The Federal Trade Commission (FTC) announced a new web based multi-agency interactive tool to streamline the compliance process for mobile health app developers some three weeks ago. The tool helps in training the app developers on various rules and regulations regarding health information systems. Furthermore, to incorporate greater security and ensure users’ privacy, the FTC issued a new publication that guides developers on incorporating better privacy and security measures into the health apps they develop.
These laws were set in accordance to Health Insurance Portability and Accountability Act (HIPAA), Federal Trade Commission (FTC) Act, Federal Drug and Cosmetics (FD&C) Act and FTC’s Health Breach Notification Rule. According to FTC’s press release, only those apps that provide health information or help in diagnosing diseases need to follow these guidelines. HIPAA rules are responsible for protecting the privacy and security of health information systems and require users to provide notifications when there are security breaches.
The FDA enforces the FD&C Act, which regulates the safety and effectiveness of medical devices and mobile medical apps. The FDA focuses on those mobile medical and health apps that put users at a greater health risk by misinforming them or delaying health information. The FTC enforces the FTC Act which prohibits deceptive or unfair acts or practices followed in business, to prevent monopoly or unfair advantage to a certain business commodity. If an app misinforms users about the apps performance or data security, the app developers are breaking the law and the FTC’s Health Breach Notification Rule will require them to provide notifications following breach of personal health record information.
Medical Apps Are Different From Health Fitness Apps
FTC looks to distinguish medical apps from other health and fitness apps. According to FTC, fitness apps are those apps that are intended to be used in place of a regulated medical device. The heart rate monitor in some Samsung phones or the cardio watches to determine the heart rate during activity are health fitness devices. On the other hand, certain medical apps like the EkoCore mobile app, that is used to view heartbeats recorded with the EkoCore stethoscope, is a medical app.
Mobile health apps are the latest trend to emerge from the world of health information technology and this trend is going to grow exponentially over the coming years. More and more individuals are using mobile health apps for self-diagnosis or using them in conjunction with some medical devices. It is estimated that by 2020, the global market share for mobile health apps is going to expand to $49 billion. So this is just the start for such guidelines being implemented and mobile health app developers are going to face even more scrutiny from such agencies.
Guidelines Are For Consumer Protection
The Director of the FTC’s Bureau of Consumer Protection stated, “Mobile app developers need clear information about the laws that apply to their health-related products,” and “by working with our partner agencies, we’re helping these businesses build apps that comply with the law and provide more protection for consumers.”
The interactive tool is just a simple questionnaire that asks 10 yes or no questions. By answering these questions, the compliance process becomes really efficient. The questions target the authenticity of the prescribed medical source: status of the app maker regarding health care information provision, the void in the health sector that will be filled, the number of doctors or HIPAA compliant people working together to make the app, the app’s function is diagnosis or cure, the minimal risks to the user, the dependence of app on a mobile, the affiliation of the app makers and the transparency mechanism in the health records for the app.
According to FDA, minimal risk refers to apps that help users manage their diseases without providing specific treatment procedures and provides easy access to information relating to their symptoms and diagnoses without need for an intermediary assistance from a healthcare provider. It should also help users effectively communicate such information to the healthcare providers.
The main focus of these guidelines is to secure and clearly identify health information. Health information is all the data including both past and present diagnoses, prescriptions and health records that could be used to predict future diagnoses and use patient demographics to quickly identify future symptoms.