Just to be pedantic, it's data purchased by any consumer wearable device that isn't regulated by HIPAA. Data recorded by devices provided, connected, or implanted by actual covered healthcare providers is regulated by HIPAA.
Thank you for pointing that out. If we believe that using such data for ad targeting would be a problem, it remains best to simply make that illegal. Preventing a particular acquisition seems like a roundabout and inefficient way to accomplish the goal, since it would not prevent Google from acquiring the data some other way, supposing they wanted to use it for targeting. And it prevents other potential benefits of an acquisition, such as more robust competition in the wearables market.
Depends on how profitable the small company is by their own lights I guess. If they need capital to continue operations, it has to come from somewhere.