Apple's HealthKit API has the ability to hold extremely important personal health data like heart rate, exercise habits, and blood pressure, but the company is now clarifying its guidelines on what third party developers are allowed to do with that data, Guardian reports.
With added language to the developer license agreement, Apple's guidelines now state that a developer "must not sell an end-user's health information collected through the HealthKit APIs to advertising platforms, data brokers, or information resellers." Developers are also banned from even accessing the information in HealthKit unless it is absolutely crucial to the functioning of the app itself.
However, the policy also states that a consumer's health data can be shared with a third party if it is for "medical research purposes," and only if the user has consented to sharing the data. That's some pretty ambiguous wording, and given that this is a policy that Apple's can't directly police -- the company can't monitor what another entity does with the data it is accessing, of course -- it will be interesting to see if all developers play by the rules from the very start.