Table of Contents

The Critical Need for Ongoing Cgm Permission Oversight

Continuous Glucose Monitoring (CGM) devices have transformed diabetes care by delivering real-time glucose readings, trend arrows, and alerts directly to a user's smartphone or smartwatch. This constant stream of data empowers individuals to make informed decisions about food, exercise, and insulin. However, the power of CGM lies not only in personal use but also in the ability to share that data with caregivers, family members, school nurses, and healthcare providers. Sharing glucose data can improve safety, reduce anxiety, and enable remote care. But this sharing carries inherent privacy and security risks. Giving someone permanent, unrestricted access to your real-time health data can lead to unintended consequences if that access is not actively managed. People change jobs, children transition from elementary to high school, relationships evolve, and healthcare providers move practices. Each of these life events means that the people who once needed access to your CGM data may no longer require it, or worse, could misuse that access if it remains in place. The challenge is that CGM sharing permissions are often set once and forgotten. Most platforms do not force users to review permissions regularly. This is why establishing a system for monitoring and managing CGM sharing permissions over time is not just recommended; it is essential for maintaining data privacy, security, and the integrity of your diabetes management routine.

Understanding the Layers of Cgm Sharing Permissions

Before you can effectively manage permissions, you need to understand what you are working with. CGM sharing permissions typically fall into distinct categories that control what a follower can see and do. Beyond the basic view-only or full access distinction, many platforms now offer granular controls.

View-Only Access

This is the most common permission level. A follower with view-only access can see your glucose readings, trend graphs, and sometimes receive alerts such as urgent low or high notifications. They cannot change any settings on your device or in the app, nor can they add or remove other followers. View-only access is ideal for family members who need to monitor your safety but should not have administrative control.

Full or Administrative Access

Full access is a higher permission level that allows the follower to manage sharing settings, add or remove other followers, and in some cases, alter device settings like alert thresholds or sensor calibration. This level of access should be reserved for a trusted individual such as a spouse, a parent of a young child, or an endocrinologist's office that needs to manage device settings remotely. Granting full access broadly is risky because it creates multiple points where permissions can be changed without your knowledge.

Temporary or Time-Limited Sharing

Some CGM platforms and companion apps now support temporary sharing. This is a powerful feature for situations where someone needs short-term access, such as during a hospital stay, a week-long school camp, or while traveling with a friend. Temporary sharing automatically revokes access after a set period, eliminating the risk of forgotten permanent access. If your platform supports this feature, it should be your default for any non-permanent relationship.

Emergency or Critical Alert-Only Access

Certain platforms allow you to share only critical alerts (such as urgent low or high) without sharing the full graph or trend data. This permission level is useful for school nurses or day-care providers who need to know only when immediate action is required, without having continuous access to the child's full health data stream.

The Landscape of Cgm Platforms and Their Sharing Models

Different CGM manufacturers implement sharing permissions in different ways. Understanding these nuances is important for both users and developers building applications on top of CGM data.

Dexcom G7 and Dexcom Follow

Dexcom's sharing system, primarily through the Dexcom Follow app, is one of the most mature. Users can invite up to ten followers from the main Dexcom G7 app. Followers can receive glucose readings, trend graphs, and customizable alerts. The primary user can revoke access at any time. Dexcom also offers the Dexcom Clarity platform for clinic-level data review. For developers integrating Dexcom data, the Dexcom API allows building custom applications that can manage follow permissions programmatically.

Abbott FreeStyle Libre and LibreLinkUp

Abbott's Libre system uses the LibreLinkUp app for followers. A LibreLinkUp account is separate from the main LibreLink account, and the primary user initiates the connection using a unique email address or QR code. LibreLinkUp allows up to twenty followers, but the primary user can also manage connections through the LibreLink app. Abbott has been expanding its digital ecosystem, and the FreeStyle Libre 2 app now supports optional real-time glucose alarms, which are shared through the same follower system.

Medtronic's system is more integrated with their insulin pumps and the CareLink cloud platform. Sharing is often managed through the CareLink Connect feature, which allows caregivers to view data through a web portal or mobile app. Medtronic's system tends to be more clinic-oriented, with strong audit trails for data access, making it suitable for healthcare environments where compliance is critical. The CareLink platform offers robust reporting and sharing controls.

Other Platforms and Emerging Players

Newer entrants like the Senseonics Eversense implantable sensor also offer sharing via their companion app. Additionally, there is a growing ecosystem of third-party applications (such as xDrip+, NightScout, and Gluroo) that aggregate CGM data and provide their own permission management systems. These platforms often offer even more granular control but may require more technical setup and maintenance. When using third-party apps, be especially diligent about permission reviews, as the security model may differ from the manufacturer's official app.

Why Permissions Need Active Management Over Time

The initial setup of CGM sharing is usually straightforward: you invite the people who need to follow you. But the dynamic nature of life means that your sharing needs will change. Here are the key scenarios where permission management becomes critical.

Changes in Caregiving Relationships

A grandparent who helped care for a child with diabetes during the preschool years may no longer need access once the child enters elementary school. A college roommate who provided emergency support may graduate and move away. A spouse or partner who is involved in daily diabetes management may need to adjust permissions if the relationship changes or if the person with diabetes becomes more independent. Failing to revoke access in these situations can lead to awkward privacy violations or even safety issues if the follower no longer actively monitors but still receives alerts.

Transitions Between Healthcare Providers

When you switch endocrinologists, move to a new city, or transition from pediatric to adult care, the healthcare providers who had access to your CGM data should be updated. Old providers hanging onto data access is both a privacy risk and a potential source of confusion if they accidentally see and act on outdated information.

Device and Platform Upgrades

Upgrading to a new CGM sensor model or switching from one brand to another often requires setting up sharing from scratch. If you do not actively clean up old permissions from the previous device, those old connections could remain active as orphaned accounts that no longer serve a purpose. This is a common source of forgotten permissions.

Security Incidents or Data Breaches

If you suspect that any of your followers' accounts have been compromised, it is crucial to revoke their CGM access immediately. In 2023, high-profile breaches at health technology companies highlighted the vulnerability of connected health devices. A compromised follower account could expose your glucose data, which is highly sensitive health information. Regularly reviewing your follower list can help you spot suspicious accounts early.

Strategies for Systematic Permission Monitoring

Monitoring permissions is not a one-time event; it is an ongoing practice. Here are actionable strategies to build into your routine.

Schedule Periodic Permission Audits

Set a recurring calendar event every 90 days to review all active CGM sharing connections. During this audit, ask yourself: Does this person still need access? Do they need view-only or full access? Have they changed phone numbers or email addresses? Do I still trust them with my health data? Treat this audit with the same importance as a device sensor change or a quarterly endocrinology appointment.

Use In-App Notification Tools

Most CGM apps allow you to receive notifications when someone new is added as a follower or when a follower changes their own alert settings. Enable these notifications so that you are immediately aware of any changes. Some platforms also send email summaries of follower additions. Use these as triggers for a quick review.

Maintain an External Permission Log

Consider keeping a simple spreadsheet or note that lists every person who has ever had access to your CGM data, the date they were added, the permission level granted, and the date of last review. This log can be especially helpful for parents who manage sharing for a child with diabetes, as multiple caregivers, relatives, and school staff may cycle in and out. A shared note between parents can prevent confusion about who currently has active access.

Leverage Platform-Based Audit Trails

If you are a developer or a technical user, you may be building applications that store CGM data or manage sharing on behalf of users. In that case, you need a robust backend system to track permission changes over time. Platforms like Directus provide built-in activity logging and role-based access control that can serve as the foundation for a permission management system. Directus records every create, update, and delete operation, allowing you to see exactly who granted which permission and when. This level of auditability is essential for healthcare applications that must comply with privacy regulations.

Best Practices for Managing Permissions Over Time

Monitoring is only half the equation. Active management involves making deliberate decisions about granting, modifying, and revoking access.

Grant Access with a Clear Purpose

Before inviting a new follower, ask yourself what specific purpose the sharing serves. For a weekend visit from a friend who does not usually oversee your diabetes care, use a temporary sharing link or set a reminder to revoke access after the visit. For a new healthcare provider, grant view-only access initially and escalate to full access only if needed for device management.

Use Expiration Dates Whenever Possible

If your CGM platform supports it, always set an expiration date when adding a new follower. This forces a review at a known future point. If the platform does not natively support expiration dates, create your own system by setting a calendar reminder to revoke access on a specific date.

Educate Your Followers on Their Responsibilities

Explain to anyone you grant access to that they are viewing sensitive health data. They should not share screenshots of your glucose graph on social media, discuss your numbers with people you have not authorized, or use the data to make decisions about your care without consulting you first. A brief conversation about privacy expectations can prevent misunderstandings later.

Regularly Review Permission Levels

A follower who was granted full access during a period of intensive diabetes management may no longer need that level of control. Downgrade their permission to view-only once the acute need has passed. Similarly, if a follower is no longer actively monitoring but you want them to keep seeing your data for safety, keep them on view-only to limit administrative changes.

Using Technology to Streamline Permission Workflows

For individual users, the tools provided by the CGM app are usually sufficient. However, for clinics, diabetes education centers, or developers building digital health tools, more robust infrastructure is needed to manage permissions at scale.

Building a Permission Dashboard with Directus

If you are developing a healthcare application that integrates CGM data from multiple platforms (Dexcom, Libre, Medtronic), you face the challenge of aggregating permission information from disparate sources. Directus can serve as the central data management layer. You can model your data schema to include a followers collection with fields for the CGM user, the follower's identity, the permission level, the start date, the expiration date, and an active status. Using Directus's built-in RESTful API, your frontend can create, read, update, and delete permissions in real time. The platform's activity log provides a complete history of permission changes, which is invaluable for HIPAA or GDPR compliance audits. Directus also allows you to set up workflows or automation hooks that send notifications when a permission is about to expire or when a user is removed from the system. This can significantly reduce the manual overhead of managing permissions for a large patient population.

Automated Permission Expiry and Cleanup

Using a backend like Directus, you can build automated jobs that check for expired permissions daily and revoke them. You can also implement logic that flags permissions that have not been reviewed in a certain number of days and sends a reminder to the primary user. Automation ensures that permissions do not remain active indefinitely, which is a common failure point in manual systems.

Integration with Identity and Access Management (IAM) Systems

For larger organizations, integrating CGM permission management with enterprise IAM systems like Okta or Azure Active Directory allows centralized control. When a caregiver leaves the organization, their access to all CGM data can be revoked in one place. This is particularly relevant for hospitals or nursing homes where multiple staff members may follow a patient's CGM data during a shift.

Overcoming Common Permission Management Pitfalls

Even with the best intentions, several challenges can undermine your permission management efforts. Here is how to address them.

Challenge: Follower Account Changes

A follower may change their email address, delete their CGM app, or get a new phone without informing you. If they stop receiving data, they are no longer fulfilling their role as a monitor. Solution: Periodically ask your followers to confirm they are still receiving your data and have an up-to-date device. Use the CGM app's follower status indicators to check if they have been inactive.

Challenge: Permission Creep

Over years of sharing, the list of followers can grow without you being fully aware of who has access. Solution: Conduct a comprehensive audit every six months where you document every active follower and justify their continued access. Remove anyone you cannot immediately identify or explain.

Challenge: Children Transitioning to Self-Management

As children with diabetes grow into teenagers and young adults, the permission model needs to shift from parent-managed to self-managed. This can be a sensitive transition. Solution: Start a dialogue early about data ownership. Use gradual permission reduction: reduce the frequency of alerts, downgrade from full access to view-only, and eventually give the young adult full control while maintaining a silent safety monitor role if agreed upon.

In situations involving separated parents or legal guardians, CGM data access can become a point of contention. It is important to ensure that permission management does not conflict with legal custody agreements. Solution: Document who has access and why. If necessary, use separate follower accounts for each legal guardian so that data sharing is transparent and auditable.

The field of CGM data sharing is evolving rapidly. Several emerging trends will shape how permissions are monitored and managed in the coming years.

Granular, Data-Type-Level Permissions

Future CGM systems are likely to allow sharing of specific data streams rather than all-or-nothing access. For example, a user might grant a researcher access only to nighttime glucose readings, or share only average glucose values with a fitness coach while hiding raw sensor data. This granularity will require more sophisticated permission management interfaces.

Some innovators are exploring the use of blockchain to create immutable consent records for health data sharing. While still experimental, this approach could provide a tamper-proof log of who has accessed your CGM data and when, giving users unprecedented audit capabilities.

AI-Driven Anomaly Detection

Artificial intelligence could be used to detect unusual patterns in permission changes. For example, if a follower suddenly changes their own permission level or attempts to add multiple new followers, the system could flag this as suspicious and alert the primary user. This proactive security measure would add a layer of protection beyond manual audits.

Regulatory Push Toward Data Portability and Control

Regulations like the European Health Data Space (EHDS) and the US Trusted Exchange Framework and Common Agreement (TEFCA) are pushing for greater patient control over health data. This will likely translate into more robust permission management features being required in CGM platforms by default. Manufacturers will need to provide clear, user-friendly interfaces for granting, revoking, and auditing data sharing.

Building a Sustainable Permission Management Routine

To conclude this guide, here is a practical, step-by-step routine that any CGM user can adopt to ensure their sharing permissions remain appropriate and secure over time.

  1. Set a recurring calendar reminder for the first day of every third month. Label it "CGM Permission Audit."
  2. Open your CGM app and navigate to the sharing settings. Take a screenshot of the current follower list.
  3. For each follower, ask three questions: Do they still need access? Do they have the correct permission level? Is the contact information they use still valid?
  4. Remove or downgrade any follower who does not pass all three criteria. Do not leave inactive followers in place.
  5. If you added a temporary follower since the last audit, confirm that their access has expired or revoke it now.
  6. Update your external permission log with the date of the audit and any changes made.
  7. Send a quick message to your active followers asking them to confirm they are still receiving data and are comfortable with their role.
  8. Document any issues such as a follower who did not respond or a suspicious permission change, and follow up before the next audit.

This routine takes less than fifteen minutes every three months and can prevent months or years of unintended data exposure. For parents managing a child's CGM, performing this audit with the child (once they are old enough) also serves as an important educational exercise in digital health privacy.

Conclusion

Monitoring and managing CGM sharing permissions is not just a technical task; it is a fundamental aspect of owning your health data in an increasingly connected world. The ease of sharing that makes CGM technology so powerful also introduces risks that compound over time if permissions are not actively maintained. By understanding the different permission types, recognizing why access needs change, implementing a systematic monitoring routine, and leveraging the right tools including backend platforms like Directus for enterprise-scale management, you can ensure that your glucose data remains shared only with the people who genuinely need it for your safety and care. Take control of your permissions today, and schedule your first quarterly audit. Your privacy and your peace of mind are worth it.