As Americans increasingly integrate quantified selfhealth and fitness tracking (QSHFT) technologies into their lives, the data collected by these devices offer to not only help users to live healthier lives, but also present opportunities for interested parties to identify and target them based on their health-related behaviors. Clinicians, employers, health insurers, data brokers, marketers, and litigators have all expressed interest in accessing individuals' QSHFT data for a variety of purposes. Existing policies related to the collection, aggregation, and use of these data do not consistently address and protect individual health privacy concerns. Indeed, U.S. lawmakers recently proposed two separate bills designed to correct this deficiency. The purpose of this review is to examine current motivations, practices, policies, and regulations related to QSHFT data, identify areas where individuals' health information privacy is currently being compromised, and propose specific solutions to address this escalating area of privacy concern. K E Y W O R D S information privacy policy, mHealth apps, quantified self Americans are increasingly turning to a variety of quantified self-health and fitness tracking (QSHFT) technologies (including smart watches, wearable fitness-trackers, and smartphone applications) in an effort to learn more about their everyday habits, connect with valued others,