Privacy

Privacy is a key for handling health data. Samsung Health SDK for Android enables your application to access health data based on the user's consent.

Permission Manager

The SDK's supported data types except health document need to gain permission through PermissionManager.

An application needs to declare proper permissions for handling required health data types and to consider SecureException when the application didn't gain a user consent. The user can withdraw consent at any time. See PermissionManager for permission declaration and request.

Samsung Health add the partner app's permission info under Samsung Health > Settings > Data permissions > [Partner app] after a success of HealthPermissionManager.requestPermission() in the partner app.

On the other hand, the partner app needs to make a permission setting menu separately. In the menu, the app calls HealthPermissionManager.requestPermission() with required permissions. The Samsung Health's health data framework pops up the permission UI. A permission result event is retreived after the user's agreement or denial on the permission popup. The app should provide an interface that the user may change data permission at any time.

The user consent is limited to the device. Even if multiple devices use the same Samsung account, the application has to acquire the user consent on each device independently.

Instant Permission

A very sensitive data type like a health document requires gaining instant permission. Instant permission is created for one-time data access. An app that handles a health document has to call the instant permission API whenever it needs to access data.

Related APIs are:

• HealthDataResolver.insertWithPermission()
• HealthDataResolver.readWithPermission()
• HealthDataResolver.deleteWithPermission()