Embody: Keeping Your Health Data Secure in an Insecure World

Anna Hall
4 min read
Embody: Keeping Your Health Data Secure in an Insecure World

The Embody period tracker was designed with data security at its core. 

It’s a simple pledge, but one that couldn’t be more important in a world where our personal data is at risk of theft, sale, and seizure, threatening our privacy, identities – and in a post-Roe v Wade world, even our liberty itself. 

Healthcare data breaches are causing growing concern across the planet. As organizations and individuals turn to digital technology and wearable monitoring devices to make diagnosis and treatment faster and easier, they open the way to bad actors probing for ways to access sensitive information from social security numbers to diagnoses.

In the United States alone, the health records of some 133 million individuals were affected by breaches at big healthcare organizations last year, more than double 2022’s tally, according to data compiled by the Department of Health and Human Services (HHS). 

Cybercriminals exploit security weaknesses or use social engineering tactics to gain access to the highly sensitive repositories of data healthcare providers have about us. Ransomware attacks, where hackers encrypt files and then demand payment for unlocking them, are becoming increasingly common. 

Fitness trackers and other wearable devices open our data to other perils. Many collect and store information about their wearers’ vital statistics. Not only can these pools be vulnerable to hacks, some app providers sell the information to third parties. And there is the ever-present danger of surveillance – by corporations, government contractors, or law enforcement.

And when data gathered as a result of that surveillance can be used against you in a court of law, security should be your biggest concern. 

When Invasion of Privacy Puts Freedom at Risk

Since the Supreme Court’s 2022 decision to strike down Roe v Wade, the case that underpinned the right to abortion across the United States, 21 states have passed laws that ban or restrict women from terminating pregnancy. Some are even attempting to stop pregnant women from seeking help from outside their home states.

There is legitimate cause for concern.

Even before the Roe decision, there were instances where Internet search information and text messages were used as evidence in court. In its aftermath, privacy experts are warning women and people with uteruses to think hard before sharing abortion-related information electronically. 

Take the case of Jessica Burgess, a Nebraska mother who was sentenced in September to two years in prison for helping her daughter to access an illegal abortion and dispose of the fetus. Court documents revealed that Meta, Facebook’s parent company, supplied police with private messages Burgess and her daughter exchanged related to the abortion.  

Many technology giants routinely accede to law enforcement requests for digital data, which means you can never be sure that what you share online will remain secure.

In the immediate aftermath, several companies – Google included – made public pledges to protect personal data. 

There have been some advances. Last year, California passed a pair of laws designed to enhance privacy protections for women seeking abortions: one that bans abortion-related medical records from being shared outside the state; the second that prevents apps from selling menstrual and sexual health data.

Then there was the Federal Trade Commission’s first-of-its-kind January 9 order banning mobile phone surveillance company Outlogic – formerly X-mode Social – from selling location data that could reveal an individual’s visits to “sensitive locations” such as healthcare facilities.

“X-Mode/Outlogic quietly sold people's raw location data to marketers, retailers, and government contractors,” FTC chair Lina Khan tweeted following the ruling.

“Even where people opted out of having their location data used for marketing, X-Mode sometimes failed to honor their requests.”

Protecting Privacy with a Patchwork of Laws

But privacy protections have a long way to go. 

Growth in artificial intelligence (AI), meanwhile, is expected to further stoke corporate appetites for sensitive consumer data. And those companies that promised to protect information in the wake of the Roe decision have not always delivered. 

Google, for instance, has failed to make good on its commitment to delete the location data of users related to abortion clinic visits. According to a study released this month, it still holds that data in at least half the cases.

There are also a wide array of other technology providers that have access 

When what is under threat is your reputation, your record, and even your personal freedom, privacy by default means so much more.

Hence Embody’s design. 

Embody is the first period tracker to ensure that your personal data is secure and can’t be misused. We take a three-pronged approach to security:

  • Local storage: Your personal data is saved locally on your phone’s storage. Embody can’t and won’t share any user data with third parties because it is impossible for us to access it.
  • End-to-end encryption: Our team of expert cryptographers are building technology that ensures your data is encrypted from the moment it is entered into the app. This means that you, and only you, can access this personal data.
  • Open-source code: The source code of the Embody app will be publicly available, so anyone can validate that we are keeping our promises of securing your data.

No other menstrual health app offers this level of data security and protection. And with stakes this high, that counts for a lot. 

Written by
Anna Hall

Anna Hall

View all posts
Great! You’ve successfully signed up.
Welcome back! You've successfully signed in.
You've successfully subscribed to Embody.
Your link has expired.
Success! Check your email for magic link to sign-in.
Success! Your billing info has been updated.
Your billing was not updated.