Our modern smartwatches and smart rings go far beyond counting steps, constantly collecting data on our fitness, sleep, fertility, and so much more, and uploading them to an app. (Remember the days when we were told not to share any information online? How quaint.) But this widespread adoption raises new questions about data privacy, security, and your rights -- because who actually owns all of that health data, you or the company collecting it?

We've been hearing about the "quantified self" for nearly two decades as devices to track our steps have evolved to give us health data that used to require a trip to a clinic and cost thousands of dollars. We explore how that health data actually impacts your life, whether you're walking into your next doctor's appointment or forgetting about the sensor sitting on your wrist.

The more data we collect, the more risk we take on of having our information compromised in a breach, or potentially having companies sell that data to third parties for marketing, insurance profiling, or other purposes that you don't even know you're opting into.

"People were cautious years ago when it came to more sensitive data types, but increasingly they're finding enormous value in being able to access and use that information," Jules Polonetsky, CEO of the Future of Privacy Forum, a nonprofit focused on consumer data protection, told ZDNET. "The downside is they're not always taking the time to think through where, when, and how they ought to be taking any precautions."

Over 20 states have now passed comprehensive data privacy laws, which generally give consumers the right to access, delete, and opt out of the sale of their personal information. However, they vary by state, and without federal regulation, what's left is a patchwork quilt of requirements.

Meanwhile, more than 560 million people worldwide now own smartwatches -- including more than 1 in 4 Americans, according to Statista. "Consumers are increasingly interested in downloading, accessing, and using their health data for fitness, or managing their family's health records, but really have to be sleuths to understand whether or not they are protected based on the state they're in," Polonetsky said. "The number one thing we need is a federal privacy law, which includes at least a minimum of health data protection outside of HIPAA."