The US Food and Drug Administration (FDA), the Federal Trade Commission (FTC) and other regulators are looking to help health-related mobile application developers comply with the Federal Food, Drug and Cosmetics Act (FD&C Act) and other applicable laws.
As part of that compliance push, FTC on Tuesday released a new web-based tool for developers of health-related mobile apps.
The tool asks developers a series of high-level questions about the app’s function, the data it collects and the services provided to users. Based on those answers, the tool will point the app developer toward detailed information about certain federal laws that might apply, including the FTC Act, the FTC’s Health Breach Notification Rule and the Health Insurance Portability and Accountability Act (HIPAA).
FDA has already said it’s focusing its regulatory oversight on a small subset of mobile apps that may impact the performance or functionality of currently regulated medical devices or may independently pose a risk to consumers if they don’t work as intended.
Mobile medical apps that undergo FDA review will be evaluated and classified according to the same regulatory standards and risk-based approach that the agency applies to other medical devices, the agency said.
“As the number of mobile health products available today continues to rise, it’s important to clarify for developers how FDA and other agencies’ regulations would apply to their app,” said Bakul Patel, associate director for digital health in the FDA’s Center for Devices and Radiological Health. “This effort is part of the FDA’s continued commitment to protecting patient safety while encouraging innovation in digital health.”
The sections of the app dealing with FDA regulations note that companies looking to determine if they are developing a mobile medical app should look to Section V.A. and Appendix C of FDA’s Mobile Medical Applications Guidance for Industry and Food and Drug Administration Staff [PDF], which include examples of mobile apps that are the focus of FDA’s regulatory oversight.
“If you have further questions in determining whether your app is a medical device, email email@example.com(link sends e-mail) or contact the FDA via Device Advice: Comprehensive Regulatory Assistance; CDRH Division of Small Manufacturers, International and Consumer Assistance (DSMICA),” FTC says.
Other Laws, Regs
In addition, FTC simultaneously released its own business guidance aimed at helping health app developers comply with the FTC Act, by building privacy and security into their apps.
The FTC Act also prohibits deceptive or misleading claims to consumers and companies engaging in acts or practices that cause, or are likely to cause, substantial injury to consumers that they cannot avoid, and that do more harm than good.
Some apps also might have to comply with the HIPAA Privacy Rule, which requires appropriate safeguards to protect the privacy of identifiable health information and sets limits and conditions on the uses and disclosures that may be made of such information without consumer authorization.
The rule also gives consumers rights over their health information, including rights to examine and obtain a copy of their health records, as well as to direct the covered entity to transmit their health information directly to a person or entity of their choosing, such as a mobile health app.
Mobile Health Apps Interactive Tool