Search
On This Page
More Guides
Health and Fitness App Privacy ← All Guides
Health & Medical

Who Can See Your Medical Data

Most people assume their health data is locked down by HIPAA. It is not. The law has big gaps that apps, websites, and data brokers drive straight through.

HIPAA Has Big Gaps

HIPAA only covers doctors, hospitals, insurers, and their direct partners. It does not cover:

  • Health and fitness apps you download.
  • Websites where you search symptoms.
  • Wearables and the companies behind them.
  • Data brokers who buy and sell health-related profiles.

Patient Portals and App Connections

  • Review who has proxy access to your patient portal (old partners, adult kids).
  • Be cautious connecting third-party health apps to your portal; that data leaves HIPAA's protection once it lands in the app.

Health Data Brokers Are Real

Brokers compile profiles that can include conditions, prescriptions, and pregnancy status, often inferred from purchases and web activity. Remove yourself from the big people-search brokers, see our data broker opt-out guide.

Common Questions

Doesn't HIPAA protect all my health info?
Only when it is held by a covered provider or insurer. The moment it is in a consumer app or website, HIPAA usually does not apply.
Can my employer see my health data?
Not your medical records through your insurer in most cases, but wellness apps and screenings can leak more than you expect. Read what you opt into.
How do I keep symptom searches private?
Use a private search engine, avoid logging in, and block ad/tracking domains at the network level so health sites cannot profile you.
WANT THIS DONE FOR YOU?

Harbor Privacy blocks tracking and ad domains at the DNS level for every device on your home network, automatically. Get started here.

Harbor Privacy
Cut Big Tech out of your home network.

Encrypted DNS and network-level blocking of trackers and ads on every device, set up in minutes. No technical skills required.

See plans →