By Stewart Eisenhart, Emergo Group
As many mobile medical application developers are aware, Apple has amended its App Store Review Guidelines to forbid apps available through the firm’s HealthKit framework from storing users’ health data on the iCloud virtual server.
Specifically, any app that relies on iCloud for storing user data will be rejected from inclusion in Apple’s App Store. Given recent security breaches involving rather personal photos of celebrities stored on iCloud, Apple’s move may preemptively address concerns from US regulators including the Food and Drug Administration and Federal Communications Commission that cloud storage security inadequately protects patient and user data related to telehealth and mobile medical devices.
The HealthKit guidelines also require app developers to establish and provide privacy policies to users and patients in order to be sold in the App Store, and may not use any data from users or patients for advertising or commercial purposes.
Whether or not these requirements represent a tacit acknowledgement that iCloud security needs to be improved, they do indicate that Apple has become more sensitive to data storage and privacy issues as the company moves more deeply into the mobile medical technology arena.
Stewart Eisenhart covers medical device regulatory affairs for Emergo Group.