Skip to main content
All articles
Healthcare
7 min read

GPS in Your Photos: What You're Sharing Without Knowing

Modern smartphones embed GPS coordinates, device identifiers, and timestamps in every photo. Here's what that means for healthcare professionals, journalists, and anyone sharing images.

A scenario

A clinical documentation manager at a regional hospital takes a photo of a wound for a patient's medical record. The photo is clear, well-lit, and clinically useful. She emails it to a colleague at another facility for a second opinion.

The photo arrives with the following data embedded in its EXIF metadata:

  • GPS coordinates: 38.8977° N, 77.0365° W (accurate to within 3 meters — the exact wing of the hospital)
  • Device model: iPhone 15 Pro Max
  • iOS version: 18.2
  • Capture timestamp: 2026-02-14 09:47:23 EST
  • Altitude: 42 meters above sea level
  • Camera settings: f/1.78, ISO 50, 1/120s
  • Lens: iPhone 15 Pro Max back triple camera 6.765mm f/1.78
  • Software: 18.2
  • Thumbnail: A 160x120 pixel preview of the full image

None of this data is visible when viewing the photo. All of it is readable by anyone who receives the file.

The GPS coordinates identify the hospital. The timestamp identifies when the patient was being treated. Combined with other context, this metadata could contribute to a HIPAA violation — not because the photo shows the patient's face, but because the metadata reveals the location and timing of care.

What EXIF data is

EXIF — Exchangeable Image File Format — is a standard for storing metadata inside image files. It was created in 1995 by the Japan Electronic Industries Development Association to help camera manufacturers store technical settings alongside photographs.

Every digital camera and smartphone writes EXIF data into every photo it captures. This includes:

Location data

  • GPS latitude and longitude: Precise coordinates, often accurate to within 1-5 meters on modern smartphones
  • GPS altitude: Height above sea level
  • GPS timestamp: The UTC time when the GPS fix was recorded
  • GPS processing method: How the coordinates were determined (GPS satellite, cell tower triangulation, Wi-Fi positioning)

Device identification

  • Camera make: Apple, Samsung, Google, Canon, Nikon, etc.
  • Camera model: iPhone 15 Pro Max, Galaxy S24 Ultra, Pixel 9 Pro
  • Serial number: Some cameras embed the device serial number (unique per device)
  • Lens model: The specific lens used
  • Firmware version: The exact software version on the device

Capture settings

  • ISO, aperture, shutter speed: The exposure triangle settings
  • Flash: Whether flash was used
  • White balance: Color temperature setting
  • Focal length: Zoom level used
  • Metering mode: How the camera measured light

Timestamps

  • Date/time original: When the shutter was pressed
  • Date/time digitized: When the image was written to storage
  • Date/time modified: When the file was last changed

Embedded content

  • Thumbnail image: A small preview of the photo, often embedded as a separate JPEG inside the EXIF data. If you crop a photo to remove something from the edges, the thumbnail may still show the original uncropped image.
  • IPTC data: Author name, copyright holder, caption, keywords
  • XMP data: Extended metadata that can include editing history, software used, and custom fields

What phones record by default

iPhone (iOS)

By default, iPhones embed GPS coordinates in every photo when Location Services is enabled for the Camera app. This is the default setting for most users. The GPS is precise — Apple uses a combination of GPS satellites, cell towers, and Wi-Fi access points to achieve accuracy within 1-5 meters.

iOS also records the device model, iOS version, camera settings, and timestamps. The serial number is not typically embedded in photo EXIF data by default on recent iOS versions, but the device model is always included.

To disable GPS in photos on iPhone: Settings > Privacy & Security > Location Services > Camera > Never. This is a per-app setting, not a system-wide toggle, and most users never change it.

Android

Android behavior varies by manufacturer and version. Most modern Android phones embed GPS coordinates by default when location permission is granted to the camera app. Samsung, Google Pixel, and OnePlus devices all include GPS, device model, and camera settings.

Some Android camera apps include a visible "Location tag" toggle in the camera settings. Others bury it in the app permissions. The default is usually "on."

DSLR and mirrorless cameras

Professional cameras (Canon, Nikon, Sony, Fuji) typically do not have built-in GPS. However, many connect to a smartphone app that can geotag photos, and some higher-end models include GPS modules. Canon EOS R5, for example, has built-in GPS.

These cameras always record extensive camera settings, serial numbers, and lens information in EXIF data.

Real-world risk scenarios

Healthcare: PHI through the back door

The Health Insurance Portability and Accountability Act (HIPAA) defines 18 categories of Protected Health Information (PHI). Geographic data smaller than a state is one of them. A photo's GPS coordinates identifying a hospital or clinic can, in combination with other information, constitute PHI.

When healthcare professionals share clinical photos — wound documentation, equipment setup photos, facility images — the EXIF metadata can reveal the facility location, the exact room or wing (via altitude and precise GPS), and the timestamp of the encounter.

HIPAA's Safe Harbor de-identification method (45 CFR §164.514(b)(2)) requires removal of "all geographic subdivisions smaller than a state." GPS coordinates in an image are exactly the kind of geographic data that must be removed for de-identification.

Journalists: Source protection

Photojournalists and reporters working with confidential sources face a specific EXIF risk. A photo taken at a source's location embeds GPS coordinates that identify where the source met the journalist. If the photo is published or shared without EXIF removal, the source's location is compromised.

This applies to photos of documents, photos of locations, and even photos taken for reference that are never intended for publication. The EXIF data exists regardless of the photo's purpose.

Domestic violence survivors: Location tracking

For individuals in protective programs or fleeing domestic violence, location data in photos is a direct safety threat. A photo shared on social media, sent to a friend, or uploaded to a platform that does not strip EXIF data can reveal the subject's current location to an abuser.

Major social media platforms (Facebook, Instagram, Twitter/X) strip EXIF data on upload. But messaging apps, email, cloud storage services, and forums may not. The behavior varies by platform and is not consistently communicated to users.

Real estate: Client address exposure

Real estate photographers share property images with agents, listing services, and marketing platforms. The GPS coordinates in these photos identify the exact property address — which may not be a concern for listed properties, but becomes sensitive for off-market properties, pre-listing preparation photos, or photos of a seller's occupied home.

Academia: Research participant privacy

Researchers conducting field studies, ethnographic research, or studies involving human subjects may take photos as part of their data collection. If those photos contain GPS coordinates, they can identify the research site, the participant's location, or the community being studied.

Institutional Review Boards (IRBs) increasingly require de-identification of all research data, including image metadata. The EXIF GPS coordinates in a field study photo are research data that requires the same de-identification treatment as any other personally identifiable information.

How to check what's in your photos

macOS

Right-click the photo > Get Info > More Info > expand the sections. Or open in Preview > Tools > Show Inspector > the "i" tab shows EXIF data including GPS coordinates.

Windows

Right-click the photo > Properties > Details tab. GPS coordinates are listed under the GPS section if present.

iOS

Open the photo in the Photos app > swipe up or tap the "i" icon. The map showing where the photo was taken is generated from the embedded GPS coordinates.

Android

Open the photo in Google Photos > tap the three-dot menu > Details. GPS coordinates and device information are displayed.

Online tools

Various free online EXIF viewers exist. However, uploading a photo to a web-based EXIF viewer means sending the photo to a third-party server — which may defeat the purpose if the photo contains sensitive content.

Why manual removal is unreliable

Removing EXIF data manually is possible but fragmented:

  • macOS Preview: Can remove some EXIF data via Export, but the behavior varies by format and version. No verification step.
  • Windows Properties: The "Remove Properties and Personal Information" dialog can strip some fields, but not all EXIF data — XMP and IPTC fields may persist.
  • Mobile: iOS and Android do not provide native tools for EXIF removal. Third-party apps are required.
  • Command-line tools (ExifTool): Powerful and comprehensive, but requires technical expertise and manual execution per file.

The common problem across all manual approaches is the absence of verification. After removing EXIF data manually, how do you confirm it worked? You would need to re-inspect the file with a separate tool — and if the tool you used for removal missed a field, the tool you use for inspection might miss it too if it reads the same subset of tags.

A structural approach

Reliable EXIF removal requires three steps:

  1. Parse: Read all metadata fields in the image — EXIF, IPTC, XMP, thumbnails, maker notes, GPS subitags.
  2. Remove or replace: Strip the identified fields. For use cases where empty metadata looks suspicious (e.g., a professor sharing images in a presentation), replace with plausible synthetic values.
  3. Verify: Re-parse the output file and confirm that the targeted fields are no longer present. Check the thumbnail separately — it is a distinct embedded image with its own metadata.

The verification step matters because different EXIF parsers read different subsets of tags. A tool that removes EXIF tags and then verifies by re-reading with the same parser may miss tags it never reads in the first place. Verification with a comprehensive tag reader catches what the removal step might have missed.

Purgit strips GPS coordinates, device identifiers, timestamps, and all EXIF metadata from JPEG, PNG, and HEIC photos. Every removal is verified by re-scanning the output. Your photos, without the data you didn't mean to share.

[Scan a File Free]

Scan before you share.

Try Purgit free — no account required.

Scan a File Free