News | Mobile Devices | April 25, 2016

FTC Creates Compliance Tool for Mobile Health App Developers

Tool and related business guidance designed to help developers stay compliant with federal and state privacy regulations

mobile health apps, FTC, compliance tool, business guidance, privacy

April 25, 2016 — The Federal Trade Commission (FTC) announced that it has created a Web-based guidance tool for developers of health-related mobile applications (health apps). FTC did not take this action alone, but rather developed the tool in conjunction with the Department of Health and Human Services’s (HHS) Office of the National Coordinator for Health Information Technology (ONC), Office for Civil Rights (OCR), and the U.S. Food and Drug Administration (FDA). 

FDA released a seminal guidance document on mobile medical apps early last year.  In its guidance document, FDA addresses, among other things, those apps it intends to regulate as medical devices under the Federal Food, Drug, and Cosmetic Act (FD&C Act) and those for which the agency intends to exercise its enforcement discretion. OCR has also recently issued guidance in this area, providing examples of scenarios where the Health Insurance Portability and Accountability Act (HIPAA) regulations might apply to health information created, managed or organized through the use of health apps.

The FTC’s new health apps tool asks developers a series of high-level questions about the nature of the app, including questions about its function, the data it collects and the services it provides to users.  These questions include the following:

  • Do you create, receive, maintain or transmit identifiable health information?;
  • Are you a healthcare provider or health plan?;
  • Do consumers need a prescription to access your app?;
  • Are you developing this app on behalf of a HIPAA-covered entity?;
  • Is your app intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment or prevention of disease?;
  • Does your app pose “minimal risk” to a user?;
  • Is your app a “mobile medical app”?;
  • Are you a nonprofit organization?; and
  • Do you offer health records directly to consumers (or do you interact with or offer services to someone who does)?

Based on the answers to these questions, the tool will point the app developer toward detailed information about certain federal laws that might apply to the app, including the FTC Act, the FTC’s Health Breach Notification Rule, HIPAA and the FD&C Act.

Simultaneous with the release of the guidance tool, the Commission also issued a business guidance aimed at helping health app developers comply with the FTC Act by building privacy and security into their apps. Beyond the laws identified above, FTC notes in its business guidance that health apps could be subject to, among other things, the Children’s Online Privacy Protection Rule; the Gramm-Leach-Bliley Act’s Safeguards Rule and Privacy Rule; myriad state laws; and basic truth-in-advertising and privacy principles.

Given the proliferation of health apps, developers can expect increasing federal and state scrutiny over these products.  The veritable alphabet soup of potentially-applicable laws require that developers maintain a sophisticated understanding of both existing requirements and new requirements that are sure to come online over the coming months and years.

For more information: www.venable.com

Related Content

Digital mHealth advances like wearable heart monitors, use of smartphone apps and artificial intelligence will reshape the standard of care in the coming years according to three recent JACC articles.

Digital mHealth advances like wearable heart monitors, smartphone apps and artificial intelligence will reshape the standard of care in the coming years according to three recent JACC articles.

Feature | Information Technology | June 05, 2018
June 5, 2018 — The future of cardiovascular care will be transformed by advances in artificial intelligence, digital
Lumedx Demonstrates Advanced Analytics at HIMSS18
News | Information Technology | February 20, 2018
February 20, 2018 – LUMEDX Corporation, a top cardiovascular data intelligence company, will show off the latest in a
ACC Unveils Innovation Roadmap for Future of Healthcare Delivery, the future of cardiology.
News | Information Technology | January 09, 2018
In a new health policy statement, the American College of Cardiology (ACC) identifies how to best support healthcare...
Nuance Restores Service to Majority of eScription Clients Following Malware Incident
News | Information Technology | July 28, 2017
Nuance Communications Inc. provided an update on its restoration process following the previously reported June 27,...
News | Information Technology | May 11, 2017
McKesson Imaging & Workflow Solutions, an industry leader in providing healthcare IT and imaging solutions, is...
ECRI Institute, top 10 patient safety concerns, 2017 report, information technology, healthcare
News | Information Technology | March 24, 2017
Safe implementation of new technologies and therapies accompany classic patient safety challenges on ECRI Institute's “...
Frost & Sullivan, Healthcare Industry Outlook 2017 analysis, information technology, healthcare IT
News | Information Technology | March 08, 2017
Despite global political uncertainties and a sluggish economic outlook for 2017, the global healthcare industry is set...
Mercy, HIMSS 2017, Enterprise Davies Award, health information technology
News | Information Technology | February 21, 2017
Mercy, the fifth largest Catholic healthcare system in the nation, was named a 2016 Healthcare Information and...
Frost & Sullivan, 18 technologies, growth opportunities, global healthcare, information technology, 2025
News | Information Technology | January 16, 2017
Frost & Sullivan has released a new report, “Vision 2025 – Future of Healthcare,” part of the company’s Advanced...
ACC, American College of Cardiology, Google search, heart conditions, Health Knowledge Graphs
News | Information Technology | September 23, 2016
A Google search for heart conditions will now prominently display important questions patients should ask their doctor...
Overlay Init