Anyone who holds the private key to Apple's website can do some malicious stuff to Apple. Does the existence of this "back door" mean that "everyone can" use it? Absolutely not.
Every time you hand your credit card to someone you are placing your trust in them. If they violate this trust, they are liable for it. Why is this case any different?
The idea of PCI compliance (protecting your financial information) and similarly protection of your healthcare files is no different. It is extremely unlikely that someone will break in, and even less likely that someone will target your specific phone. You are crying foul about something of no practical importance.