A large amount of sensitive data is typically stored on smartphones. In combination with wearables and other smart diagnostic devices, smartphones also receive fitness and health data, which can provide detailed information about the user’s health status. Modern smartphone operating systems offer a central interface for storing and retrieving these data so that they can be shared and analysed more easily. However, due to the abundance of personal data stored, data protection and security are of utmost importance. This report uses the example of the new Health Connect programming interface available on Android to show what steps are necessary for an application to access the centrally stored fitness and health data. It also shows what influence users have over access to their data and what security provisions are in place.