Export Your Wearable Health Data: Complete 2026 Guide

This guide contains affiliate links. If you purchase through these links, we may earn a small commission at no extra cost to you. This helps support The Adaptist.

Your wearable knows your resting heart rate at 3 AM. It knows when you toss and turn, how many steps you took on your worst day last year, and what your blood oxygen looked like during that flight to Denver. Over time, a single fitness tracker generates gigabytes of granular health data — the kind of longitudinal record your doctor has never had access to. But here is the uncomfortable question almost nobody asks: do you actually own any of it? And if the answer is theoretically yes, can you get it out in a format that is useful to anyone other than the company that collected it? This guide walks through the legal reality of health data ownership, gives you step-by-step export instructions for every major platform, explains what you can actually do with the data once you have it, and identifies the privacy risks that come with generating a detailed biometric profile of yourself.

You’re Generating Data. Who Owns It?

The short answer: you probably do, but ownership without access is meaningless. And in most cases, the terms of service you agreed to without reading give the platform a perpetual, royalty-free, worldwide license to use your data for “product improvement,” “research,” and a dozen other euphemisms that mean whatever the company’s lawyers need them to mean.

The Legal Landscape

Here is what most people get wrong: HIPAA does not protect your wearable health data. HIPAA applies to “covered entities” — hospitals, insurance companies, healthcare providers, and their business associates. Fitbit is not a covered entity. Neither is Garmin, Oura, Apple (in its capacity as a device manufacturer), or Samsung. The health data sitting on their servers occupies a regulatory gray zone that is far less protected than the data in your medical chart.

A few frameworks do offer some protection:

• CCPA/CPRA (California) — Gives California residents the right to know what personal data is collected, request deletion, and opt out of data sales. Applies to health data from wearables. But enforcement has been spotty and penalties are modest.
• Washington My Health My Data Act (2024) — The most aggressive state law. Requires affirmative consent before collecting or sharing health data and creates a private right of action (you can sue, not just file a complaint). Other states are modeling legislation after it.
• GDPR (EU/UK) — If you are in Europe, you have robust data portability rights under Article 20. Companies must provide your data in a structured, machine-readable format. This is why European users sometimes get better export tools than American users.
• FTC enforcement — The Federal Trade Commission has taken enforcement actions against health apps for deceptive data practices (the Flo Health settlement in 2021 being a notable example), but this is reactive, not proactive.

The practical implication: your wearable health data is less protected than your credit card transactions. Financial data has GLBA, PCI-DSS, and decades of enforcement precedent. Consumer health data from wearables has a patchwork of state laws and a general assumption that “we take your privacy seriously” means anything.

Terms of Service vs. Actual Ownership

Every major platform’s terms of service follow the same pattern. You retain “ownership” of your data, but you grant the company a broad license to use it. Here is what that looks like in practice:

Apple is the clear leader here. Health data on iPhones is end-to-end encrypted and stored on-device by default. Apple cannot read it, even if served a warrant. Every other platform stores your health data on their servers, encrypted in transit and at rest, but accessible to the company internally.

Export Guides by Platform

Here is how to get your data out of every major wearable ecosystem. These instructions are current as of February 2026. Platforms occasionally move settings around, but the core export functionality is required by privacy regulations and is unlikely to disappear.

Apple Health

Apple provides the most comprehensive export of any platform, though the file format is verbose.

1. Open the Health app on your iPhone.
2. Tap your profile picture (top right corner).
3. Scroll down and tap Export All Health Data.
4. Confirm the export. This can take several minutes depending on how much data you have.
5. Choose where to save or share the resulting ZIP file (AirDrop to your Mac, save to Files, or email it to yourself).

What you get: A ZIP archive containing export.xml and export_cda.xml. The XML file includes every data point Apple Health has ever recorded: heart rate, steps, sleep analysis, blood oxygen, workouts, nutrition, menstrual tracking, and data synced from third-party apps. For power users with years of data, this file can exceed 1 GB.

Format: Apple’s proprietary HealthKit XML schema. It is well-structured but not a healthcare industry standard. You will need a converter to get it into FHIR or CSV for analysis. Tools like Apple Health Export Converter or the Python library apple_health_xml_convert can help.

Google Fit / Health Connect

Google has been consolidating its health data strategy under Health Connect, the Android-level API that serves as a central repository for health data from multiple apps.

1. Go to takeout.google.com.
2. Click Deselect all, then scroll down and check Fit (or Health Connect, if listed separately).
3. Click Next step, choose your delivery method (download link via email, or export to Drive).
4. Select frequency (one-time export), file type (ZIP), and maximum file size.
5. Click Create export. Google will email you when the archive is ready (usually within a few hours).

What you get: A structured set of JSON and CSV files organized by data type — daily activity summaries, heart rate records, sleep segments, workout sessions, and any data written by third-party apps through Health Connect.

Format: JSON and CSV. More developer-friendly than Apple’s XML. The Health Connect API also supports direct programmatic access, meaning third-party apps can read and write data with your permission — a genuine portability advantage on Android.

Samsung Health

Samsung’s export process has improved but remains more limited than Apple or Google.

1. Open the Samsung Health app.
2. Tap the three-line menu (hamburger icon) or go to Settings.
3. Tap Download personal data.
4. Authenticate with your Samsung account.
5. The app will prepare your data and send a download link to your email.

What you get: CSV files covering steps, heart rate, sleep, blood oxygen, stress, and workouts. Body composition data from Samsung’s BIA sensors (on the Galaxy Watch series) is included. However, some derived metrics (like Samsung’s proprietary “Energy Score”) may not be in the export.

Format: CSV files. Easy to open in Excel or Google Sheets, but less structured than Google’s JSON exports. If you are tracking brain health metrics through the Samsung brain health Galaxy Watch features, note that cognitive screening data may require a separate export or may not be available for download yet.

Oura

1. Log in to cloud.ouraring.com on a desktop browser.
2. Click your account icon in the top right.
3. Navigate to Account Settings.
4. Click Download My Data.
5. Select your date range and click Export.

What you get: JSON files containing sleep stages, readiness scores, heart rate variability, respiratory rate, body temperature deviation, and activity data. Oura also offers an API for developers building custom integrations.

Format: JSON. The Oura API (v2) is well-documented and supports OAuth 2.0 authentication, making it one of the more developer-friendly platforms for building custom health dashboards. Daily summaries are clean and parseable; per-minute heart rate data requires paginated API calls.

Garmin

1. Log in to connect.garmin.com.
2. Click your profile name in the top right, then Account Management.
3. Navigate to Data Management (or search for “export” in settings).
4. Click Request Data Export.
5. Garmin will email you a download link within 24-48 hours.

What you get: A comprehensive archive including activities (FIT and GPX files), daily wellness summaries, sleep data, body composition, and device settings. Garmin exports are activity-centric — each workout gets its own FIT file with full sensor data (GPS, heart rate, cadence, power, etc.).

Format: FIT (Flexible and Interoperable Data Transfer) files for activities, JSON for summaries. FIT is an industry standard in sports tech, supported by virtually every training platform (Strava, TrainingPeaks, Golden Cheetah). For health-focused data, the JSON summaries are more useful.

Data Portability Standards: What These Are and Why They Matter

Exporting your data is only half the battle. If every platform uses a different format, you are trading one silo for a folder of incompatible files. Here are the standards trying to solve this problem.

HL7 FHIR (Fast Healthcare Interoperability Resources)

FHIR is the healthcare industry’s answer to data portability. It defines standardized resources (Patient, Observation, Condition, etc.) using JSON or XML, making health records machine-readable and transferable between systems. The 21st Century Cures Act requires US healthcare providers to support FHIR-based data exchange, and both Apple and Google have built FHIR compatibility into their health platforms.

Why it matters for you: If your wearable data can be converted to FHIR format, your doctor can import it directly into their electronic health record (EHR) system. Apple Health already supports Health Records on iPhone, which pulls FHIR data from participating hospitals. The bridge between consumer wearable data and clinical records is being built on FHIR.

Apple HealthKit XML

Apple’s proprietary format is well-structured but not interoperable by default. Each data point includes a type identifier, source device, creation date, start date, end date, and value. It is comprehensive but verbose — a single heart rate reading generates 8-10 lines of XML. Community-built converters can transform HealthKit XML into FHIR, CSV, or JSON.

Google Health Connect API

Health Connect is Android’s centralized health data layer, launched in 2023 and now integrated into Android 14+. It acts as a broker between health apps, allowing data to flow between them with user permission. The API supports reading and writing standardized data types (steps, heart rate, sleep, nutrition, etc.) and is Google’s clearest commitment to health data portability.

Why it matters: On Android, you are not locked into Samsung Health or Google Fit exclusively. Health Connect means an Oura Ring can share sleep data with MyFitnessPal, or a Withings scale can push weight data to your Garmin profile — all through a standardized, user-controlled layer.

Open mHealth

Open mHealth is an open-source initiative defining JSON-based schemas for mobile health data. It provides standardized representations for common health metrics (blood pressure, physical activity, heart rate, etc.) that are more concise than FHIR and easier for developers to implement. Adoption is growing in the research community, though consumer app support remains limited.

What You Can Actually Do With Your Data

Exporting your data feels empowering until you are staring at a 400 MB XML file in a text editor. Here is what is actually practical.

Share With Your Doctor (Using FHIR)

The most valuable use case is the most underutilized. Your wearable has continuous heart rate, sleep, and activity data spanning months or years. Your doctor gets a blood pressure reading and a 30-second pulse check once a year. The gap between these two data sets is enormous.

If your doctor’s office uses an EHR system that supports FHIR (Epic, Cerner, and most major systems do), you can share wearable data directly through Apple Health Records (for Apple users) or through third-party integration platforms like Human API or Validic. The practical steps:

1. Ask your doctor’s office if they accept patient-generated health data (PGHD).
2. If they use Epic’s MyChart, check if your wearable data syncs through Apple Health or Health Connect integration.
3. For manual sharing, export your data, convert to CSV, and bring a summary of trends (resting heart rate over 6 months, sleep duration trends, HRV patterns) on a printed sheet or USB drive.

Be realistic: most doctors do not want raw data dumps. They want a concise summary of trends that flags potential concerns. A graph showing your resting heart rate gradually increasing from 58 to 72 over six months is actionable. A JSON file with 4 million heart rate readings is not.

Track Long-Term Trends

This is where aggregation tools earn their keep. Instead of manually parsing export files, a dedicated health aggregator can pull data from multiple wearables, normalize it, and present longitudinal views.

Cronometer is primarily known as a nutrition tracker, but its Gold tier integrates wearable data (heart rate, weight, body composition, exercise) alongside detailed micronutrient tracking. The result is a unified view: you can correlate sleep quality with magnesium intake, or see how your resting heart rate responds to changes in training volume. It connects to Apple Health, Google Fit, Garmin, Fitbit, and Withings, consolidating data that would otherwise live in five separate apps.

For more technical users, open-source tools like Grafana (with an InfluxDB backend) can ingest exported health data and create custom dashboards. This requires developer skills but gives you complete control over visualization and storage.

Contribute to Research Studies

Your wearable data has value beyond personal use. Several large-scale research studies accept participant-contributed wearable data:

• Apple Heart and Movement Study — A partnership between Apple and Brigham and Women’s Hospital studying cardiovascular health signals from Apple Watch data.
• All of Us Research Program (NIH) — Accepts Fitbit data from enrolled participants as part of the largest biomedical research program in US history.
• Oura Research — Oura has partnered with UC San Diego, the US military, and the NBA to study sleep, recovery, and illness detection using ring data.

Before contributing, understand what you are consenting to. Most research programs de-identify data, but “de-identified” is not the same as “anonymous” (more on that in the privacy section below).

Create Personal Health Dashboards

For the technically inclined, exporting your data enables custom analysis that no single app provides. Common setups:

• Python + Pandas + Matplotlib — Import CSV or JSON exports and create custom visualizations. Popular for correlating multiple data streams (HRV vs. training load vs. sleep quality).
• Apple Shortcuts + Numbers — Non-developer option for Apple users. Shortcuts can pull Health data into a spreadsheet for basic charting.
• Google Sheets + Health Connect — Android users can use IFTTT or Tasker to push health data to Google Sheets for tracking.

Connected hardware makes this easier. A smart scale that syncs automatically to your health platform eliminates manual entry and ensures consistent longitudinal data.

The Withings Body+ is the easiest way to add body composition data to your health record without thinking about it. Step on the scale, and weight, body fat percentage, water percentage, and muscle mass sync automatically to Apple Health, Google Fit, Samsung Health, or the Withings Health Mate app. The data is stored in your health platform of choice and included in any export. For people building longitudinal health dashboards, automated data collection like this eliminates the inconsistency of manual logging.

Privacy Risks of Health Data

Here is the section that should make you uncomfortable. The same data portability that lets you share wearable data with your doctor also creates attack surfaces that did not exist a decade ago.

Data Brokers

Consumer health data from wearables and health apps is actively bought and sold by data brokers. A 2024 Duke University study found that data brokers were openly advertising health data for sale — including mental health diagnoses, reproductive health information, and fitness data — with minimal verification of buyer intent. Prices ranged from $0.01 to $0.12 per individual record.

While most major wearable platforms (Apple, Google, Garmin) claim they do not sell data to brokers, the ecosystem is larger than the platform. Third-party apps that you grant Health Connect or HealthKit access to may have different privacy policies. That meditation app that “just needs heart rate data” might be sharing it with analytics partners who resell aggregated health datasets.

Insurance Implications

Life insurers and health insurers are increasingly interested in wearable data. Some programs frame this as a discount incentive — John Hancock’s Vitality program offers premium reductions for policyholders who share Fitbit data. But the same data that earns you a discount when you are healthy could theoretically be used against you if your activity drops, your resting heart rate spikes, or your sleep quality deteriorates.

The Genetic Information Nondiscrimination Act (GINA) prevents health insurers from using genetic data in coverage decisions. No equivalent law exists for wearable biometric data. Your resting heart rate trends, sleep patterns, and activity levels are fair game in most jurisdictions for life insurance underwriting.

Employer Wellness Programs

Corporate wellness programs that offer incentives for wearable participation create a subtle coercion problem. The program is “voluntary,” but your coworkers all signed up and you feel pressure to participate. The EEOC allows employers to offer incentives up to 30% of health coverage costs for wellness program participation — a financial penalty for non-participation disguised as a reward for participation.

Data from employer wellness programs is supposed to be aggregated and de-identified, but the administrating vendor (often Virgin Pulse, Castlight, or Vitality) has access to individual-level data. A data breach at any of these vendors could expose your health data to your employer.

De-Anonymization Risks

Health data is notoriously difficult to truly anonymize. A 2019 study in Nature Communications demonstrated that 99.98% of individuals in any dataset could be re-identified using just 15 demographic attributes. Wearable data provides far more than 15 attributes — heart rate patterns, sleep schedules, GPS-tagged workout routes, and step count profiles are highly unique biometric fingerprints.

Even “de-identified” research datasets from wearable studies carry re-identification risk. If your Oura ring data is contributed to a research study and the study publishes aggregated findings with demographic breakdowns, someone with auxiliary information about you (age, location, general health status) could potentially link your data.

This is not paranoia — it is a well-documented limitation of de-identification techniques that health data researchers take seriously. It is also why the Eli Health hormometer and similar at-home diagnostic devices raise additional questions about where sensitive biometric data lives and who can access it.

The Switching Cost Trap

Perhaps the most practical problem with wearable health data is what happens when you switch ecosystems. And if you are thinking about upgrading to devices with newer capabilities like non-invasive glucose monitoring, this matters now more than ever.

What You Lose When You Switch

Moving from an Apple Watch to a Garmin (or vice versa) means more than buying a new device. Here is what typically breaks:

• Historical continuity — Your new platform starts from zero. Years of trend data that gave context to today’s resting heart rate or sleep score are gone from the primary dashboard.
• Proprietary metrics — Oura’s Readiness Score, Apple’s Cardio Fitness, Garmin’s Body Battery, Samsung’s Energy Score — these are all platform-specific calculations. They cannot be transferred because they are computed from proprietary algorithms that other platforms do not replicate.
• Third-party integrations — If you built workflows around one ecosystem (Garmin to Strava to TrainingPeaks, or Apple Health to MyFitnessPal to Cronometer), switching the data source can break the chain.
• Sleep tracking algorithms — Sleep stage detection varies significantly between devices. Your “deep sleep” on an Oura Ring is measured differently than “deep sleep” on a Garmin, making cross-platform trend comparison unreliable.

How Platforms Lock You In

The lock-in is not always intentional (though sometimes it is). Three mechanisms create switching costs:

1. Proprietary data formats — Apple’s HealthKit XML is not compatible with Garmin’s FIT files. You can export from both, but importing one platform’s data into another ranges from difficult to impossible without custom tooling.
2. Ecosystem depth — Apple Health integrates with hundreds of iOS apps. Samsung Health integrates with Samsung devices. Garmin Connect integrates with Garmin accessories. The more connected devices and apps you have in one ecosystem, the more painful switching becomes.
3. Historical data value — A single month of heart rate data is noise. Three years of heart rate data is a medical record. The longer you stay on a platform, the more valuable your accumulated data becomes — and the more you stand to lose by leaving.

How to Minimize Lock-In

You cannot eliminate switching costs entirely, but you can reduce them:

• Export quarterly — Do not wait until you switch platforms. Export your data every three months and store the archives. If you ever need to build a consolidated record, you will have the raw data.
• Use a central aggregator — Platforms like Apple Health (iOS) and Health Connect (Android) serve as central repositories. Even if you switch wearables, keeping data in the OS-level health platform preserves continuity.
• Prefer platforms with open APIs — Oura and Garmin both offer well-documented APIs. Closed ecosystems (Samsung, to a lesser degree) make programmatic data access harder.
• Maintain a personal data archive — Keep exported data in a folder with consistent naming (e.g., garmin-export-2026-Q1.zip). Future tools will make cross-platform data consolidation easier — but only if you have the raw exports to work with.

The Bottom Line

You are generating the most detailed health record in human history, and most of it is sitting on a corporation’s server under terms of service that prioritize their interests over yours. The technology to export, own, and use your data exists today, but it requires deliberate action. Nobody is going to hand you a consolidated, portable health record. You have to build it yourself.

Export your data now — not when you switch platforms, not when you need it for a doctor’s visit, not when a data breach makes the news. Set a quarterly calendar reminder. Store exports locally. Use aggregation tools that consolidate across platforms. And pay attention to which apps you grant health data access to, because the weakest link in your data privacy chain is almost always a third-party app you installed once and forgot about.

Your health data is arguably the most personal information you generate. Treat it accordingly.

Frequently Asked Questions

Can my employer see my individual health data from a corporate wellness program?

Legally, your employer should only receive aggregated, de-identified data from the wellness program vendor. The vendor (Virgin Pulse, Vitality, etc.) acts as a buffer and is contractually obligated to keep individual data confidential. However, in practice, the vendor has access to your individual data, and data breaches can expose it. If your company has fewer than 50 participants in the wellness program, “aggregated” data can be small enough to identify individuals by inference. If you are concerned, participate at the minimum level required to earn incentives and do not sync a wearable — manually log steps instead.

What happens to my health data if a wearable company goes bankrupt?

This is a genuinely unresolved question. When a company is acquired or goes bankrupt, user data is typically treated as a business asset and transferred to the acquiring entity. The FTC has intervened in some cases (notably the RadioShack bankruptcy in 2015) to prevent customer data from being sold at auction, but there is no guarantee this protection extends to every health data scenario. Export your data regularly so you always have a local copy regardless of what happens to the company.

Is Apple Health really more private than Android health platforms?

Yes, with caveats. Apple Health data is end-to-end encrypted on device and in iCloud, meaning Apple itself cannot read it. Google Health Connect data is encrypted in transit and at rest on Google’s servers, but Google has server-side access. In practice, the bigger privacy risk for both platforms is third-party apps you grant health data access to. Review your connected apps regularly — on iOS, go to Health then Data Access and Devices; on Android, go to Health Connect then App Permissions — and revoke access for any app you no longer use.

Can I use wearable data as evidence in a legal proceeding?

Wearable data has been admitted as evidence in several court cases, including personal injury claims and criminal proceedings. In a notable 2014 case, a personal injury plaintiff’s Fitbit data contradicted her claims about reduced physical activity, and the data was admitted as evidence. However, the evidentiary standards vary by jurisdiction, and courts evaluate the reliability and authenticity of wearable data on a case-by-case basis. If you anticipate needing wearable data for legal purposes, export it immediately, preserve the raw files, and document the chain of custody.

How often should I export my wearable health data?

We recommend quarterly exports as a baseline. Set a recurring calendar reminder on the first day of each quarter. If you are considering switching platforms, export immediately before making the switch. Store exports in a dedicated folder with clear naming conventions (platform-date format works well) and keep at least one backup in a different location — a cloud drive or external hard drive. Most export files are small enough that storage is not a concern even after years of accumulation.