Skip to content Skip to navigation

Apple bolsters HealthKit app security

September 10, 2014
by Richard R. Rogoski
| Reprints

It's one thing when celebrity photos are hacked from Apple's iCloud. It's another when health data stored in the cloud has the potential of getting hacked. To ensure that health information remains secure, Apple Inc. recently updated the terms and conditions governing application developers working with Apple's new HealthKit API (Application Programming Interface).

In an unprecedented move, Apple has banned application developers using the HealthKit API from storing any user's health information in iCloud.

Additionally, Apple has revised its terms and conditions in an effort to bolster online and data storage security. Among the changes:

• "Apps may not use user data gathered from the HealthKit API for advertising or other use-based data mining purposes other than improving health, medical, and fitness management, or for the purpose of medical research.”

• “Apps that share user data acquired via the HealthKit API with third parties without user consent will be rejected.”

• “Apps using the HealthKit framework must provide a privacy policy or they will be rejected.”

•  “Apps that provide diagnoses, treatment advice, or control hardware designed to diagnose or treat medical conditions that do not provide written regulatory approval upon request will be rejected.”