The healthcare sector has traditionally processed large amounts of personal data. The rise of information technologies, such as smartphone applications (“apps”) and wearable devices (e.g. Fitbit, smart soles) both inside and outside medical practice, has added to the processing of these kinds of personal data. Commercial apps and wearables that aim to encourage health behaviour change are flourishing in the major app stores. These technologies enable people to monitor their own health by using (pressure) sensing technologies that measure vital signs (for example, heart rate) and track progress (such as counting steps), without having to visit a doctor. A new complicating factor is that these so-called commercial health apps and wearables are increasingly being used within a medical context. The data generated transcends the closed context of personal medical records, geographic borders and, in particular, the borders of the European Union. This is problematic, because no current regulations address the global dimension of data.