(no title)

It depends on whether it's end-to-end encrypted or not. Unfortunately only some iCloud data is, not all of it (nor is there an option for all of it), but they have been slowly expanding the magic circle there. Health data is a recent addition actually, according to Apple's iCloud security page (HT202303) it is E2E as of iOS 12. Before that it presumably would have been available via warrant, but if someone has all their current devices updated it shouldn't be. Looks like the current full list is:

  Home data
  Health data (iOS 12+) 
  iCloud Keychain
  Messages in iCloud
  Payment information
  Quicktype Keyboard learned vocabulary (iOS 11+)
  Screen Time
  Siri information
  Wi-Fi network information

One odd and notable exclusion though is iCloud Backups. If you use that feature, at least from what I can tell it can actually compromises the E2E of some of the others since keys are stored as part of the backups. I guess Apple considers backups to be more important to the general population to have fallbacks for, but it's also a big privacy hole and I still consider it a bummer that they don't at least have an option to not store keys with Apple there and just have it be an encrypted blob (with UI for printing out recovery keys and such of course, but they've long had that for FileVault already).

Also worth noting that Apple's overall scheme for multi-factor and general Apple ID auth and management remains an irritating worrying clusterfuck, but at least there have been some ongoing improvements I guess.