Is your healthcare data sufficiently private? If not, what should be done?

Those of us in the US have HIPAA (Health Insurance Portability and Accountability Act of 1996) protection of the privacy of our healthcare data. But HIPAA only protects the healthcare data that is held by our healthcare providers and exchanges.  It does not protect the healthcare data that resides on the apps on our phones or computers.  Do you feel your healthcare data is sufficiently protected? If not, what should you do? What should tech companies do?  What should Congress do?
    Opinion: It's time for Congress to change health privacy rules
Roe v. Wade and tech: 'The problem' is that too many companies are collecting data