存储来自 HealthKit 的数据
Storing Data from HealthKit
我正在处理一个涉及 Swift 和 HealthKit 以及我的团队的项目,我想知道如果获得用户许可,我们是否可以将 HealthKit 数据存储在外部数据库中?我查看了 HealthKit 的文档,但没有找到任何东西,除非我忽略了它。如有任何帮助,我们将不胜感激!
指南和文档中包含大量信息
这里有一些亮点...
准则规定
Privacy Protection
You must request permission to access people's data, and you must take all necessary steps to protect that data. After you receive permission, it's essential to maintain people's trust by clearly showing them how you use their data. For developer guidance, see Protecting User Privacy.
Provide a coherent privacy policy. During the app submission process, you must provide a URL to a clearly stated privacy policy, so that people can view the policy when they click the link in the App Store page for your app. For developer guidance, see App Information > App Store Connect Help.
Request access to health data only when you need it. It makes sense to request access to weight information when people log their weight, for example, but not immediately after your app launches. When your request is clearly related to the current context, you help people understand your app’s intentions. Also, people can change the permissions they grant, so your app should make a request every time it needs access. For developer guidance, see requestAuthorization(toShare:read:completion:).
Clarify your app's intent by adding descriptive messages to the standard permission screen. People expect to see the system-provided permission screen when asked to approve access to health data. Write a few succinct sentences that explain why you need the information and how people can benefit from sharing it with your app. Avoid adding custom screens that replicate the standard permission screen’s behavior or content.
https://developer.apple.com/design/human-interface-guidelines/healthkit/overview/
还有一点要注意
The user’s device stores all HealthKit data locally. For security, the device encrypts the HealthKit store when the user locks the device. As a result, your app may not be able to read data from the store when it runs in the background. However, your app can still write to the store, even when the phone is locked. HealthKit temporarily caches the data and saves it to the encrypted store as soon as the user unlocks the phone.
Specify How Your App Uses the Health Data
In addition, your app must not access the HealthKit APIs unless the app is primarily designed to provide health or fitness services. Your app’s role as a health and fitness service must be clear in both your marketing text and your user interface. Specifically, the following guidelines apply to all HealthKit apps:
Your app may not use information gained through the use of the HealthKit framework for advertising or similar services. Note that you may still serve advertising in an app that uses the HealthKit framework, but you can’t use data from the HealthKit store to serve ads.
You must not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, you can only share information to a third party if they also provide a health or fitness service to the user.
You can’t sell information gained through HealthKit to advertising platforms, data brokers, or information resellers.
If the user consents, you may share their HealthKit data with a third party for medical research.
You must clearly disclose to the user how you and your app will use their HealthKit data.
https://developer.apple.com/documentation/healthkit/protecting_user_privacy
为了匹配 Apple 的安全性,您必须加密数据,因此您可能必须遵守联邦加密指南
https://developer.apple.com/documentation/security/complying_with_encryption_export_regulations
要做到“正确”需要付出很多努力
我正在处理一个涉及 Swift 和 HealthKit 以及我的团队的项目,我想知道如果获得用户许可,我们是否可以将 HealthKit 数据存储在外部数据库中?我查看了 HealthKit 的文档,但没有找到任何东西,除非我忽略了它。如有任何帮助,我们将不胜感激!
指南和文档中包含大量信息
这里有一些亮点...
准则规定
Privacy Protection You must request permission to access people's data, and you must take all necessary steps to protect that data. After you receive permission, it's essential to maintain people's trust by clearly showing them how you use their data. For developer guidance, see Protecting User Privacy.
Provide a coherent privacy policy. During the app submission process, you must provide a URL to a clearly stated privacy policy, so that people can view the policy when they click the link in the App Store page for your app. For developer guidance, see App Information > App Store Connect Help.
Request access to health data only when you need it. It makes sense to request access to weight information when people log their weight, for example, but not immediately after your app launches. When your request is clearly related to the current context, you help people understand your app’s intentions. Also, people can change the permissions they grant, so your app should make a request every time it needs access. For developer guidance, see requestAuthorization(toShare:read:completion:).
Clarify your app's intent by adding descriptive messages to the standard permission screen. People expect to see the system-provided permission screen when asked to approve access to health data. Write a few succinct sentences that explain why you need the information and how people can benefit from sharing it with your app. Avoid adding custom screens that replicate the standard permission screen’s behavior or content.
https://developer.apple.com/design/human-interface-guidelines/healthkit/overview/
还有一点要注意
The user’s device stores all HealthKit data locally. For security, the device encrypts the HealthKit store when the user locks the device. As a result, your app may not be able to read data from the store when it runs in the background. However, your app can still write to the store, even when the phone is locked. HealthKit temporarily caches the data and saves it to the encrypted store as soon as the user unlocks the phone.
Specify How Your App Uses the Health Data In addition, your app must not access the HealthKit APIs unless the app is primarily designed to provide health or fitness services. Your app’s role as a health and fitness service must be clear in both your marketing text and your user interface. Specifically, the following guidelines apply to all HealthKit apps: Your app may not use information gained through the use of the HealthKit framework for advertising or similar services. Note that you may still serve advertising in an app that uses the HealthKit framework, but you can’t use data from the HealthKit store to serve ads. You must not disclose any information gained through HealthKit to a third party without express permission from the user. Even with permission, you can only share information to a third party if they also provide a health or fitness service to the user. You can’t sell information gained through HealthKit to advertising platforms, data brokers, or information resellers. If the user consents, you may share their HealthKit data with a third party for medical research. You must clearly disclose to the user how you and your app will use their HealthKit data.
https://developer.apple.com/documentation/healthkit/protecting_user_privacy
为了匹配 Apple 的安全性,您必须加密数据,因此您可能必须遵守联邦加密指南
https://developer.apple.com/documentation/security/complying_with_encryption_export_regulations
要做到“正确”需要付出很多努力