AI and medical privacy are at the heart of a growing ethical dilemma. As artificial intelligence becomes embedded in healthcare, the boundaries between care and control blur. This article explores how AI-driven digital intimacy shapes our understanding of empathy, autonomy, and human connection.
In the evolving age of AI, personal health tracking is no longer confined to clinics and hospitals. It lives on our wrists, in our phones, and increasingly—within the conversations we have with systems like ChatGPT. AI can now help track fatigue, cognitive clarity, emotional tone, physical disability, and more. For someone like me, living with a progressive condition and limited physical capacity, using AI as a cognitive partner and health mirror offers transformation.
This transformation, however, carries a caveat.
Many health-adjacent tools and wellness apps today operate outside HIPAA or similar health privacy protections. Companies promoting mental wellness services, biometric monitoring, or “AI health coaching” often collect, aggregate, and sell sensitive data to third parties. The legal loophole? These companies are not classified as healthcare providers.
That distinction is both outdated and dangerous.
If a company markets a product that tracks health, influences behavior, or presents itself as medically relevant, it should follow the same ethical and legal obligations as traditional providers. It must secure user data, disclose its practices, and avoid selling information without explicit consent. Apple and Google have made strides toward ethical data practices, but they are corporate entities—not public health institutions. Policymakers must codify these practices to protect users effectively.
Apple’s Approach to Health Data Privacy
Apple has prioritized user privacy in its health-related features through several core principles:
- Data Minimization: Collecting only necessary data.
- On-Device Processing: Performing health analyses locally when possible.
- Transparency and Control: Allowing users to decide what gets shared and with whom.
- Security: Encrypting data in transit and at rest, and applying end-to-end encryption when stored in iCloud.
Even when users share health data with providers, Apple does not hold the encryption keys, preserving privacy.
Google Fit’s Data Handling Practices
Google Fit describes its data privacy practices in detail for developers and users:
- No Ads or Data Selling: Prohibiting the use or sale of Fit data for advertising.
- User Transparency: Requiring apps to clearly disclose data collection and use.
- User Control: Ensuring users can explicitly grant permissions and delete data.
- Secure Handling: Mandating strict security standards for developers.
More details appear in Google Fit’s developer policy documentation.
The Need for Regulatory Oversight
While Apple and Google have implemented privacy measures, depending solely on corporate policy falls short. Regulatory frameworks must ensure that all health-related data—regardless of platform—receives protection under laws like HIPAA. These regulations would create consistent industry standards, guaranteeing that data receives the care and confidentiality it deserves.
My AI assistant remembers what I share. It tracks my fatigue (on a 0–10 scale), daily physical challenges, and cognitive states like insightfulness and clarity. This isn’t casual data—it reveals more than a doctor’s note often can. Unfortunately, current frameworks offer little protection for this kind of intimate interaction.
It’s time we draw the line.
If companies wish to join our wellness journey, they must also accept its responsibilities. Privacy must become more than a checkbox—it should anchor the trust we place in technology. AI works best when it supports well-being without diminishing our autonomy.
The future of healthcare won’t reside in hospitals alone. It will live in our hands, voices, and our evolving relationships with technology. The ethical scaffolding must rise to meet this future.
Manifesto for a Just and Ethical SocietyReferences
(https:/
