Community Health Workers (CHWs) have been usingMobile Health Data Collection Systems (MDCSs) for supportingthe delivery of primary healthcare and carrying out public healthsurveys, feeding national-level databases with families’ personaldata. Such systems are used for public surveillance and to managesensitive data (i.e., health data), so addressing the privacy issuesis crucial for successfully deploying MDCSs. In this paper wepresent a comprehensive privacy threat analysis for MDCSs,discuss the privacy challenges and provide recommendationsthat are specially useful to health managers and developers. Weground our analysis on a large-scale MDCS used for primarycare (GeoHealth) and a well-known Privacy Impact Assessment(PIA) methodology. The threat analysis is based on a compilationof relevant privacy threats from the literature as well as brainstormingsessions with privacy and security experts. Among themain findings, we observe that existing MDCSs do not employadequate controls for achieving transparency and interveinability.Thus, threatening fundamental privacy principles regarded asdata quality, right to access and right to object. Furthermore, itis noticeable that although there has been significant research todeal with data security issues, the attention with privacy in itsmultiple dimensions is prominently lacking.