Privacy

Privacy is a key for handling health data. Samsung Health SDK enables your application to access health data based on the user’s consent.

Instant Permission

A very sensitive data type like health document requires gaining instant permission. Instant permission is created for one-time data access. An app that handles health document has to call the instant permission API whenever it needs to access data.

Its related APIs are:

Permission Manager

The SDK’s supported data types except health document need to gain permission with PermissionManager’s APIs.

An application needs to declare proper permissions for handling required health data types and to handle SecureException when the application cannot gain the user consent because the user can withdraw consent at any time. See PermissionManager for permission declaration and request.

Samsung Health reads declared permissions of the application manifest file when it initialize and you can check them in Samsung Health > Settings > Data permissions > [App] as Figure 15.

On the other hand, an application needs to make a permission setting menu separately. The application calls a permission request API with required permission keys and the health data framework pops the permission UI up on the application. The flow can be preceded after the user approves or denies the data type usage. The user may change permission for each data type at any time.

In this time, items of the permission UI and Samsung Health’s setting menu can be different. Make same:

  • Declared permissions in manifest.

  • Permission keys for the permission request API.

The user consent is limited to the device. Even if multiple devices use the same Samsung account, the application has to acquire the user consent on each device independently.

Figure 15: Privacy and user permission