Health Connect policy requirement FAQs

Health Connect apps collect health and fitness data, which may contain personal and sensitive data. This article addresses some of the frequently asked questions about the Health Connect policy and access requirements.

We are improving how developers request access to Health Connect permissions, as well as how these requests are reviewed. From 31 August 2024, developers requesting access to Health Connect permissions can declare their use of these permissions by completing the Health Connect questions as part of the health apps declaration form on the App contentpage (Policy and programmes > App content) in Play Console. The form previously used for this purpose will be deprecated.

This change affects developers as follows:

Existing Health Connect developers must complete and submit the new Health Connect questionsin the health apps declaration by 22 January 2025, and are subject to the same requirements as before.
New Health Connect developers that request access for the first time must complete and submit the new Health Connect questions as part of the health apps declaration in Play Console.

Frequently asked questions (FAQs)

How do I access data through Health Connect?

To access Health Connect data for your app, follow these steps:

Review the Health Connect policy: Review and understand the approved use cases for Health Connect and requirements for accessing, sharing and protecting user data. To know more, read the Health Connect by Android permissions.
Request permissions in Play Console: When submitting your app in Play Console, request the specific permissions required for the data types that your app needs to support its features.

When requesting permissions, bear the following in mind:

For each permission requested, provide a clear and detailed justification explaining how your app will use the data to benefit the user.
If your app does not require access to specific data types, then you must not request access to these data types.
Be as detailed as possible in documenting the purpose for your access requests.
Request the minimum data types needed and provide a valid use case for each request.

Example of a good justification:

Permission requested: Access to physical activity data.
Justification: 'Our app provides personalised workout plans. Access to physical activity data allows us to tailor recommendations based on users' current activity levels, enhancing their fitness journey'.

Example of an incomplete justification:

Permission requested: Access to physical activity data.
Justification: 'Needed for app functionality'. (This is too broad and lacks specific justification).

Describe privacy and security practices: Provide a comprehensive privacy policy that:
- Provides an overview of your app's data collection, usage and sharing practices. Include details about what data is collected, how it's used and stored, user controls and data sharing practices.
- Describes the security measures implemented to protect user data, such as encryption, access controls and regular security assessments.

For a visual guide on managing permissions in Health Connect, you might find the following video helpful.

What happens if my request is incomplete or denied?

What are the approved use cases for Health Connect permissions?

For applications requesting access to any Health Connect permissions, approved use cases include fitness and wellness, rewards, fitness coaching, corporate wellness, medical care, health research and games. Applications granted access to this permission may not extend its use to undisclosed or non-permitted purposes.

Approved use cases

Fitness and wellness

Applications that allow users to track their fitness/wellness and progress to their goals using phone sensors, manual journalling or participating in digital classes and guided sessions, and receive personalised recommendations based on their health data.

Rewards

Applications that encourage users to adopt and maintain healthy habits, personalise incentives or track progress towards health goals in exchange for financial rewards.

Fitness coaching

Applications that provide virtual human fitness coaching, allowing coaches to access user data like activity levels and sleep patterns to monitor progress and provide training plans, guidance and support.

Corporate wellness

Enterprise-focused platforms that enable wellness managers to distribute and manage wellness programmes for employees.

Medical care

Applications that help users receive and manage clinical care, including:

Direct care: Apps that enable users to connect with healthcare providers, manage appointments, access medical records and track health conditions
Condition management: Apps focused on managing specific medical conditions (for example, diabetes, hypertension) that may utilise user data to personalise treatment plans, monitor progress and provide relevant education and support.
Medication management: Apps that help users manage their medications, track adherence and receive reminders, potentially using user data to identify potential drug interactions or provide personalised medication information.

Note: Health Connect is a general purpose data sharing platform that allows users to aggregate health and fitness data from various sources on-device and share it with third parties at their election. The data does not necessarily originate with Google or any Google Affiliates and has not been reviewed by Google. It is your responsibility to assess whether Health Connect is appropriate for your intended use and to investigate and vet the source and quality of any data from Health Connect in connection with any purpose and, in particular, for research, health or medical uses.

Human research

Applications that enable users to donate their data for health research studies, with appropriate consent and de-identification measures. This could include apps focused on specific conditions, public health surveillance or clinical trial recruitment. These studies are typically approved by an institutional review board (IRB) or ethics committee (EC) and collect user consent for conducting health research.

Note: Apps conducting health-related human subject research using data obtained through Health Connect must obtain consent from participants or, in the case of minors, their parent or guardian. Such consent must include the (a) nature, purpose and duration of the research; (b) procedures, risks and benefits to the participant; (c) information about confidentiality and handling of data (including any sharing with third parties); (d) a point of contact for participant questions; and (e) the withdrawal process. Apps conducting health-related human subject research using data obtained through Health Connect must receive approval from an independent board whose aim is 1) to protect the rights, safety and well-being of participants and 2) with the authority to scrutinise, modify and approve human subjects research. Proof of such approval must be provided upon request.

Game

Applications where a user’s progress in a game is influenced or impacted by their fitness and/or wellness. These are games that collect a user's activity data as a way to advance gameplay.

Does the Health Connect policy apply to WearOS apps?

How do activity recognition and body sensor permissions relate to Health Connect?

What are the UI guidelines for Health Connect permissions and data requests?

Choose a section to give feedback on

Was this helpful?

How can we improve it?

Health Connect policy requirement FAQs

Frequently asked questions (FAQs)

How do I access data through Health Connect?

What happens if my request is incomplete or denied?

What are the approved use cases for Health Connect permissions?

Does the Health Connect policy apply to WearOS apps?

How do activity recognition and body sensor permissions relate to Health Connect?

What are the UI guidelines for Health Connect permissions and data requests?

Was this helpful?

Need more help?

Try these next steps:

What's the issue with this selection?

Share additional info or suggestions