Health Connect apps collect health and fitness data, which may contain personal and sensitive data. This article addresses some of the frequently asked questions about the Health Connect policy and access requirements.
We are improving how developers request access to Health Connect permissions, as well as how these requests are reviewed. From August 31, 2024, developers requesting access to Health Connect permissions can declare their use of these permissions by completing the Health Connect questions as part of the health apps declaration form on the App contentpage (Policy and programs > App content) in Play Console. The form previously used for this purpose will be deprecated.
This change affects developers as follows:- Existing Health Connect developers must complete and submit the new Health Connect questionsin the health apps declaration by January 22, 2025, and are subject to the same requirements as before.
- New Health Connect developers that request access for the first time must complete and submit the new Health Connect questions as part of the health apps declaration in Play Console.
Frequently Asked Questions (FAQs)
How do I access data through Health Connect?
To access Health Connect data for your app, follow these steps:
- Review the Health Connect policy: Review and understand the approved use cases for Health Connect and requirements for accessing, sharing and protecting user data. To know more, read the Health Connect by Android Permissions.
- Request permissions in Play Console: When submitting your app in Play Console, request the specific permissions required for the data types your app needs to support its features.
When requesting permissions, bear the following in mind:
- For each permission requested, provide a clear and detailed justification explaining how your app will use the data to benefit the user.
- If your app does not require access to specific data types, then you must not request access to these data types.
- Be as detailed as possible in documenting the purpose for your access requests.
- Request the minimum data types needed and provide a valid use case for each request.
Example of a good justification:
- Permission requested: Access to physical activity data.
- Justification: "Our app provides personalized workout plans. Access to physical activity data allows us to tailor recommendations based on users' current activity levels, enhancing their fitness journey."
Example of an incomplete justification:
- Permission requested: Access to physical activity data.
- Justification: "Needed for app functionality."(This is too broad and lacks specific justification)
- Describe privacy & security practices: Provide a comprehensive privacy policy that:
- Provides an overview of your app's data collection, usage, and sharing practices. Include details about what data is collected, how it's used and stored, user controls, and data sharing practices.
- Describes the security measures implemented to protect user data, such as encryption, access controls, and regular security assessments.
For a visual guide on managing permissions in Health Connect, you might find the following video helpful.
What happens if my request is incomplete or denied?
If your request is incomplete or denied, you will receive feedback through the Play Console. Common reasons for denial include:
- Lack of clear justification for the requested permissions.
- Misalignment with approved use cases.
- Insufficient detail about data collection, usage, and sharing practices.
Developers can revise and resubmit their requests with additional information or clarification.
What are the approved use cases for Health Connect permissions?
| Approved use cases |
|
Fitness and Wellness Applications that allow users to track their fitness/wellness and progress to their goals using phone sensors, manual journalling or participating in digital classes, guided sessions,and receive personalized recommendations based on their health data. |
|
Rewards Applications that encourage users to adopt and maintain healthy habits,personalize incentives or track progress towards health goals, in exchange for financial rewards. |
|
Fitness Coaching Applications that provide virtual human fitness coaching, allowing coaches to access user data like activity levels and sleep patterns, to monitor progress and provide training plans, guidance and support. |
|
Corporate Wellness Enterprise focused platforms that enable wellness managers to distribute and manage wellness programs for employees. |
|
Medical Care Applications that help users receive and manage clinical care, including:
Note: Health Connect is a general purpose data sharing platform that allows users to aggregate health and fitness data from various sources on-device and share it with third parties at their election. The data does not necessarily originate with Google or any Google affiliates and has not been reviewed by Google. It is your responsibility to assess whether Health Connect is appropriate for your intended use and to investigate and vet the source and quality of any data from Health Connect in connection with any purpose, and, in particular, for research, health, or medical uses. |
|
Human Research Applications that enable users to donate their data for health research studies, with appropriate consent and de-identification measures. This could include apps focused on specific conditions, public health surveillance, or clinical trial recruitment. These studies are typically approved by an Institutional Review Board (IRB) or Ethics Committee (EC) and collect user consent for conducting health research. Note: Apps conducting health-related human subject research using data obtained through Health Connect must obtain consent from participants or, in the case of minors, their parent or guardian. Such consent must include the (a) nature, purpose, and duration of the research; (b) procedures, risks, and benefits to the participant; (c) information about confidentiality and handling of data (including any sharing with third parties); (d) a point of contact for participant questions; and (e) the withdrawal process. Apps conducting health-related human subject research using data obtained through Health Connect must receive approval from an independent board whose aim is 1) to protect the rights, safety, and well-being of participants and 2) with the authority to scrutinize, modify, and approve human subjects research. Proof of such approval must be provided upon request. |
|
Game Applications where a user’s progress in a game is influenced or impacted by their fitness and/or wellness. These are games that collect a user’s activity data as a way to advance game play. |
Does the Health Connect policy apply to WearOS apps?
How do Activity Recognition and Body Sensor permissions relate to Health Connect?
Activity Recognition and Body Sensors permissions allow apps to access motion data and wearable sensors. While some apps may use these Health permissions alongside Health Connect data, they are distinct and must be requested separately by your app and declared in Play Console. If your app requires both, you must justify and declare each permission appropriately and ensure compliance with Play policies.
Note: For apps targeting Wear 6 and Android 16 (Android V) and higher, BODY_SENSORS permissions are transitioning to more granular android.permission.health permissions, which are also used by Health Connect. Any API previously requiring BODY_SENSORS or BODY_SENSORS_BACKGROUND now requires the corresponding android.permission.health permission. For more, see Behavior changes: Apps targeting Android 16 or higherfound at the Android developer page.
What are the UI guidelines for Health Connect permissions and data requests?
To provide a smooth, reassuring user experience, focus on how you display Health Connect data within your app. Explain the purpose behind accessing each data type, and present the information in an organized, easily digestible format. Refer to the Health Connect UI guidelines for detailed information on this.