You can turn off iCloud sync for your Health data, but even if you keep it on, it's encrypted end-to-end across all your devices, which is nice.[1] (Some caveats apply.)

1: https://support.apple.com/en-us/HT202303

Ah yeah, I have iCloud sync off for everything except the one free iCloud email account. :)

Ironically, the only iCloud service that is not encrypted at rest. :P

https://support.apple.com/en-us/HT202303

Ah yeah I don't care, I don't actually use it! There are probably 1-5 total emails in the account :'D

There's the general risks that they have your data and in future can change what they do it. They can be bought out in future like fitbit, which is obviously laughable at the moment but it's not the first time we've seen apple sink. Plus there's the general bluetooth privacy issues, although I think apple has a decent track record of protecting against this.

I'd be interested to know what and how much it shares info too and if it's safe against things like wifi MitM attacks.

It doesn’t matter if apple sinks because the architecture includes end to end encryption they do not hold the keys to.