Given the intimate nature of the data handled by health technology companies, Jessica Roberts and Jim Hawkins argue, in this Policy Forum, for stronger consumer protections. Health tech companies such as those offering consumer genetics information or online health tracking apps often handle large amounts of highly sensitive user data, such as a person's genetic data and other specific details about their physical or mental health. The privacy and use of this data is outlined in a company's terms of service (ToS). However, under current U.S. law, many health tech companies reserve the right to make substantial unilateral changes to their policies and often without notifying their users - a practice that has recently become a hot-button legal issue, according to the authors. "Holding companies accountable for their ToS and limiting their ability to unilaterally change them could offer consumers the much-needed protection in this growing, and highly unregulated industry," write Roberts and Hawkins. In general, by purchasing or registering to use a product, the user agrees to a ToS, many of which outline provisions - occasionally ambiguously - to amend terms at the company's discretion and without consent. In a recent study of the privacy policies of ninety consumer genetics companies, all included unilateral amendment provisions; however, only a few promised to inform users of any changes. According to the authors, this could lead to a consumer to select a given health tech company based on its ToS, only to have the terms change, finding themselves subject to unwanted use or distribution of their sensitive data. What's more, consumers in the U.S. currently have little legal recourse in these situations. Roberts and Hawkins highlight several possible solutions based on consumer protection legislation that have been successful in other contexts, such as money lending.