It is nobody's business but yours if you use this testing system. You may DECIDE to send the data to a professional as part of your health discussion, but it's YOUR CHOICE. If you do send these data then it's still nobody else's business, just between you and this professional.
The simplest way to ensure that nobody can see your medical data is not to store your name or email or anything like that (Personal Identification) in the database. It is better not to collect this information at all. This is the policy we use at TeleSonoUroflow, there is no place to gather your email or name etc.
We take advantage of the fact that you control your phone, its in your pocket. The data is stored on your phone using random Identifier which we compute exactly once out of thin air. Effectively the button "Send data to your doctor" sends all your urination data from your phone to a temporary database (using the randomId as a key). The database is periodically deleted leaving only the last few days. You have to add your name and phone number so the doctor can discuss and review your data with you, otherwise she will not know who you are. The only use for your email is to send you a link to the data on this temporary database, an exact copy of what the app sends to the doctor, when you press "Send data to your doctor". We do not keep your email or doctor's email either, on your phone or on the TeleSonoUroflow database.
During development we currently have a copy of the anonymous data on a table in the TeleSonoUroFlow database. This is used only for the following two purposes.
To find out how many people use the app,
To allow the developer to review user's data without any user personal identification.
It is planned to remove this database copy of the data when the app goes live, it serves no purpose in the functions of the app.
The TeleSonoUroFlow app is completely Anonymous. This presents difficulties in demanding payment as you might imagine. We aim to collect a small sum from many thousands of users when you send your data to your doctor: Telemedicine. You will need to pay this small sum through In-App Payments which does not tell anyone outside Google the identity of purchasers.
Nobody knows who you are, except your doctor if you tell him, and we do not know who your doctor is either!