“In 2002, in a modification of the primary healthcare information privacy rule under the Health Insurance Portability and Accountability Act, HHS removed patient consent as a requirement for the release and disclosure of patient information for most common uses. In so doing, HHS gave a regulatory green light to electronic health data disclosures.
Twelve years later, it looks as if Apple is laying down a big bet in the opposite direction by placing consent-management restrictions on developers who plan to use its HealthKit mobile application platform, which is expected to be part of its new operating system to be released later this month, according to published reports.
According to the Guardian, which quotes as its primary source an article in the Financial Times, Apple has informed developers that they “’must not sell an end-user’s health information collected through the HealthKit APIs to advertising platforms, data brokers or information resellers.””