On Tuesday, April 5, the Federal Trade Commission (“FTC”) released a new web-based tool for developers of health-related mobile apps. The tool asks mobile application developers questions about the mobile app’s function, the type(s) of data that the app collects and the service(s) that the app offers to end-users. The new tool then guides mobile app developers to federal laws that may apply to the mobile app, including the Health Insurance Portability and Accountability Act; the Federal Food, Drug, and Cosmetic Act; and the FTC Act, the FTC’s Health Breach Notification Rule.
According to the Food and Drug Administration (“FDA”), an estimated 500 million smartphone users worldwide used mobile health apps in 2015, and by 2018, 50 percent of the more than 3.4 billion smartphone and tablet users will have downloaded mobile health apps. The FTC hopes that these new tools will enable mobile app developers to access tips for how to protect consumers’ privacy and data generated by mobile apps.
The release of the FTC’s tool follows guidance from the FDA in February 9, 2015 on how the agency determines whether something is considered a mobile medical app. That guidance sought to identify the types of apps that FDA intends to oversee actively and includes specific examples of mobile apps that the FDA considers mobile medical devices. The FDA’s website indicates that it intends to take a tailored, risk-based approach on mobile app regulation, focusing on the smaller subset of mobile apps that meet the regulatory definition of “device” and that: (1) are intended to be used as an accessory to a regulated medical device; or (2) transform a mobile platform into a regulated medical device.
Entities that are developing mobile apps, including hospitals and medical providers, should pay special attention to this guidance.