View all newsletters
Receive our newsletter – data, insights and analysis delivered to you
  1. Comment
March 25, 2021updated 03 Feb 2022 4:15pm

Wearable Technology: Regulatory Trends

Regulations surrounding wearables are in flux, with potential security issues associated with wearable devices.

By GlobalData Thematic Research

Regulations surrounding wearables are in flux. While some regulatory agencies view wearables as low-risk devices and avoid regulatory tagging, some are clearly ignorant of the potential security issues associated with wearable devices. Thus, wearable original equipment manufacturers (OEMs) are increasingly becoming liable for the protection of public data.

Free Report
img

Determine the future strategies for IoT in Mining

IoT can be beneficial across the whole mining value chain, from prospecting to reclamation. The technology allows different assets and people to be monitored and accounted for across vast distances in hazardous conditions.  GlobalData’s IoT in Mining Thematic Research report provides you with an in-depth lens into the impact of IoT on the industry. We highlight both the challenges and opportunities associated with the innovative technology now, and in the future. Our report also covers: 
  • Major players and companies 
  • Market size and growth forecasts 
  • Case studies  
  • Sector scorecard 
GlobalData predicts that the revenue from IoT in mining will grow to reach $1.9 billion by 2025, with a compound annual growth rate (CAGR) of 6.2% between 2020 and 2025. Ensure your company is proactive in adapting strategies and processes to help you remain competitive.   Download the full report to get ahead of the competition
by GlobalData
Enter your details here to receive your free Report.

Regulatory Trends

Listed below are the key regulatory trends impacting the wearable technology industry, as identified by GlobalData.

European Union (EU)

All around the EU, concerns of protecting mHealth data—generated through body-worn fitness gadgets—are increasingly becoming vital. To avoid the risk of data manipulation and misuse, the General Data Protection Regulation (GDPR) framework makes it mandatory for wearable users to be aware of what data are being accessed by which app. Meanwhile, supply chain stakeholders—including OEMs—are being compelled to stringently follow the rigorous concept of ‘data protection by design and default’.

GDPR overtly necessitates that the only personal data processed are those necessary for each specific purpose of the processing. This requirement includes the amount of data collected, the storage time, the level of processing, and the accessibility of the data. Facing previous challenges in preventing theft of personal data, companies such as Fitbit and Google have swiftly redesigned their privacy policies.

Apple, Samsung, and other wearable OEMs are also adopting newer dynamic policies. For enterprise adoption, GDPR mandates employers to perform a Data Privacy Impact Assessment (DPIA) to assess the necessity and proportionality of their technology plans. DPIA supervises the balance between employee privacy and the protection of business interests.

US

Low-risk general wellness wearable technology including fitness and smartwatches is normally not subject to regulation by the US Food and Drug Administration (FDA); however, recent releases like QardioCore and AliveCor’s Kardia products have been granted clearance by the FDA as mobile electrocardiogram (ECG) sensors to detect heart disease, anxiety, and more. The FDA views wearable devices as ‘general wellness’ products that promote wellness and present very low risk to the user’s safety, thus they refrain from regulating wearable devices. Wearable OEMs are either self-regulating their offerings or fitting into medical device compliance guidelines.

Although wearables are not defined under any US Federal law, Protected Health Information (PHI) is subject to regulation by the Office for Civil Rights (OCR). Any wearable OEM found sharing PHI with Covered Entities such as health plans, healthcare clearinghouses, and healthcare providers is punishable by the OCR. This also applies to third-party partners of both wearable OEMs and Covered Entities. Thus, cloud service providers partnering with wearable business associates are directed to provide Health Insurance Portability and Accountability Act of 1996 (HIPAA) compliance as an add-on feature, as well as to sign Business Associate (BA) contracts as part of the deals.

Digital vs. traditional healthcare

Traditional regulation of medical devices relies on devices meeting conformity standards and manufacturers supplying the safety and efficacy data from extensive clinical trials to regulators. However, these traditional means of assessing safety and efficacy are being overtaken by the pace of technology development. Regulators have accepted that traditional healthcare with its existing regulatory process does not fully support digital change, where there is currently little harmonisation or convergence of medical device guidance or regulations.

This fragmentation is challenging for companies in the space, which are either designing devices to avoid the complex regulatory process or taking advantage of ongoing developments and designing devices to fit in existing regulatory guidelines. As wearable technology matures, there is an opportunity for tech companies, developers, and healthcare bodies to be more involved in the design of future regulatory frameworks

Data security as a critical issue

Data security trends include the changing nature of cyber threats, the evolution of key cybersecurity technologies, industry growth drivers, healthcare governance trends, and cybersecurity trends in healthcare. Ransomware, insider and privilege misuse, denial of service attacks, ‘hacktivist’ groups, and online fraud have all significantly increased in the past five years.

Recently regulations have been put in place, such as the introduction in the EU of the Directive on Security of Network and Information Systems (NIS), adopted by the European Parliament in July 2016, that aim to harmonise EU cybersecurity regulations. The GDPR, which came into effect in May 2018, acts to protect and empower EU citizen data privacy and enforce structural changes in the way that organisations approach customer data privacy and protection. Under GDPR, non-compliant organisations could suffer fines of 4% of their annual turnover or €20m ($22.3m), whichever is highest. In the US, cybersecurity regulations are less strict at the federal level compared to Europe.

Tech vendors are being compelled to adopt ‘privacy by design’ techniques during product development and ‘Privacy-as-a-Service’ over the product lifecycle. Users are advised to update their devices with the most recent firmware and to avoid accessing malicious versions of legitimate applications. For medical devices, there is no specific regulation in place, just guidance over assets, threats, and vulnerabilities.

This is an edited extract from the Wearable Technology in Mining – Thematic Research report produced by GlobalData Thematic Research.

Related Companies

Free Report
img

Determine the future strategies for IoT in Mining

IoT can be beneficial across the whole mining value chain, from prospecting to reclamation. The technology allows different assets and people to be monitored and accounted for across vast distances in hazardous conditions.  GlobalData’s IoT in Mining Thematic Research report provides you with an in-depth lens into the impact of IoT on the industry. We highlight both the challenges and opportunities associated with the innovative technology now, and in the future. Our report also covers: 
  • Major players and companies 
  • Market size and growth forecasts 
  • Case studies  
  • Sector scorecard 
GlobalData predicts that the revenue from IoT in mining will grow to reach $1.9 billion by 2025, with a compound annual growth rate (CAGR) of 6.2% between 2020 and 2025. Ensure your company is proactive in adapting strategies and processes to help you remain competitive.   Download the full report to get ahead of the competition
by GlobalData
Enter your details here to receive your free Report.

NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. The top stories of the day delivered to you every weekday. A weekly roundup of the latest news and analysis, sent every Friday. The mining industry's most comprehensive news and information delivered every month. The mining industry's most comprehensive news and information delivered every month.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU

Thank you for subscribing to Mining Technology