The HIPAA Rules generally do not protect the privacy or security of your health information when it is accessed through or stored on your personal cell phones or tablets. The HIPAA Rules apply only when PHI is created, received, maintained, or transmitted by covered entities and business associates. For example, the HIPAA Rules do not protect the privacy of your Internet search history, information you voluntarily share online, or your geographic location information. In most cases, unless the app is provided to you by a covered entity or its business associate - PDF, the HIPAA Rules also do not protect the privacy of data youve downloaded or entered into mobile apps for your personal use, regardless of where the information came from.The information that your device or apps collect about you may be viewed or collected by other entities or used by the device or app vendors to send you specific ads. It may also be sold to a data broker, someone who obtains and shares consumer information without their knowledge, often selling it for marketing or other purposes. Although the HIPAA Rules do not protect this information, there are steps that you can take to increase the privacy of your information when using your personal mobile device.
Read on hhs.gov