It would be the doctor violating HIPAA by allowing the app to upload the data. They’re held to a higher standard than the standard person; that doesn’t mean they know more or are more careful, but they’re supposed to be.
It would probably be a violation for the data to be on the phone in the first place. Your name and phone number alone are not Protected Health Information (PHI), the doctor would have to be texting with the patient about their health (or demographic information) which I’m sure is not considered a sufficiently confidential medium.
