Apple is expected to soon launch HealthKit, along with a new iPhone and a much anticipated wearable device called the iWatch. But while the company is working hard to show that privacy rules for its new health platform offer adequate protections, recent high-profile security breaches call its efforts into question.
The company foreshadowed a forthcoming mobile application and platform that consolidates health data and records tracked by various other health apps into one location. The platform, called HealthKit, and a user-facing app, Health, will be bundled into Apple's iOS8 software, which powers iPhones and iPads.
And Apple has issued restrictions on use of health data — signifying a marked contrast in the common practice of apps and device makers selling or sharing users’ data, often without the consumer’s knowledge.
“In the latest update to Apple’s iOS developer program license agreement, Apple said developers must ‘not sell an end-user’s health information collected through the HealthKit API to advertising platforms, data brokers or information resellers,’” according to an article in The Financial Times.
Developers seeking access to HealthKit's API must agree to rules, including a requirement to link to a privacy policy. The Financial Times reported that HealthKit apps may not use the API or any information obtained through it “for any purpose other than providing health and/or fitness services.”
[Q&A: How Apple and IBM envision hospitals using their mobile first platform.]
“Apple faces this increasingly tricky balance of ensuring they are carefully regulating the data developers have access to, with developers’ desire to create ever more innovative apps and services,” Geoff Blaber, an analyst at CCS Insight, said in the Financial Times article. “Apple has always closely controlled what comes through the App Store, far more so than Google.”
Still, questions remain over whether Apple can actually succeed at achieving stringent security standards. Recent high-profile security breaches in Apple’s iCloud storage platform, which some charge have been known for more than a year, are proof of Apple’s challenges.
Apple CEO Tim Cook said the company will take additional steps to keep hackers out of user accounts, but denied that a lax attitude toward security had allowed intruders to post on the Internet naked photos of celebrities.
"When I step back from this terrible scenario that happened and say what more could we have done, I think about the awareness piece," Cook told The Wall Street Journal. "I think we have a responsibility to ratchet that up. That's not really an engineering thing."
If Apple really delivers on its promise to protect patient data from being shared or sold, that move has the potential to shape the industry and essentially force other app and devices makers to follow suit. But Apple will have to apply just such a commitment to HealthKIt if it's to gain the user community’s full trust.
This article originally appeared on mHealth News sister site Government Health IT.
Related articles:
Mobile security still far from maturity
mHealth masters: Harry Greenspun on the promise of applied analytics
Smartwatches: Good for telling time, just not collecting data (yet)
