HealthKit user data sharing.

I am going to develop an application on HealthKit and wanted to know that are we allowed to share the users data after his consent on a server that will be used for users benefits ?

Replies

The short answer is no. The nature of health information is very personal, so we want to keep it as private as possible. This is taken from the HealthKit Framework Documentation:


"The HealthKit data is only kept locally on the user’s device. For security, the HealthKit store is encrypted when the device is not unlocked. The HealthKit store can only be accessed by an authorized app. You cannot access HealthKit from extensions (like the Today view) or from a WatchKit app."


Here's a link to the rest of the documentation, I reccommend reading through the HealthKit and Privacy section for some more detail.


Hope that Helps!

Thanks for the reply agart.

And I already read that before asking this question but may be I should have been more specific and I am sorry about that.

What if I have users permission to do that ?


From apple Documentation:

"You must not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, you can only share information to a third party if they are also providing a health or fitness service to the user. "


Can I share the data to the medical team like Patient doctor or medical research team?

As I have the access to the users value I can save them in my local DB and then send them to the server via webservices ?

Also I have read about the ResearchKit , can we develop some app after apple's permission for medical research ?


Thanks

AJ

Because this information is so (legally) sensitive, it needs to be handled very, very carefully. Honestly, these types of questions are above my head, as an software engineer. I would reccommend posing your question to Apple's legal department for more detailed answers.

Hey ajonapple, Did you find an answer to your question?

If the user asks and approves their data to be saved elswhere, the answer should be yes. The patient/user is the owner of their data.