Apple has added some healthcare organizations to the Health app using publicly available FHIR API endpoints to provide their patients access to their own health records, in compliance with federal rules on Interoperability, Information Blocking, and ONC Health IT Certification (established under the 21st Century Cures Act). If you aren’t yet listed, you can sign up using Apple Business Register. See Tell Apple about your organization.
If your organization was added by Apple, and you want to update your organization’s listing in the Health app—for example, your brand name, brand logo, or location info—contact the Health Records support team at health_records_support@apple.com. See Claim your healthcare organization.
Health Records allows users to securely download their health records from participating healthcare organizations. This is distinct from health data, such as movement activity, weight, or heart rate, that is recorded to a user’s device by third-party apps.
A user’s health records data is downloaded over an encrypted connection directly from the healthcare organization to the Health app on their iPhone or iPad. The data does not traverse Appleʼs network during this download. After health records have been downloaded to the user’s phone, the data is encrypted in the deviceʼs HealthKit database. See Privacy and security overview.
(Applicable to U.S. healthcare organizations only.)
As Apple is not receiving any Protected Health Information (as that term is defined at 45 CFR 160.103) from or on behalf of the participating healthcare organization, Apple does not execute BAAs as part of Health Records.
As Apple is not providing software or licenses to—or receiving health records data from—participating organizations and is merely enabling direct connections between participating organizations and their patients, Apple does not complete vendor security forms or risk assessment questionnaires as part of Health Records.
No, but users can give Apple access using the Improve Health Record feature.
Users may choose to share certain information from their health records with Apple to help Apple develop, improve, and understand the Health Records feature. Their data will not be used for any other purpose. The information provided to Apple could include information in their health records, such as their conditions, medications, vitals, and procedures. Before their information is sent to Apple, it is processed locally on their device to remove data that may personally identify them, such as their name or phone number. While the process is intended to remove all information that may personally identify users, it is possible that Apple may receive identifiable information. If any personally identifiable information is found, it is promptly deleted.
All information sent to Apple is encrypted both in transit and in storage.
In the Health app, users can view the data sent to Apple within the past 2 weeks by tapping the profile picture in the upper-right corner, then going to Health Records > Options > Analytics Data. They can stop sharing this information at any time by going to Settings > Privacy & Security > Analytics & Improvements and turning off Improve Health Records.
Information received by Apple is treated in accordance with Appleʼs Privacy Policy, which can be found at apple.com/privacy.
Yes, using iCloud. By default, iCloud automatically keeps a user’s Health app data, including health records, up to date across their devices. To disable this feature, users can open iCloud settings and turn off Health. iCloud protects their health records data by encrypting it both at rest and during transmission.
For those using iOS 12, iPadOS 17, or later who have turned on two-factor authentication for their Apple ID, health records are encrypted using end-to-end encryption through iCloud. This means only users can access this information, and only on devices where they are signed in with their Apple ID. No one else, not even Apple, can access end-to-end encrypted information. See the iCloud security website and the Apple ID & Privacy website.
Yes, users may choose to share their health records data with third-party apps they trust.
Apps that access any data from the Health app through HealthKit, including health records data, are required to have a privacy policy. When providing consent, users can decide which data from their health records is shared with the third-party app. They can also decide whether new records are automatically shared with the third-party app or whether the app must ask each time before accessing new records. By default, the app must ask each time.
When users choose to share health records data with a third-party app on their devices, the data is sent directly from HealthKit to the third-party app—it is not sent to Apple.
Yes, using iCloud and iTunes.
Users can use iCloud to store their Health app data, including health records, using end-to-end encryption (which requires iOS 12, iPadOS 17, or later and two-factor authentication). Health and health records data is also included in local iTunes backups if users have configured their iTunes backups to be encrypted.
All users of Health Records must accept the iOS Software License Agreement (iOS 11.2 and later or iPadOS 17) before using Health Records. You can find the agreements at apple.com/legal/sla.
There are two additional relevant documents:
Any entities—for example, community hospitals or physician groups whose FHIR API endpoints you manage—can participate as long as they make personal health data accessible to their patients through patient portals and FHIR API endpoints, and as long as they use EHRs (whether directly or indirectly through outsourced or hosted arrangements) that support Health Records. Participating entities can directly accept the Health Records Directory Listing Agreement, complete the information required (by themselves or through you, their host partners) regarding any gateway, brand, or location they would like to list in the Health app, and pass the Health Records integration test requirements.
There is no fee from Apple for organizations to participate in Health Records.
Apple lists all participating organizations publicly in the Health app. Beyond this, Apple will not issue any press release or public announcement mentioning a company without the company’s prior approval.
Upon your acceptance of the Health Records Directory Listing Agreement, Apple provides participating organizations Marketing and Communications guidelines in connection with Health Records.
Apple will review any public announcement (whether to internal stakeholders or an external audience) related to Health Records to ensure consistency in messaging across all participating organizations. Please allow 1–2 weeks for approval from the time you submit your draft public announcements.
(Applicable to UK healthcare organizations only.)
No. Apple does not receive or otherwise process user personal data (as defined in the GDPR) from or on behalf of the participating healthcare organization as part of Health Records. Therefore, Apple is not considered a data processor of the participating healthcare organization, and the question of entering into data processing agreements does not arise.
If you’re using Apple Business Register (see Tell Apple about your organization) and want to learn more about why Apple asks for a worldwide license for Company Settings and Company Marks (post-termination), Quality of Service levels, and test patient accounts, see Requirements in the Health Records Directory Listing Agreement.