Period tracking apps have been around for years, evolving from simple calendars to sophisticated tools with plenty of insights and predictions. But the landscape of women’s health technology is changing rapidly. It’s not just about apps anymore: Wearables like the best smart rings And best smartwatches are now integrating these features and offering even more precise tracking functions. For example, devices such as the Oura Ring or Whoop can now detect subtle temperature changes and use this data to provide more accurate information about your cycle.
The appeal of this technology is clear. It offers a convenient way to track symptoms, identify patterns, and predict periods, ovulation windows, and even pregnancies, all while helping you gain a deeper understanding of your reproductive health—without the hassle of manually writing things down.
But with this convenience comes a big concern: privacy. When you enter personal information into these apps, do you really know who is processing your data? How secure are they? And could that data be used against you in countries where abortion laws are becoming increasingly restrictive? These questions are more relevant now than ever, which is why we asked several experts about the real risks.
The hidden costs of “free” apps
I asked Dr. Jenn Hintzsche, founder and CEO of fertility company PherDal Fertility Science, to explain the appeal of these tracking tools.
“Women's health data shared anonymously and in an aggregated manner could help women stay healthy longer and live better lives. Personalized data insights could also empower people to share more with healthcare providers and prevent disease,” she says.
In the wrong hands, however, the same data could be used for harmful purposes. “This data could also be used to determine whether you have broken the law by having an abortion or what health insurance coverage you should receive if you already have an illness,” warns Hintzsche.
Nicky Watson, founder and chief architect at Cassie, a privacy consent management company, says: “If an application or device you use isn’t clearly selling a product, chances are you are the product.”
You’ve probably heard the phrase “you are the product” many times, especially in the context of social media, but sometimes it applies to healthcare technology as well.
“If a woman enters information into a free cycle tracker, that data is likely to be monetized or sold in some way,” warns Watson.
Navigating the complexity of health data laws
Buckle up, because this is going to get a little complicated. Health data laws vary widely by location, from GDPR (General Data Protection Regulation) in the European Union to HIPAA (Health Insurance Portability and Accountability Act) in the United States.
Watson explains that this is a challenge for many technology companies because they collect and store data across different devices and jurisdictions, making consent and compliance difficult. “This is especially difficult when data storage spans multiple platforms in countries with different data protection laws,” she says TechRadar.
In the US, HIPAA regulations protect confidential patient data, but many assume that these also apply to all healthcare apps and wearables – which is often not the case.
“HIPAA only protects health information stored by certain health care providers,” Watson explains. “Data on your Apple Watch or Fitbit or genetic data on Ancestry.com are typically not covered. For HIPAA to apply, the data must be created or maintained by a covered entity, typically health care providers or health insurance plans.”
This is particularly concerning in the US. Although I have found no evidence that period tracking data is currently being used in investigations, could Request information if they believe someone has had an illegal abortion.
“The government can request information if there is reasonable suspicion of a criminal offence,” says Jodi Daniels, senior lecturer at IANS Research and founder and CEO of privacy firm Red Clover Advisors. However, Daniels explains that some states, such as Washington, have implemented privacy laws such as the My Health My Data Act to protect sensitive reproductive information.
Understanding privacy policies: What you need to pay attention to
The safest option is to avoid sharing data altogether, but if you still want to benefit from health monitoring technology, there are precautions you can take.
Watson advises women to find solutions that don't require them to provide their real information. “Ask yourself: Why do I need to provide my email address? What is the purpose of sharing my contact information? If the answers to these questions aren't immediately obvious or clearly stated, protect yourself and your privacy – and don't share it,” she says.
Hintzsche suggests that we focus less on the data we share and more on WHO with whom we share it. And the best way to find out more about the companies you share your data with is to research them and read their privacy policies thoroughly.
I know it's not fun. I'm a technology journalist and I even skim through them too quickly. But we should all be more careful about what we sign.
Hintzsche suggests three warning signs to look out for: “Is there a privacy policy? If not, that's a big red flag – don't download it.”
“Next, check the data collection section. Some apps collect everything, others only one or two data points.
“Finally, look at data sharing. When it comes to app data, sharing often means selling. If this section isn't there, you should probably stay as far away from that app as possible.”
She also advises looking for terms like “encrypted” and “anonymized” in privacy policies. This means that while your data can be used in certain ways, such as for research purposes, it will not be linked to your name or other identifying details. “These green flags show that the app developers are at least somewhat concerned about data protection,” says Hintzsche.
Daniels adds, “A privacy policy should be updated at least once a year. An outdated policy is a sign that privacy is not a high priority. Look for detailed explanations of how the company protects your data.”
If this seems too difficult for you, there are unbiased resources that can help you. I like Mozilla's Buyer's Guide “*Privacy Not Included”which rates the privacy practices of the most important apps and breaks down everything you need to know in a really understandable way – it even ranks apps and technologies from “creepy” to “not creepy.” But unfortunately, not every app or tool is currently listed there. That means the responsibility still lies with you.
Of course, even the most trustworthy companies with a solid privacy policy can experience a data breach. Hintzsche says, “Security is relative. Data breaches can happen.” But she doesn't think that means we should completely abandon technology or useful tools. We just need to learn everything we can and enter into contracts with our eyes open.
“When it comes to digital privacy, knowledge is power. Knowing what data you are sharing with whom is the key to not being caught off guard.”