16 | MACFORMAT | JUNE 2019 macformat.com @macformatthrough App Store approvals process, but this
can’t delve into what happens to data after it
leaves the device. While Apple makes a point
of not letting developers access data it holds on
users, they’re not prevented from collecting
health inputs and storing them in accounts
created by users on their own platforms.
A team led by Quinn Grundy at the
University of Toronto’s faculty of nursing also
investigated third-party health apps, finding
many transmitted sensitive info, such as what
medicines people were taking and conditions
they had. An Android phone was used in this
study, but iOS apps could share data similarly,
with the user’s permission. Published in March
in the BMJ, a world-leading medical journal,their report concluded that “sharing of user data
is routine, yet far from transparent”.
Apple says apps that access HealthKit are
required to have a privacy policy, and users
should ‘review these policies before providing
apps with access to your health and fitness data’.
In practice, of course, we rarely read privacy
policies before tapping to agree. But in Settings >
Privacy > Health, you can edit exactly the data
each app can write into HealthKit or read out.
This draws attention to the fact that, via
HealthKit, one third-party developer can access
data brought in by another. Since each is
governed by its own privacy policy, all your
Health data is only as private as the least
responsible developer whose app you’ve
granted permissions to.
You should, of course, expect that
developers will take the privacy of sensitive
data seriously. And the law is on your side –
mostly. Although people often think of data
protection as imposing a requirement for
consent, consent is just one of six lawful bases
for processing set out in the GDPR (General
Data Protection Regulation, incorporated into
UK law in the Data Protection Act 2018), and
may not be the appropriate one for medical
practice, where your records are accessed and
shared because it’s necessary to treat you.
Consumer apps that you choose to run on your
phone, however, are likely to require informed
consent. Any processing should be limited to
the purposes you’re explicitly told about.
That’s not such a simple distinction
when health and fitness apps cross over intoYou can edit
exactly the data
each app can
read from
HealthKit
Testing for health benefits >
When Apple Watch Series 4
appeared in September 2018, its
ECG function was still ‘coming
soon’. Only in December did it start
to work in the US, with other
countries waiting more than twice
as long. The feature had been
cleared by the US regulator, the
FDA, but Apple waited to conduct
a clinical trial of its accuracy with
600 subjects. This turned out to
be very high, although it failed
to process 12% of readings.
A longer-running study, with400,000 participants, tested
atrial fibrillation (AFib) detection
using the Watch’s older optical
heart rate monitor. During the trial,
0.5% of users, about 2,000 people,
received a warning, with 84%
confirmed to have an irregular
heartbeat. 57% sought medical
help. The numbers suggest a good
ratio of detection to false positives,
which could help patients avoid
strokes later, but more research
is needed into the benefits of
mass testing over time.Health and fitness apps are great,
but there are issues over the
©Ap sharing of sensitive personal data.
ple
In
c