Healthcare conferences can resemble pep rallies for the extraordinary technological advances in medicine. That’s hardly surprising, given the promise that innovations running the gamut from fitness wearables to genome sequencing may have in delivering more personalized and efficient care. But there’s still a gulf between today’s potential and the kind of tangible, wide-scale transformation that can turn America’s “sick care” system into one that prioritizes wellness and prevention. And bridging that divide will require a serious discussion about medical privacy and data sharing, according to an expert panel at Fortunes inaugural Brainstorm Health conference.

University of Southern California (USC) professor of medicine and engineering David Agus moderated the discussion between GE Ventures CEO Sue Siegel, Fitbit fit co-founder and chief executive James Park, National Institutes of Health (NIH) official Kathy Hudson, and USC health policy and economics professor Dana Goldman about what, exactly, it means to be “healthy,” and how data analytics and digital health tech can be leveraged to prevent diseases in the first place.

Fitbit’s Park, whose company has shipped some 40 million wearable fitness devices, says there’s a three-pronged advantage to massive data collection. “The promise of all this data is to be able to screen people more effectively,” he said. “It’s the ability to give them more personalized treatments and guidance, and the ability to monitor people over the course of their treatment.”

Subscribe to Brainstorm Health Daily, our brand new newsletter about health innovations.

The next step in that process involves getting employers, who are intimately wrapped up in the American health system through their perch as major benefits providers, even more invested in wellness. Park cited one study finding that Fitbit-powered employer wellness programs saved companies an average of $1,300 per employee. (There is some debate about exactly how effective certain wellness programs are.)

But, as Agus pointed out, these programs have raised privacy concerns. Recently, the older Americans’ lobbying outfit AARP sued the federal government over its employer wellness incentive programs, which the group argues amount to forcing older workers to reveal sensitive health information to their employers or risk paying significantly higher insurance premiums.

Park declined to comment on the suit. But he did note that, “from our experience, employers are highly sensitive to the privacy of their employees’ data.”

“We actually only work with employers who sign up for our employee bill of rights,” Park said. He added that current medical privacy regulations under the 1990s-era Health Insurance Portability and Accountability Act (HIPAA) are too ambiguous, noting that health law experts can have widely differing interpretations of the statute and suggesting that it isn’t tailored for a Big Data reality.

Of course, the burgeoning collection of medical and health information comes with plenty of risk, as recent cyber attacks on major health providers have proved. And Hudson, the NIH’s deputy director for science, outreach and policy, said that her personal nightmare regarding the Obama administration’s effort to sequence one million Americans’ genomes is the threat of such an attack. “What keeps me up at night is data security,” she said. “Having a million people’s data is going to be a big, fat target.”

Click here for more from the Brainstorm Health conference.

The bottom line: Some give-and-take on privacy may ultimately be necessary to turn such personalized information into an effective vessel for preventing disease.