Apple recently published a white paper that provides an overview of the data protection and security measures used in the Health app and the HealthKit interface for iPhone and Apple Watch. Apple assures users that health data is securely stored locally on the device itself and is encrypted. Access to the data requires knowledge of the device code or iPhone PIN, or an unlocked iPhone.
Data synchronized via the cloud service is encrypted with end-to-end encryption, which requires users to activate two-factor authentication for their Apple ID and use at least iOS 12. Sharing health data with other apps requires users to give permission first. The apps that read health data through the HealthKit interface also cannot evaluate this data for advertising purposes as per Apple’s contractual obligation.
Apple also launched an advertising campaign parallel to the publication of the white paper to draw attention to their data protection functions. This move comes amid concerns about unsafe apps for cycle tracking since the US Supreme Court overturned the right to abortion last year. The possible consequences of law enforcement having access to this data have further fueled the debate.
Currently, the Apple Health app is only available on the iPhone, but reports suggest that with iPadOS 17, the app could extend to the iPad for the first time. Observers expect Apple to better design the health app for the “mental health” area and support tracking of mood swings, for example. Apple is also said to be working on an AI-based coaching service to motivate users to lead healthier lives, which is expected to launch in 2024.