Privacy in Health Apps: What Your Medication Tracker Is Actually Doing

What "free" health apps actually charge you

When a medication tracker is free and shows you ads, you’re paying with your data. Your prescription list, dose history, and mood logs become input to behavioral ad targeting. This isn’t a conspiracy — it’s the business model, openly described in most privacy policies if you know what to look for.

Even apps that don’t show ads often "share data with partners for service improvement." Translation: your data is being sold or licensed.

What to look for in a medication tracker’s privacy policy

• Where is data stored? "On-device" beats "in the cloud" by a mile for health data.
• Is data shared with third parties? Even "anonymized" data is often re-identifiable.
• Does the app sell aggregated data? Some companies make more from data sales than from the app itself.
• Is the company HIPAA-compliant? Most consumer apps technically don’t have to be — the ones that voluntarily are tell you something important.
• What happens to your data if the company is acquired? Look for explicit answers.

Why on-device storage is the gold standard

Apple’s SwiftData framework lets iPhone apps store data locally with full encryption, no cloud sync, and no transmission to remote servers. For health data, this is the only architecture that actually protects you.

On-device storage means your medication list can’t be subpoenaed from a company server, can’t be breached, can’t be sold to insurers, can’t be subpoenaed by an angry ex’s lawyer, can’t be used to train an AI model in some other country. It’s yours.

How Taper AI handles your data

Taper AI uses Apple SwiftData for 100% on-device storage. Firebase Authentication is used only for account login (your email, nothing else). No medication data, mood data, side-effect data, or schedule data ever leaves your iPhone. We can’t see what you take, even if we wanted to.