Health apps encompass a wide range of applications that are designed to support and improve users’ health, well-being (mental and physical), and medical management. Medical apps, health and fitness apps, and health research apps are examples of health apps.
This article answers some common questions to clarify how health apps are categorized, how our Health Apps policy applies to them, and what permissions are within the scope of this policy. Click on a section below to expand or collapse it.
What are health and fitness apps?Apps that help users manage their health and fitness. These apps usually inform or let users track or sync information about their personal health and fitness, and progress towards their goals in areas such as fitness, nutrition, wellness, and sleep. Examples include fitness trackers, nutrition trackers, sleep trackers, and stress management apps.
Apps that provide medical information, resources, or tools to users to enhance medical care, facilitate diagnosis and treatment, and improve overall health outcomes. Examples include apps used by patients, government agencies, or healthcare professionals for health management and care delivery, developed by a healthcare provider (such as a HIPAA covered entity) or similar institution. These include the following:
- Healthcare provider apps such as electronic health records (EHRs) and patient portals, medical reference apps, telehealth, remote monitoring apps, disease management apps, symptom checkers, among others.
- Apps used and developed by government agencies and other institutional organizations (for example, non-governmental organizations) to promote public health and well-being, including apps for tracking the spread of disease such as public health pandemic apps or for providing information on public health benefits. These are often designed by governments and NGOs for the public, such as public health contact tracing apps.
- Medical apps may also include apps considered as Software as a Medical Device (SaMD), which are regulated by a regulatory body or agency, such as the U.S. Food and Drug Administration (FDA) or similar entity. These apps are intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device. The medical purpose may range from diagnosis and prevention, to the monitoring and treatment of diseases and physiological conditions. For example, these apps include apps that analyze image data and detect and diagnose stroke or cancerous conditions, apps that interpret patient record data, and create a treatment plan, or similar.
Apps that are used and developed by credentialed researchers and healthcare professionals to collect data for research studies on health-related human subjects, that are approved by an Institutional Review Board (IRB) or Ethics Committee (EC), or other equivalent entity. Examples include apps that collect data on various health outcomes, including symptoms, disease incidence, treatment efficacy, and quality of life. Some apps are designed for use in clinical trials, while others are intended for observational studies or patient-reported outcome measures. Apps may be intended for use by researchers only, or designed for use by both researchers and study participants.
Apps conducting health-related human subject research must obtain consent from participants or, in the case of minors, their parent or guardian.
Such consent must include the following:
- Nature, purpose, and duration of the research
- Procedures, risks, and benefits to the participant
- Information about confidentiality and handling of data (including any sharing with third parties)
- Point of contact for participant questions
- Withdrawal process
What are the Review Board requirements?
Review Boards are an integral part of all human-subject research. Apps engaged in human subject research must receive approval from an independent board (where appropriate) whose aims are as follows:
- To protect the rights, safety, and well-being of participants.
- With the authority to scrutinize, modify, and approve human subjects research.
Proof of such approval must be provided upon request.
Apps conducting health-related human subject research using data obtained through Health Connect may be required to complete this Research form.
The following permissions are considered in scope of health related sensitive data (not an exhaustive list):
ACCESS_BACKGROUND_LOCATION
ACCESS_COARSE_LOCATION
ACCESS_FINE_LOCATION
ACTIVITY_RECOGNITION
BLUETOOTH_ADVERTISE
BLUETOOTH_CONNECT
BLUETOOTH_SCAN
BODY_SENSORS
BODY_SENSORS_BACKGROUND
CAMERA
READ_CALENDAR
READ_SMS
RECORD_AUDIO
SEND_SMS
WRITE_CALENDAR
If your app requires any of these permissions, it must prominently disclose how user data will be used, describe the type of data being accessed, and have the user provide affirmative consent for such use. You can view a full list of Android permissions and descriptions on the Android Developers site.
Important: If your app utilizes any restricted permission or APIs, it must conform to acceptable use requirements, including not violating the Elevated Privilege Abuse policy. Apps may not break the Android security and permissions sandbox regardless of user consent. For example, we disallow use of the Android Accessibility API to automatically consent to permissions in other apps.
The following permissions are considered in scope of health related sensitive data (not an exhaustive list):
The following format may be used to reference the data/permission access request and its purpose (both in the privacy policy and prominent disclosure dialogue):
- ‘This app collects physical activity data to calculate calories burnt’
- 'This app collects location data to locate running tracks’’
To ensure the safety and well-being of users, if your app makes a health or medical claim, such as helping in diagnosis or management of health conditions (including tracking, improvement, or treatment), you should disclose certain key information to users in a clear and easily understandable way.
This may include the following:
- The app's purpose(s) (for example, what it does and/or what it is meant to be used for)
- Its claimed benefits (for example, health improvement, care management, condition tracking, diagnosis, treatment)
- The basis of claim made (for example, evidence, best practices, standards)
- The types of users your app is intended for (for example, adults, children, women, clinical professionals, patients)
- Any risks associated with the use of the app
- All required disclaimers and warnings (for example, requiring users to seek advice from a doctor or other qualified healthcare professional) clearly within the app
Please follow the instructions in this Help Center article to complete the health apps declaration form.