Health App GPS/Location Data (healthdb_secure.sqlite)
Location
HealthDomain/Health/healthdb_secure.sqliteDescription
Encrypted SQLite database storing Apple Health data including workout route GPS coordinates, step count timestamps, heart rate readings with location context, and activity data from the Health app and connected fitness devices. Workout routes contain detailed GPS tracks with latitude, longitude, altitude, speed, and timestamps recorded at frequent intervals during exercise activities.
Forensic Value
Health data provides granular location tracking through workout GPS routes that record the precise path traveled during exercise activities with timestamps at sub-minute intervals. Step count and activity data with timestamps corroborate or contradict claims about the user physical location and activity level at specific times. Heart rate data may indicate stress responses correlating with specific events. The health database often contains months or years of historical data due to its large storage allocation. This artifact is frequently overlooked in investigations but can provide location and activity evidence that no other artifact captures.