"the mountainous issue of data privacy"
It's indeed the problem, and not just for medical applications.
Perhaps more mountainous for BlueTooth as it inherits from it previous incarnations the reputation of being the most insecure communication channel ever. Reputations like that tend to linger on even when the basis for them has disappeared.
Regardless of the communication method, the "IoT" will need to adress the fact that it would be putting a _lot_ of very personnal information in the open, and the communication stage is perhaps the less problematic. Because all this data is going to be stored somewhere, and the real questions here are "how", "where", asd "for how long".