Apple recently updated its terms and conditions for developers working with its HealthKit API to integrate health and fitness data aggregated by the platform from various third party apps and their companion devices. Earlier this week the company's rule against selling health data collected via HealthKit to ad platforms and other data collection entities, but Apple's rules for HealthKit developers includes eight big ones.
Given recent headlines about hacked celebrity iCloud accounts, news that Apple is banning HealthKit developers from storing users' health information in iCloud has spread far and wide this morning.
Here are Apple's eight ground rules for HealthKit developers, per its recently updated terms and conditions document:
1. "Apps using the HealthKit framework must comply with applicable law for each Territory in which the App is made available."
2. "Apps that write false or inaccurate data into HealthKit will be rejected."
3. "Apps using the HealthKit framework that store users’ health information in iCloud will be rejected."
4. "Apps may not use user data gathered from the HealthKit API for advertising or other use-based data mining purposes other than improving health, medical, and fitness management, or for the purpose of medical research."
5. "Apps that share user data acquired via the HealthKit API with third parties without user consent will be rejected."
6. "Apps using the HealthKit framework must indicate integration with the Health app in their marketing text and must clearly identify the HealthKit functionality in the app’s user interface."
8. "Apps that provide diagnoses, treatment advice, or control hardware designed to diagnose or treat medical conditions that do not provide written regulatory approval upon request will be rejected."