Health Records Directory Listing FAQ
How did my organization get listed in the Health app?
Apple has added some healthcare organizations to the Health app using publicly available FHIR API endpoints to provide their patients access to their own health records, in compliance with federal rules on Interoperability, Information Blocking, and ONC Health IT Certification (established under the 21st Century Cures Act). If you aren’t yet listed, you can sign up using Apple Business Register. See Tell Apple about your organization.
If your organization was added by Apple, and you want to update your organization’s listing in the Health app—for example, your brand name, brand logo, or location info—contact the Health Records support team at firstname.lastname@example.org. See Claim your healthcare organization.
How does Health Records work?
Health Records allows users to securely download their health records from participating healthcare organizations. This is distinct from health data, such as movement activity, weight, or heart rate, that is recorded to a user’s device by third-party apps.
A user’s health records data is downloaded over an encrypted connection directly from the healthcare organization to the Health app on their iPhone or iPad. The data does not traverse Appleʼs network during this download. After health records have been downloaded to the user’s phone, the data is encrypted in the deviceʼs HealthKit database. See Privacy and security overview.
Is Apple required to execute a Business Associate Agreement (BAA) for Health Records?
(Applicable to U.S. healthcare organizations only.)
As Apple is not receiving any Protected Health Information (as that term is defined at 45 CFR 160.103) from or on behalf of the participating healthcare organization, Apple does not execute BAAs as part of Health Records.
Does Apple complete any vendor security forms or risk assessment questionnaires for Health Records?
As Apple is not providing software or licenses to—or receiving health records data from—participating organizations and is merely enabling direct connections between participating organizations and their patients, Apple does not complete vendor security forms or risk assessment questionnaires as part of Health Records.
Does Apple have access to any user health data downloaded through Health Records?
No, but users can give Apple access using the Improve Health Record feature.
Users may choose to share certain information from their health records with Apple to help Apple develop, improve, and understand the Health Records feature. Their data will not be used for any other purpose. The information provided to Apple could include information in their health records, such as their conditions, medications, vitals, and procedures. Before their information is sent to Apple, it is processed locally on their device to remove data that may personally identify them, such as their name or phone number. While the process is intended to remove all information that may personally identify users, it is possible that Apple may receive identifiable information. If any personally identifiable information is found, it is promptly deleted.
All information sent to Apple is encrypted both in transit and in storage.
In the Health app, users can view the data sent to Apple within the past 2 weeks by tapping the profile picture in the upper-right corner, then going to Health Records > Options > Analytics Data. They can stop sharing this information at any time by going to Settings > Privacy & Security > Analytics & Improvements and turning off Improve Health Records.
Can users sync their Health app data across devices?
Yes, using iCloud. By default, iCloud automatically keeps a user’s Health app data, including health records, up to date across their devices. To disable this feature, users can open iCloud settings and turn off Health. iCloud protects their health records data by encrypting it both at rest and during transmission.
For those using iOS 12, iPadOS 17, or later who have turned on two-factor authentication for their Apple ID, health records are encrypted using end-to-end encryption through iCloud. This means only users can access this information, and only on devices where they are signed in with their Apple ID. No one else, not even Apple, can access end-to-end encrypted information. See the iCloud security website and the Apple ID & Privacy website.
Can users share data with third-party apps they trust?
Yes, users may choose to share their health records data with third-party apps they trust.
When users choose to share health records data with a third-party app on their devices, the data is sent directly from HealthKit to the third-party app—it is not sent to Apple.
Can users back up their Health app data?
Yes, using iCloud and iTunes.
Users can use iCloud to store their Health app data, including health records, using end-to-end encryption (which requires iOS 12, iPadOS 17, or later and two-factor authentication). Health and health records data is also included in local iTunes backups if users have configured their iTunes backups to be encrypted.
What terms are applicable to users downloading their health records?
All users of Health Records must accept the iOS Software License Agreement (iOS 11.2 and later or iPadOS 17) before using Health Records. You can find the agreements at apple.com/legal/sla.
There are two additional relevant documents:
About Health Records & Privacy: This text is an overview of the general Health Records feature and is accessible through a link from the initial Health Records screen (that is, before a user adds any healthcare organization accounts). After a user has added an account, this text can also be accessed in the Health app by tapping the profile picture in the upper-right corner, then going to Health Records > Options > About Health Records & Privacy.
About Improve Health Records & Privacy: This text explains how certain data a user might choose to share with Apple is collected and used. This text can be accessed in several ways: (1) through a link from the initial Improve Health Records screen (seen when users add their first account); (2) in the Health app by going to Health Records > Options > About Improve Health Records & Privacy after users have added an account; and (3) in Settings > Privacy & Security > Analytics & Improvements > About Improve Health Records & Privacy (below the Improve Health Records switch).
Participating health organizations can potentially insert authorization and consent language in the OAuth screens that patients have to accept before allowing the download of health records. OAuth screens are under health system or EHR vendor control—discuss with your EHR vendor.
Can we include other entities (whose systems we manage) in Health Records?
Any entities—for example, community hospitals or physician groups whose FHIR API endpoints you manage—can participate as long as they make personal health data accessible to their patients through patient portals and FHIR API endpoints, and as long as they use EHRs (whether directly or indirectly through outsourced or hosted arrangements) that support Health Records. Participating entities can directly accept the Health Records Directory Listing Agreement, complete the information required (by themselves or through you, their host partners) regarding any gateway, brand, or location they would like to list in the Health app, and pass the Health Records integration test requirements.
Is there any fee associated with participating in Health Records?
There is no fee from Apple for organizations to participate in Health Records.
Is Apple making users aware of our integration with Health Records?
Apple lists all participating organizations publicly in the Health app. Beyond this, Apple will not issue any press release or public announcement mentioning a company without the company’s prior approval.
Will Apple provide participating organizations with Marketing and Communications guidelines?
Upon your acceptance of the Health Records Directory Listing Agreement, Apple provides participating organizations Marketing and Communications guidelines in connection with Health Records.
Can we announce our participation to internal stakeholders and employees without Apple’s prior approval?
Apple will review any public announcement (whether to internal stakeholders or an external audience) related to Health Records to ensure consistency in messaging across all participating organizations. Please allow 1–2 weeks for approval from the time you submit your draft public announcements.
Is Apple a data processor—as defined in Regulation (EU) 2016/679, the GDPR—of the participating healthcare organization?
(Applicable to UK healthcare organizations only.)
No. Apple does not receive or otherwise process user personal data (as defined in the GDPR) from or on behalf of the participating healthcare organization as part of Health Records. Therefore, Apple is not considered a data processor of the participating healthcare organization, and the question of entering into data processing agreements does not arise.
Why does the Health Records Directory Listing Agreement ask for what it does?
If you’re using Apple Business Register (see Tell Apple about your organization) and want to learn more about why Apple asks for a worldwide license for Company Settings and Company Marks (post-termination), Quality of Service levels, and test patient accounts, see Requirements in the Health Records Directory Listing Agreement.