This is where consent comes into play. Today, a lot of people have already consensually downloaded their healthcare provider's patient portal app onto their mobile devices, so some subset of their doctor's EHR's data has already graced their mobile devices by their own consent, based on their own judgement of the risks involved. From the standpoint of electronic healthcare data merely existing on a device that could theoretically be hacked, having a consensual system like this on a mobile device would not break any new ground.

Edit: I also wouldn't assume that an iPhone is less secure than various computers and cloud servers that doctors use for their EHR software. This is where high engineering and security standards come into play.

Your previous deleted post compared hacking this to a constructive proof of P=NP. Are you kidding me?

>This is where consent comes into play.

Oh please. Having a buried setting isn't consent, since there are a million settings to disable. Besides, if and when these things are hacked, it's easy to turn on.

>Today, a lot of people have already consensually downloaded their healthcare provider's patient portal app

An automatic opt-out scanning system on a massive amount of phones, where all the data is in a standard place on a phone, isn't comparable to an unknown amount of people downloading unstructured data to their phones and keeping an unknown amount of it.

I can't keep responding to this thread. The following is what I said in the beginning of it.

> we need to set high standards for engineering, security, user consent, and privacy expectations for companies working in this area