Is My Health App Safe? Is your health app actually safe?
Women 35–65 are the heaviest users of health tracking apps — and the least-protected by the privacy laws most of us think cover this data. We read the privacy policies so you don't have to, and grade each app on what actually happens to your information.
Latest scorecards
Why this site exists
Most people assume that because health data feels sensitive, it must be legally protected. In the US, HIPAA only applies to doctors, hospitals, insurers and their direct vendors. An app you download from the App Store is almost never covered. Your period data, your sleep data, your menopause symptoms, your heart rate — in the hands of a consumer app, they're just marketing data, and they can be shared, sold, subpoenaed or exposed in a breach.
We grade apps on what they actually do with your data, not what their marketing says. Read the methodology to see how the grades are calculated.
What we look for
- What data the app collects — including data it infers rather than asks for.
- Which third parties the data is shared with, sold to, or exposed to via advertising SDKs.
- What the privacy policy actually says, versus what the marketing implies.
- Whether HIPAA, GDPR, or state-level laws (like Washington's My Health My Data Act) apply.
- Security posture and breach history.
- Whether you can realistically delete your data and how long it's retained.
About
Is My Health App Safe? is an independent privacy research project. We are not affiliated with any of the apps we review. We link to Cirdia, a privacy-first wellness platform, where its architecture is relevant to illustrate what genuinely private health tracking can look like.