (GDPR) that is currently operational in the European Union is quite strict in the processing of personal data and requires some legal justification (including user consent), minimization, and proper security of any information concerning health [6, 7]. In the US, health data privacy is, in turn, governed by industry-specific legislation, such as the Health Insurance Portability and Accountability Act (HIPAA). Wellness wearables and HIPAA Consumer wellness wearables might not necessarily be subject to HIPAA where the information is not processed by a covered medical entity, which can create grey areas of regulation [8, 9]. This distinction explains why it is hard to find a balance with the transfer of equipment and personal information across jurisdictions and legal definitions. These regulatory frameworks will be discussed in the following sections.

Also significant are the technical compliance issues. The size, power, and compute capabilities of wearable IoT devices can make it challenging to enforce strong security and privacy controls. A number of wearables have been found to transmit data in a nonsecure manner or gather additional data than required [6, 10]. Security assessment shows that the communication protocols (e.g., Bluetooth Low Energy) have weaknesses which may allow personal information to be compromised unless well addressed. Protecting privacy-by-design - incorporating data protection capabilities such as encryption and anonymization - are often considered a trade-off to the performance and battery life of the devices [7, 11]. We examine the role of these technical problems in deterring compliance, and solutions to the problems under discussion.

Other than the law and technology, ethical compliance and the trust of the end-users will be of utmost importance to popularizing health wearables. The users should be assured that their intimate health data is being dealt with ethical and transparent methods. Such challenges as informed consent, ownership of data, and algorithmic fairness become prominent [12, 13]. For example, if a wearable’s analytic algorithm is biased or less accurate for certain populations, it could exacerbate health disparities – an ethical concern receiving increased attention [5, 13]. Similarly, the pervasive tracking by wearables raises questions about user autonomy and the potential for surveillance or misuse of data by third parties (employers, insurers, etc.) [8, 14]. Surveys indicate that while many consumers are willing to share wearable data for health benefits, they remain concerned about who else accesses their data and for what purposes [9, 14].

This paper will provide a thorough analysis of compliance considerations and issues of wearable IoT devices in medical and wellness monitoring. We take a holistic approach that encompasses legal regulations that regulate wearable data (Section 2), the difficulties in complying with them (Section 3), and how we will select literature and categorize the issues of compliance (Section 4). Next, we move on to domain-specific discourse: the compliance issues of wearable IoT (Section 5), and the frameworks and solutions that are already available to guarantee compliance (Section 6). Lastly, we point out open research problems and future research (Section 7) that need to be resolved to balance innovation in wearable health tech and high compliance. Encryption and Authentication to Compliance in Wearable IoT Health Devices is addressed (section 8), and a number of Case Studies of Compliance Failures in Wearable/Medical IoT Devices (section 9). This work, by connecting the perspectives of law, technology, and ethics, will help stakeholders, including device manufacturers, healthcare providers, policymakers, and researchers, develop wearable IoT devices that are innovative, effective, and legally secure, and respectful of user rights.

This research aims to critically examine compliance concerns and remedies in wearable health IoT systems, specifically, the fitness, heart rate, and sleep monitoring devices. The research addresses the following key questions: (i) What are the legal, technical, and moral requirements that wearable health IoT systems have to fulfill? (ii) What are the largest issues that should be addressed to achieve compliance across these areas? (iii) What are the solutions and frameworks proposed to address such problems?

In this paper, a systematic and extensive view of compliance has been provided by providing a three-dimensional classification framework that encompasses legal, technical, and ethical, unlike previous surveys that primarily focus on security or generic IoT healthcare applications. The paper offers an in-depth understanding of compliance with wearable health IoT through the combination of regulatory analysis, technical mechanisms, and ethical concerns. It also identifies critical gaps and proposes areas to conduct additional research.

While the legal frameworks described above establish what is required for compliance, wearable IoT companies and stakeholders face numerous challenges in actually achieving those requirements. These issues are due to technical constraints, business operations, human aspects, and the rapid change of technology and regulation. This part outlines and discusses key compliance issues that traverse legal, technical, and ethical aspects.

1. Data Over-Collection vs. Minimization: Minimizing wearable data practices is one of the core problems, as it is necessary to align the practice with the principle of data minimization. Practically, most wearables have much more data being collected than is necessary to support their primary functionality [7]. As an example, a fitness tracker application can scan location data, address book, or ambient data and fitness data, which could be used secondarily, such as targeted advertising. Ioannidou and Sklavos discovered that a number of the trendy fitness trackers broadcast substantial amounts of personal data (including non-fitness related data) back to the servers, adding to network overhead and privacy risk. Such a tendency to over-collect data contradicts such regulations as GDPR that require collecting only sufficient and relevant data to be used in particular purposes. The dilemma is partially business-motivated - companies would find personal information useful in analytics or collaborations, and partially lacks clarity of purpose (developers may log additional data in case it could be valuable later). The high rate of data generation by wearables makes it difficult to implement stringent minimization; it is difficult to determine in real-time what is and is not to be stored or uploaded without being disciplined in design and at times losing possible business insights. Organizations find it hard to perform comprehensive Data Protection Impact Assessments (DPIAs) and to defend every piece of data that they are gathering with time as new sensors or capabilities are introduced.

2. Minimizing the risk of Informed Consent and Transparency: It is still an issue to obtain meaningful user consent for wearable data practices. Consent forms or app privacy policies are frequently long, legalistic, and fixed - but wearables have complicated data flows and may have sensitive inferences (e.g., health condition detection). These policies are often read and poorly understood by the users. The overall low interaction with privacy notices is supported by the fact that research shows that users regularly do not read the terms of use of apps or devices. The question of the level of informed consent remains even when it is read: policies do not necessarily describe how data can be aggregated or distributed. As an example, a user may agree that his or her fitness information may be used to improve its services without understanding that it may be provided to third-party analytics or insurance companies under that general provision. The other problematic aspect is the ongoing consent; wearable gadgets collect data in the background, but the consent is sometimes acquired at the initial setup. It is difficult to maintain consent in the long term (particularly where additional functionality is added or the use of the data changes). Other frameworks suggest that the app can offer dynamic consent or periodic re-consent, which can be a user experience blocking. Moreover, in the case of some vulnerable groups of people (elderly users, minors using family health trackers, etc.), the concept of informed consent is even more controversial. To conclude, the transition between legal acceptance on paper and actual user comprehension is a long-standing compliance issue, and the inability to do it properly may result in allegations of non-compliance or ethical misconduct [8, 16].

3. Technical Constraints and Security Limitations: Due to often limited processing power, memory, and battery life, the enforcement of a strong security and privacy policy is limited by what wearable devices can have. It is a resource-consuming technical challenge: heavy encryption of data, regular security updates, and advanced access control measures may be intensely resource-demanding. Creators have a trade-off between the performance of their device (battery life, real-time response) and the intensive security provisions. As an illustration, it may be important to encrypt all sensor data on-site and only send encrypted blobs, which ensures confidentiality; however, the encryption step and key management involve additional computation and user actions to establish keys. There are also cases of low-end wearables that previously chose to send data to smartphones or the cloud in plaintext due to simplicity, which is evidently not in line with security expectations of today [10]. The article by Barua et al. is a detailed overview of the security of Bluetooth Low Energy (BLE) in wearables and demonstrates that it is vulnerable to many threats, including eavesdropping, relay attacks, and device impersonation. As they point out, whereas BLE is climate-friendly (hence its widespread use in the wearables environment), the default pairing techniques proved vulnerable, and many wearable manufacturers did not adequately address the weaknesses in these, making the communications susceptible to interception. It is difficult to be sure that devices meet security state of the art (as needed according to GDPR Article 32, say) because devices are limited; whereas failure may lead to breach of data. In 2023, several fitness technology firms experienced a loss of reputation following breach incidents revealing health statistics of users [23]. Security patching is also a problem, as most wearables lack an easy way to update, which presents unpatched devices in the field. This is a technical and organization challenge: it requires the companies to invest in safe design and maintenance, which can add some expenses and time to market in a very competitive industry.

4. Fragmented Data Ecosystems and Third Parties: Wearable devices do not typically exist in a vacuum, but are components of an ecosystem consisting of mobile apps, cloud databases, analytics services and in some cases integrations with healthcare providers. Such fragmentation brings compliance issues in data flow tracking and compliance with the necessary standards by all parties. As a user wears a fitness tracker, it could be transferred to a smartphone app, and then to cloud servers owned by the company the device is associated with, and potentially third-party cloud analytics or cloud storage services. Every handoff is a place of vulnerability or non-adherence unless handled in an appropriate manner through contracts and technical controls. Under laws such as GDPR, the wearable company should make sure that its processors (e.g., cloud service providers) have sufficient protection measures too [7]. Practically, smaller wearable startups can utilize generic cloud services, and they may not be able to enter into an agreement with strict data protection clauses. Furthermore, the integration of third parties (such as a wellness device that lets users connect their data to a nutrition app or a wellness program at work) also comes with some compliance overhead: data that has already been disclosed may not be subject to the original privacy policy, and the user may not know about such forwarding. According to Sifaoui and Eastin, the landscape in which data brokers and secondary data users act is rather murky and exploitative, being mostly beyond the current regulatory framework, with consumers creating health data on the other end [8]. The trends of a user's heart rate can, say, be sold to insurance companies based on the resulting health score without the user even knowing about it. These practices take advantage of compliance loopholes and underscore the difficulty in ensuring end-to-end compliance when data is no longer in the original ecosystem of devices.

5. Global Compliance and Regulatory Uncertainty: Wearable businesses usually have a global market, which implies that they have to meet several regulatory regimes at the same time. Conflicting legal standards may draw compliance in opposite directions. An example is that the GDPR mandates data protection by default and design, and inflicts severe penalties on noncompliance, whereas certain other jurisdictions might mandate less strict but much stricter data localization policies (as exemplified by the regulations of China, which may require keeping the data of local users on local servers). Managing these differences is resource-consuming. Companies may have various data storage and processing plans in the various regions, and this makes system architecture and testing more difficult. Moreover, regulatory definitions may be unclear - what one country may consider as the definition of health data may not encompass wellness information, whereas in another country it may. According to Taka [15], the conceptual challenge of defining health data when quantified-self wearable devices are involved is that seemingly harmless data (number of steps taken, time spent sleeping) may be health data when interpreted within a context. Being of a dynamic nature implies that companies should make the best bet and treat most of the wearable data as sensitive, which not all regulators have made clear. The looming regulations (like the changing AI Act in the EU or the impending federal privacy laws in the U.S.) also make the compliance planning challenging [18, 24]. The issue that companies have to grapple with today is how to build products that will remain legal in the future, which may impose new requirements such as a mandate to disclose algorithms or portability of data. 

6. Human Factors and Organizational Challenges: The most compromised area of compliance is often not technology or law but human behavior, both in users and organizational contexts. On the user end, inadequate security hygiene (e.g., password reuse, misplaced devices without lock protection, etc.) may lead to damage of the data no matter the protection measures that are established. A user may leave their wearable unlocked or their phone unlocked, and an unauthorized user may access their health information. Even though it is not a direct legal violation by the company, it compromises the overall compliance objective of privacy protection. On the organizational level, compliance may be accidentally created by the employees and developers. To give a few examples, engineers may not have privacy training, and may test with real user data unanonymized, or ignore privacy implications when introducing new features. Hughes-Lartey et al. note that the human aspect is one of the most essential vulnerabilities in IoT security; despite the presence of powerful policies, the error or laxity of the employees may result in the breach. Compliance management involves inculcating a privacy and security culture, which is not an easy task, particularly when dealing with a start-up or a product team that is more inclined to innovation and time-to-market.

7. Ethical and Social Issues: There are compliance issues that go beyond formal rules and reach the ethical level. To illustrate, algorithm bias in the interpretation of wearable data is not explicitly governed; however, ethically, it is a compliance issue of fairness. Should one heart rate algorithm not work as effectively with users who are darker-skinned (because light is not absorbed by the skin pigment in the same way due to skin color differences), the device may not accurately present health alerts to some groups, a failure in ethics. To solve this issue, it is necessary to adhere to the new standards in health equity and inclusive design that, although not a direct legal requirement (unless it is a general anti-discrimination law), is being required by regulators and the general population. The other ethical issue is user autonomy - that the users are not merely legally giving consent, but are actually controlling their data. Wearable organizations are under moral pressure to permit data portability (to enable users take their health data elsewhere) and data deletion (to respect the right to be forgotten), even in those jurisdictions where such rights are not yet codified.

Health monitoring wearable IoT devices have some of the special compliance issues that arise due to the context, form factor, and user interaction models. Continuing on the overall challenges that have been discussed above (Section 4), we move on to discuss challenges within the context of the wearable IoT domain. We also explain them by giving concrete examples of devices that monitor fitness, heart-rate and sleep with references to empirical research and technical examination in the literature.

This part examines how these issues evolve as time passes in the context of wearable IoT. Available literature suggests inconsistency not only between different device types but also between regulatory policies and risks, highlighting the inconsistency in the definition and enforcement of compliance. In this section, the examples of the devices used in fitness, heart-rate monitoring, and sleep monitoring are offered to unite the findings of the real-world studies and technical analyses in order to identify the primary issues, contrast the way they emerge in various scenarios, and indicate the gaps that are still present in the current research.

1. Resource Limitation and Data Security: Wearables are commonly tiny, battery-operated, low-caliber computers. This poses a basic conflict between the requirement of a strong data protection and the capability of the device to enable the same. As an example, the sensor information can be encrypted continuously, which may burn battery and processing power. Most wearables therefore do little processing on the devices themselves but transmit that data to accompanying smartphones or cloud servers to be processed and stored there. Although this architecture is convenient, it would imply that sensitive raw data is on transit very often, exposing it. Devine et al. [22] noted that these logistical aspects make it impossible to install more advanced sensors in wearables as more data is collected (e.g., high-fidelity biosignals to stage sleep), the larger the device and the network, and this can be incompatible with privacy without proper measures. Practically, other manufacturers choose to only send data periodically or sometimes summarily in order to conserve energy, although that may be contrary to user or clinical expectations of access in real-time. The dilemma lies in striking a balance: such techniques as on-device summarization or edge computing can help lower the rate of raw data transmission, and it is not easy to ensure that these procedures do not lead to the loss of data integrity or security.

Furthermore, wearables often lack hardware-based security modules (like secure enclaves) that smartphones have, making them more vulnerable if compromised. Ensuring compliance (e.g., encryption at rest) on a device without secure storage or user authentication (most wearables don’t require PIN/password to access) is an open issue.

2. Continuous Monitoring and User Consent: Unlike one-time medical tests, wearables involve continuous data collection, which blurs the boundaries of user consent. Obtaining a one-time consent at app installation may not cover future scenarios, yet constantly interrupting users for consent is impractical. Wearable IoT devices often collect data in the background – during sleep, exercise, etc. – when users are not actively engaging with the device’s interface. This raises the challenge of keeping users informed and empowered about ongoing data practices. A compliance issue arises when new insights are derived from aggregated data; users might be unaware that, say, their sleep pattern data over months is being analyzed for mental health indicators. According to a study conducted by Dobson et al. [37], researchers noted that in health research involving consumer wearables, participants were worried about the third party intervention and the use of data after the immediate intention. The wearables are continuous, which implies that purpose creep (using data in ways other than the original purpose) is a fact. As an example, a fitness site might begin to examine the trends in heart rate to indicate potential health concerns (a value-added service) but this would creep into diagnostic areas that the user did not directly consent to. To ensure compliance in this case, creative consent approaches (possibly tiered consent to various data uses) and explicit opt-out options would be needed, which are not yet a norm in wearable ecosystems.

3. Data Accuracy and Validation (Clinical vs. Consumer Grade): Wearable devices do not always go through the same type of validation that medical devices do. Consequently, their data can be inaccurate or biased. Although accuracy may appear as a device performance problem, it is also a compliance problem in cases where the wrong data may misguide the users or healthcare providers. In case a wearable indicates that a user is stressed due to his or her heart rate variability, but this is not really the case, and rather a sensor error, the user may make unnecessary medical decisions. Compliance wise, the misleading health information may be regarded as a breach of consumer protection laws or even health laws in case of harm. Also, the fact that some groups are more prone to data inaccuracies (e.g., skin-tone based bias in optical heart rate sensors) relates to ethical compliance in terms of fairness. Colvonen et al. [13] emphasized the fact that even popular wearables could be much less precise when used by people with darker skin, but this fact had not been publicly revealed and discussed by the manufacturers. The compliance issue is that there is no existing legislation that specifically states that your wearable should be equally good across all skin tones, but it is an ethical requirement and is becoming a regulatory interest issue (such as the FDA is currently examining the performance of demographic subgroups in device submissions) that is vital. Manufacturers are under pressure to test their devices in various populations and use environments. Compliance may therefore be achieved by following new standards (IEEE or ISO could come up with standards on the accuracy of wearable sensors) and being open about the limitations of the devices. Ash et al. [20] recommend the creation of global standards of wearable accuracy and data quality to facilitate their application in sports and medicine. Until these standards become more commonly used, the difference between wearable consumer performance and clinical-grade expectations is one area of compliance grayness.

4. Interoperability and Data Integration Issues: One of the biggest promises of health wearables is that it can be integrated with electronic health records (EHRs) and clinical workflows, allowing doctors to use patient-generated data in care. Nonetheless, the incorporation of wearable data into healthcare systems creates compliance challenges regarding the standardization, provenance, and liability of data. According to Espinoza et al. [11], one of the obstacles to the integration of continuous glucose monitor (CGM) data (a form of wearable) into EHRs is the absence of data standards. Analogically, most fitness and wellness wearables store data in proprietary data formats; upon data transfer to clinicians, the risk of misinterpretation is high. In compliance terms, in the event that wearable data is used to make health decisions, it will be important to make sure that the data is of a specific quality and format. It also raises the question of whether healthcare providers are liable (according to such laws as HIPAA or medical malpractice standards) to act on wearable data. Should a patient provide a doctor with his/her sleep tracker data, is the doctor required to review it or confirm its accuracy? These uncertainties have made patient-generated data to still be suspicious to many clinicians today. On the patient end, the absence of smooth interoperability may result in insecure workarounds, such as patients exporting data to spreadsheets or third-party applications to share with physicians, which may be a compliance violation in the event that such sharing is not done with the required safety measures. The difficulty is the development of interoperable but secure wearable data exchange pipelines. Some attempts such as IEEE 1752 Open Wearables or HL7 FHIR-based wellness data APIs are underway, but they are not widely used. Up to this point, integration can be based on ad-hoc solutions, which may not be fully adhering to health IT security or privacy requirements.

5. Multistakeholder Data Governance: Wearable data is often of interest to a variety of actors: the user, the device maker, the app developers, the researchers, the healthcare provider, the insurers, even the employer (in wellness programs). It is extremely complicated to control access and administration of who is allowed to access what data. As an example, one can take an employer-sponsored wellness program in which the employees wear fitness trackers to receive insurance rebates. The employer may just be allowed to receive aggregated activity scores (due to privacy), yet the insurer may need some personal information to compute rewards, and the device company continues to gather detailed metrics. It is difficult to make sure that every stakeholder can only access data as agreed by the user. Cases of programs in which wearable data was accidentally shared with other people other than intended recipients because of API settings or misconceptions and resulted in privacy breaches have occurred. In addition, in case an insurer makes decisions based on wearable data (such as premium adjustments), it also brings up legal and ethical concerns regarding discrimination and privacy.

6. Contextual Privacy Expectations: Wearable devices have a tendency to record information in places that are regarded by users as private (sleeping in his or her bedroom, etc.). When such data is distributed or used in a manner that the user had not anticipated, it may result in a tremendous backlash of privacy, even though it may not be illegal. This is an issue of satisfying contextual privacy expectations - a notion in which the perception of users regarding what will be done with their data should correspond with reality to comply (particularly with laws such as GDPR that focus on fair and transparent processing). To illustrate, one user may be okay with their heart rate data being used to display fitness trends on their app, but not okay with the same being sold to third-party marketers to market stress-reduction products to them. The scenario has changed to commercial marketing rather than personal wellness, which is against expectations. Taka [15] stated that health data definition can be relative to the context of a given instance, e.g., data on heart rate as given by a cardiologist and as given by a sports app can be perceived differently under the law. However, in the eyes of the user, it is also contextual, such as the difference between providing friends with step counts to a social leaderboard and providing them with actual GPS tracks of runs, which may be considered as intrusive. Wearable platforms are not able to offer such finely-tuned privacy options that can appeal to these refined tastes. Very often it is either share or not share as opposed to more sophisticated options. Due to this, firms can over share information on accident, thus violating the contextual norms. Adherence to the principle of contextual integrity (a privacy theory of Nissenbaum [48]) is not legally obligatory, but it follows the zeitgeist of numerous rules that require fairness.

The wearables used in clinical settings and dealing with physiological data are under stricter regulatory and ethical control compared to the fitness-related devices. This demonstrates that the compliance requirements change depending on the sensitivity of the data.

Wearables that process physiological information in a clinical-grade are more prone to regulatory and ethical scrutiny compared to fitness-oriented devices. This indicates that the compliance requirements differ depending on the sensitivity of the data. One of the biggest differences between jurisdictions is the level of cooperation between them in terms of regulations. There are those that are well-structured and those that are more sector-based.

Although much has been done in terms of comprehending and responding to compliance concerns of wearable IoT health gadgets, there are still a number of unresolved problems. With the changes in technology and data practices, the legal framework and technical protection have to change. In this final section, we identify some of the main areas that require further research, innovation, and development of policies, and propose future directions that may improve the compliance of wearable health technologies.

1. Balancing Global Regulations and Standards: One of the challenges being immediately important is the harmonization of regulations. The wearable devices are sold worldwide, and the level of compliance is still mostly country/region-based. This division causes ambiguity and excessively high compliance overhead. International discussions should be made to come up with minimum standards of wearable health data protection. The potential path forward is to create a global system of compliance of consumer health data, potentially managed by bodies such as the International Medical Device Regulators Forum (IMDRF) or WHO. Bouderhem [24] supported the idea that the WHO may lead in the international regulation of e-health wearables, using its international health mandate. Although the guidelines provided by WHO (e.g., 2021 AI ethics guidelines) are not binding, they may impact national policies. The next stage can be model regulations or mutual recognition agreements so that a device that is compliant in one significant jurisdiction (e.g., GDPR and MDR in EU) is mostly considered to be compliant in other jurisdictions with few local modifications. Also, the creation of a certification that is recognized worldwide (similar to CE/FDA but regarding privacy/security) may be a breakthrough. This would enable consumers to find it easy to identify devices with high compliance standards, regardless of the location where they are manufactured. Harmonization is politically difficult, but there is a chance with the wave of privacy law adoption around the world (more than 100 countries now have data protection laws) that harmonization will be achieved with wearables in particular.

2. Context-Aware and Adaptive Privacies: According to the observations, wearables work within dynamic settings and generate diverse kinds of data. Existing consent and privacy systems are more or less fixed. There is a need to research on adaptive privacy management systems in future, which can automatically adapt data handling depending on the context and preferences of the user. As an example, a wearable could be context-aware and, upon noticing that the user is somewhere sensitive (such as home during personal time), restrict data transmission, or vice versa, when in a medical check-up mode, provide a healthcare provider with more data to its system. Machine learning may be used to study the privacy comfort zones of a user and then actively enforce them. Such smart privacy can take it a notch higher than merely seeking user input and help them in real time. It will be essential to ensure that these systems are transparent and can be controlled by the users as an override (to prevent paternalism). It is at the convergence of human-computer interaction (HCI) and privacy research on how to create privacy tools that are effective and easy to use on small wearable interfaces or on companion applications. It is a direction of the future that can give power to users and enhance ethical compliance, making the behavior of devices closer to the expectations of the users.

3. Solving Algorithmic Bias and Fairness: The problem of bias in wearable data analytics is an unresolved problem that needs further investigation and potentially regulation. Research such as Colvonen et al. [13] has highlighted racial bias in device accuracy, and other groups (e.g., women vs men in some measures, or older adults with different physiology) could also have such disparities. The next step in work should be algorithmic responsibility in wearables: the creation of testing procedures to assess the work of the device in various groups of users and the development of corrective algorithms or calibration procedures. A possible future trend is that regulatory authorities will include fairness audits in the process of approving or certifying devices. As an example, the FDA might demand that a new health wearable has been tested on a demographically diverse sample and that any performance differences are reported or addressed. On the research front, wearable sensing should be subjected to AI fairness literature methods (such as re-sampling, personalized calibration models, or multi-spectral sensor methods to address skin-tone bias). Fairness is not only ethically necessary but also relevant to compliance in the long term - anti-discrimination laws may be invoked in the future in case some groups are systematically disadvantaged by the operation of a device. To address this challenge, an interdisciplinary approach (including data scientists, clinicians, ethicists) is required to make wearables beneficial to all populations equally.

4. Governance of Longitudinal and Secondary Data Use: Since wearables are used over time, the longitudinal data they generate can be used to unlock valuable insights (to personal health or research), but also creates new compliance issues. A device can accumulate information that is highly personal over time, trends that can be used to predict health status, behavioral tendencies, even mood or mental health status. The future regulations might have to be more specific on secondary use of long-term collected data. As an illustration, when a company that gathered fitness data to give user feedback in the future intends to use it to train a machine learning model to detect diseases, is the initial consent adequate? Probably not under GDPR (which demands compatible purpose), but it is interpreted differently. One direction that is being considered is to set up clear guidelines or industry codes of secondary use: it may be necessary to re-consent to any further use beyond a specific scope, or to anonymize the data after a time unless the user re-consents. Technologically, they should develop tools to safely share longitudinal wearable data to research - such as federated learning where data remains on the device and only model updates are exchanged may enable useful research on wearables (e.g., collective health trend analysis) without violating individual privacy. Federated learning has already demonstrated itself as a promising approach to training AI models on distributed health data with privacy constraints. Federated learning networks could be studied in the context of wearables, where wearables are involved in collaborative analysis with privacy guarantees. This would be consistent with compliance by design, allowing useful secondary applications (such as epidemiological studies) with minimal exposure of raw data [34, 50].

5. User Literacy and Engagement Strategies: This is a slightly softer, yet important, future direction of enhancing digital health literacy in terms of wearables. With such devices becoming commonplace, people must know not only how to check their number of steps, but also what happens when their data is shared. Finding methods of educating users in large scale is an open challenge. It may be considered in the form of gamification or incentive-based learning in apps (e.g., a privacy badge after following a tutorial on how to manage your data, or a real-life reward upon choosing a privacy-friendly setting). Active and aware users may serve as a check and balance to business - when they are aware of their rights and tools, they will be inclined to request compliance and alert about problems. Better regulations can also be pushed in the long term by increasing public awareness since informed consumers will pressure industry and regulators to seal gaps. In academic terms, therefore, the consideration of various communication strategies (icons, labels, interactive privacy settings) to present complex information in a concise manner on the mobile/wearable platform is a relevant research topic [51, 52].

6. Real-world Compliance Monitoring and Auditing: There will also be enhanced mechanisms of monitoring and auditing wearable data practices, which will enhance future compliance. At the moment, regulators have a problem with auditing an infinite number of apps and wearables. Automated compliance auditing software might be one option: e.g., software capable of scanning the network traffic of an app to determine whether it is covertly transmitting data to third parties without informing them or analyzing firmware to determine whether it is being used to encrypt data. In this area (privacy tech auditing), the research may increase regulatory supervision. Also, user data transparency tools such as personal data records (such as access logs in medical portals) may become the norm. Certain fitness platforms already enable their users to access their data; it would be more accountable to expand to an audit record of who/what has accessed their data. This is also related to blockchain solutions, however, even less complex server-side logging, which is visible to the user, may be useful. The difficulty lies in the process of making these logs readable and not daunting. In the future, AI assistants that summarize such data as your data was accessed X times this month by Y services, all within the scope you allowed may be integrated into work.

Although much research has been conducted, there are still some gaps, such as the lack of global standards, insufficient adoption of privacy-by-design on resource-constrained devices, and insufficient focus on equity and transparency in wearable data analytics.

The publicity of the security breaches in wearable and medical IoT devices highlights the extreme repercussions of insufficient encryption, weak authentication, or the lack of data control. Over the recent years, there have been multiple instances in which lack of device security or privacy measures resulted in regulatory measures, patient safety, or even controversy among the population. We cover a set of real-world events (between fitness trackers and life and death medical implants) that demonstrate how lack of compliance may lead to breaches, recalls, and legal fines.

Insulin Pump Recalls and Vulnerabilities: In June 2019, an insulin pump recall was voluntary, as the FDA announced it would recall some Medtronic insulin pumps because of cybersecurity risks - the first security-related device recall of diabetes equipment [32]. These were the early IoT medical devices, insulin pumps that were wirelessly connected to controllers and did not have sufficient encryption or access controls. Security researchers discovered that an attacker at radio range could pick up transmissions and might alter the dosage commands of the pump. Practically, the pump can be hacked to administer harmful doses of insulin without the user noticing it, and this is done wirelessly. This extreme weakness was due to the fact that the pump was based on an insecure communication protocol (no modern encryption, and authentication that could be compromised easily). It was evident that the compliance failure occurred: the device was not the state of the art security needed to secure patients. The outcome was a Class I recall (the most serious type) and a safety warning that tens of thousands of patients should switch to newer and safer models. Medtronic offered free upgrades to enhanced encryption and turned off the dangerous remote dosing functionality [60]. Although there were no previously known instances of patient harm prior to the fix, the accident made FDA and regulators tighten the requirements - it proved that loose security of an IoT-based medical device could directly cause loss of lives, which is an unacceptable risk according to regulations. It was also the first of its kind: manufacturers got put on toes to understand that cybersecurity negligence might result in expensive recalls and responsibility. In fact, after this case, FDA hastened the publication of official cybersecurity regulations of medical devices.

Hacks and Patches of Cardiac Devices: The case with the insulin pump was not an isolated one. About the same period, scientists revealed grave defects in implantable cardiac devices (such as pacemakers and defibrillators) manufactured by St. Jude Medical (since acquired by Abbott) [55, 61]. In 2017, the FDA issued a safety alert and the manufacturer released a patch to the firmware of the pacemakers to mandate encryption of transmissions and authentication handshakes (approximately 500,000 pacemakers). That may be discussed as a so-called stealth recall - patients were forced to visit clinics to update their device because there was a compliance issue with the initially designed one. The vulnerabilities should an attacker exploit them, they may drain the device battery or alter pacing commands and this may affect the device negatively. Regulatively, the lack of encryption/authentication contravened the need to provide device safety and effectiveness (since explicitly highlighted by MDR and FDA guidance’s). The resultant effects were not limited to the release of patches but also the tarnished reputation and litigation. Such incidents made healthcare providers seek cybersecurity evidence by manufacturers. In a review, researchers have observed that current FDA policies establish a set of good practices but are not enforceable. The size of devices also constrains asymmetric cryptography, which is regrettable because such design justifications did not stop attacks in the real world. The lesson was that manufacturers could be sued in regard to retrofitting security or withdrawal of products. In 2021 the regulators themselves recalled even some new Class I models of pacemakers (in those cases due to battery defects) [61, 62], and this shows that any perceived threat will lead to a stern corrective response. The vulnerabilities of pacemakers also led to more general industry reform: subsequent models across competitors started to include encryption, and the US Congress has amended the medical device legislation (in the 2022 amendments of the FD&C Act) to make it mandatory that cybersecurity plans be included in pre-market submissions [53].

Fitness Tracker Data Breach (MyFitnessPal App): Not every breach of compliance requires a hoodie hacker, as in some cases, the data leak is caused by insufficient internal controls or management. One of the best examples is the MyFitnessPal breach of 2018, which is one of the largest containing wearable/fitness data. MyFitnessPal (a fitness app and wearable platform owned by Under Armour) was attacked and the personal information of 150 million users was disclosed, including credentials to access the application and potentially health profile data. Data was not encrypted in rest (hashed passwords but plaintext other data was used), and the attack was explained by the inability of unauthorized access to systems of the company. Despite the fact that this event occurred before 2021, it is often used in recent literature as a warning example [63]. It also underscored the potential of a huge breach of privacy due to data governance being misaligned (poor database security, absence of encryption of sensitive data, etc.). After this, several class-action suits were initiated and the company suffered a tarnished image. The case also demonstrated cross-jurisdictional regulatory impact: EU authorities examined whether GDPR applied (it happened just before GDPR enforcement) and U.S. regulators noted that failure to protect user data could violate consumer protection laws. In current discussions, scholars assert that such breaches show the need for stronger encryption of wearable cloud databases and better access control. The average cost of a health data breach has risen to over $4 million, and MyFitnessPal’s incident likely contributed to that statistic. Importantly, this case spurred many fitness and mHealth companies to reevaluate their compliance: data that was previously stored in identifiable form is now increasingly encrypted or tokenized in databases, and companies are more transparent with users about data practices.

Strava Heatmap and Geolocation Privacy: In early 2018, a social fitness platform Strava inadvertently revealed sensitive information through its publicly available activity heatmaps. Strava aggregated GPS tracks from millions of users’ wearable fitness devices (running/cycling routes) and published a global “heatmap.” Investigative users discovered that the map could pinpoint the internal routes of soldiers on military bases (who were using fitness trackers), effectively mapping out classified locations. Although Strava had technically anonymized the data, it was not truly de-identified – rare or sensitive patterns (like jogging laps inside a forward operating base) were easily re-identified [33]. Although it was not a hack or breach, it had severe security repercussions and prompted the military agencies to prohibit wearables in specific areas. Compliance-wise, Strava was questioned on the issue of the possible insufficiency of the anonymization of personal data as required by the GDPR and other laws. It highlighted the fact that it is not just enough to remove names, but location traces may be personal data when people can be re-identified. The company soon added more fine-tuning privacy options (giving users the ability to opt-out of heatmaps altogether) and changed its data sharing policies.

Wearable Data Misuse and Legal Implications: In addition to breaches and hacks, wearable data has been misused in a number of other ways that do not comply with privacy regulations. An example is employers wearing wellness devices or fitness trackers on employees without having the necessary protection. To illustrate, when an employer requires employees to wear wearables to track their health or productivity, they have to comply with GDPR/EEOC regulations, they were even warned against this by a regulator in 2022 (no fine was imposed, but the policies had to be changed) because the use of fitness trackers was considered excessive and was not in line with data minimization (no formal fine was imposed, but the policies had to change) [64]. Another new problem is law enforcement access to wearable data: in some court cases, litigants have requested wearable data (e.g., heart rate, number of steps) to support or refute claims about an incident. In a 2021 U.S. case, a prosecutor relied on Fitbit data to prove a timeline of the death of a victim, which cast doubt on the issue of consent and proper subpoena procedure of such data.

General Increase in Health IoT Breaches: The trend is worrying, besides isolated cases. Cyberattacks have gained popularity in the area of healthcare IoT devices and wearables. In 2021, 45 million health data of individuals were affected by breaches, which significantly increased compared to 34 million the previous year [65]. A lot of these accidents can be traced to stolen or unsecured wearable/IoMT data - such as unsecured cloud services to store fitness apps, or third-party health IoT integrations. This kind of violation usually leads to inquiries and fines. In the US, under HIPAA, a number of digital health companies have been fined over the past few years following breaches, particularly when it is established that the data was not adequately encrypted, or when there was a delay in the reaction to the incident. The wearable data silos have become the target of attacks (ransomware, API hacks, etc.), which has compelled companies to enhance compliance efforts post-factum. According to one report, more than 50 percent of IoMT devices are estimated to be susceptible to attack, and the list of reported attacks against wearables is growing annually. This has raised the eyebrows of regulators across the world. As an example, in 2022, the European Data Protection Board organised a coordinated enforcement operation on health wearables, which investigated whether companies provide sufficient information to users and protect the massive personal data gathered by these devices. Compliance is being fuelled by the implicit threat of fines and bans: firms which experienced breaches have been forced to put in place detailed corrective action plans under the supervision of regulators, which may include encryption of all personal data, strong authentication of systems and periodic security audits [66].

All these examples (including life-saving medical devices and consumer fitness apps) support a similar point: failure to comply with security and privacy standards in wearable technology may have disastrous effects.

Although there is a certain overlap of legal, technical, and ethical fields, this is the nature of the compliance issues in wearable IoT systems, which are interconnected.