The Intimate Data Profile of Wearable Devices
Wearable health devices know more about their users than almost any other technology. Fitness trackers, smartwatches, continuous glucose monitors, heart rate monitors, sleep trackers, and medical wearables collect a continuous stream of physiological data that creates an extraordinarily intimate profile of the wearer’s health, activity, and daily life. When these devices are disposed of, donated, resold, or simply discarded, the data they contain travels with them.
The wearable health market is growing rapidly, with both consumer fitness devices and clinical-grade medical wearables proliferating in workplaces, healthcare settings, and personal use. Corporate wellness programs distribute fitness trackers to employees. Insurers offer wearable-based programs that incentivise health behaviours. Hospitals issue wearable monitors to patients for ongoing care. Each of these use cases generates sensitive health data that must be handled responsibly at end of life.
What Data Wearables Store
Heart rate data recorded continuously throughout the day reveals not just fitness levels but stress patterns, sleep quality, and potentially medical conditions such as atrial fibrillation. Advanced wearables that perform ECG recordings store clinical-grade cardiac data that is classified as health information.
Activity and movement data including step counts, distance, elevation, and exercise patterns reveals daily routines, workplace locations, commute patterns, and recreational activities. GPS-enabled wearables store location histories that show everywhere the wearer has been while wearing the device.
Sleep data including duration, sleep stages, disturbances, and sleep quality metrics provides insight into the wearer’s health and lifestyle. Combined with other health metrics, sleep data contributes to a comprehensive health profile.
Blood oxygen levels, skin temperature, stress scores, menstrual cycle tracking, blood glucose readings, and body composition data are all collected by various wearable devices. Medical-grade wearables may additionally store medication reminders, clinical notes, and treatment adherence data.
Beyond health data, wearables also store notification histories (including message previews), contact information synced from connected phones, payment credentials for NFC payments, and Wi-Fi and Bluetooth pairing data.
Disposal Scenarios for Wearable Devices
Consumer upgrades generate the largest volume of disposed wearables. When a user upgrades to a new smartwatch or fitness tracker, the old device may be sold, given to a family member, donated, or discarded. In each case, the health data on the device should be removed first, but many users simply switch to the new device without clearing the old one.
Corporate wellness programs that distribute wearables to employees face a specific disposal challenge when employees leave the organisation or when the program ends. Company-issued wearables contain personal health data about employees that the employer has no right to retain. The return and data clearing process for corporate wearables should be clearly defined in the wellness program’s terms.
Medical wearables prescribed by healthcare providers for patient monitoring are particularly sensitive. These devices may contain clinical health data subject to healthcare privacy legislation. When the monitoring period ends and the device is returned, all patient data must be removed before the device is reissued to another patient.
Wearable devices that are broken or no longer functional still contain data on their storage chips. A cracked screen or dead battery does not mean the data has been destroyed. Non-functional wearables require the same data consideration as working devices.
Data Clearing Procedures for Wearables
Most consumer wearables offer a factory reset option that clears user data from the device. For Apple Watch, this is done through the Settings menu or through the paired iPhone. For Fitbit, Garmin, Samsung Galaxy Watch, and other devices, manufacturer-specific reset procedures are available through the device settings or companion apps.
Before performing a factory reset, unpair the device from any connected phones or accounts. Some wearables retain data associations even after a reset if they remain paired with the user’s account on the companion app.
Deauthorise the device from the manufacturer’s cloud platform. Health data synced to cloud services like Apple Health, Google Fit, Fitbit’s platform, or Garmin Connect persists in the cloud regardless of what happens to the device. Removing the device from the cloud account and, if appropriate, deleting the associated cloud data ensures that the disposed device cannot be used to access the cloud health profile.
For medical wearables used in clinical settings, follow the manufacturer’s decommissioning procedures. Clinical-grade devices may have specific data clearing requirements that go beyond a standard factory reset. The device manufacturer or the medical device supplier should provide guidance for end-of-patient-use data clearing.
Organisational Responsibilities
Organisations that issue wearable devices to employees or patients have a responsibility under the Australian Privacy Act to ensure proper handling of the health data collected through those devices. This includes establishing clear procedures for data clearing when devices are returned, ensuring that health data collected through corporate programs is not retained beyond its intended purpose, providing employees or patients with information about how their wearable data will be handled, and maintaining records of data clearing for compliance documentation.
Healthcare organisations using wearables for patient monitoring should include wearable data management in their broader health information management framework. The data destruction requirements for wearable health devices should align with the organisation’s policies for other health data systems.
Environmental Disposal of Wearables
Wearable devices contain lithium batteries, electronic components, and in some cases precious metals that require proper recycling. Victoria’s e-waste landfill ban applies to wearable devices, which should be recycled through e-waste collection programs rather than placed in general waste.
Many electronics retailers and councils offer e-waste collection points that accept small electronic devices including wearables. The B-cycle battery recycling program accepts devices containing lithium batteries.
For organisations disposing of wearables in bulk, such as at the end of a corporate wellness program, working with a certified ITAD provider ensures both proper data clearing and environmentally responsible disposal. The provider can verify that all devices have been factory reset and clear of user data before entering the recycling stream.
As wearable technology continues to advance and adoption grows, the volume of health data on disposed devices will increase correspondingly. Establishing good data clearing habits now, for both individual users and organisations, is essential for protecting the deeply personal health information that these intimate devices collect.