Today, I discuss
who is responsible for keeping health apps from harming you, in Part
II of my Q&A with Paul Nerger, Senior Technology Advisor for the mobile
health application management company Happtique. (Part I explained who uses and develops health apps).
How are health apps regulated
to ensure that they are safe and accurate (both stand-alone apps and those that
connect to a medical device)?
There are guidelines that have been proposed by the Food and Drug
Administration (FDA) for the approval of some apps; we estimate that this will
be no more than 20% of the apps that are out there. These will be classified as
Type I (non-invasive), Type II (semi-invasive), and Type III (invasive), and
each has its own approval criteria. Type I is a self registration while the
other categories require clinical trials to prove that they do no harm and are
effective. [Information about how the FDA defines mobile medical applications
is available
online.]
But what about the other 80%? That is what our customers have been
asking us. If there is a bogus app within this category, the Federal Trade
Commission (FTC) has shown that they are willing to exercise their power to
have it pulled off the market using "false advertising" as the
rationale. [Mashable includes a health app in a list of app developers that the FTC prosecuted in 2011]. But this is also a very small percentage.
In response to this, we've come up with a Blue Ribbon Panel that
is made up of a leading physician, a leading nurse, a leading medical technologist,
and a leading patient advocate to develop a protocol for the certification of
apps as being medically sound within their category. They are currently
drafting the process and protocols that will be followed to do this
certification. Once they are done, we will put in place a mechanism to allow
developers to upload their apps for certification and to receive feedback on
what they can do to improve their apps to meet the criteria. Once an app is
certified, they will be granted a license to use a "trust mark" for
the promotion of their apps. This mark will signal to both clinicians as well
as patients that this app is safe and sound.
This is a big job but it is one that needs to be done and we are
in hopes of having something out in about 4 months.
How secure is the
digital medical information collected via health apps? What security measures
protect this digital medical information?
Private health information that is shared with your physician or
any other healthcare provider is covered under the privacy aspects of the Healthcare Insurance Portability and
Accountability Act (HIPAA). There are a number of technical requirements
that an app developer must ensure if they fall within the HIPAA domain. As part
of our certification process, we will examine how the app functions, and if it
falls within the HIPAA privacy requirements we will assess if the app complies
with those technical needs. If an app developer falls under HIPPA privacy but
fails to meet the requirement, we will notify them and explain it to them.
Can you explain the
process that Happtique will use to rate different health apps?
We are not going to rate apps but rather certify them. In our app
stores that we make available to hospitals, clinicians, and patients, we will
allow them to rate and comment on apps, but the certification process is
independent of that. Thus, when we discover an app (either because it is sent
to us or we find it in one of the public app stores) we will first classify it
by placing it in the right categories to allow our end users to find it. They
will then rate the apps based upon their experience and we will segment those
rating based upon what type of audience that they make up. Finally, for those
developers who want to be certified, we will make that available for a fee and
they will need to provide us with access to their app.
We are doing curation right now and it is available to clinicians
who sign up at our website at www.happtique.com. The ratings engine is also turned on and
anyone with our catalog app running on their devices can start rating apps.
1 comment:
Great idea, when are you going to publish your criteria for certification? Are you planning to cover Security on the app as well as transmission and off-app storage?
Jeff Brandt
Post a Comment