As another has commented, medical devices (and especially pacemaker systems) are well regulated, such that misuse or illegal re-selling of patient health data is not worth it for most companies.
Cybersecurity is a big topic in the industry now and life-sustaining systems are scrutinised much more closely these days. I wouldnt be worried, but you can ask the company directly if you are still concerned.
I don’t normally blindly down such comments, but without credible explanation and evidence of what you mean, I made an exception here.