Seemingly in response, the FDA, FTC, and Office of the National Coordinator (ONC) released a web-friendly guide to mobile app regulation (the web site here, article about it at RAPS, here).
The multi-agency website, housed at the FTC, will not solve all problems but provide a fast orientation to the major issues. A binary of questions/answers guides the reader through need-to-know bullet points on HIPAA, FDA, and FTC issues. (The FTC has a "sister website" with more detail on its issues, here).
The ten sequenced questions are:
- Do you create, maintain, or transmit identifiable health information?
- Are you a healthcare provider or health plan?
- Do consumers need a prescription to access your app?
- Are you developing this app on behalf of a HIPAA covered entity (hospital, doctor, payer, health plan wellness program)?
- Is you app intended for use in the "diagnosis of disease or other conditions or in the cure, mitigation, treatment, or prevention of disease?"
- Does your app pose a "minimal risk" to the user?
- Is your app a "mobile medical app?" [e.g. measure glucose]
- Are you a non profit organization?
- Are you developing this app on behalf of a HIPAA covered entity? [Same as question 4, but you would reach it in a different setting.]
- Do you offer health records directly to consumers, or interact with someone who does?
Simply making the questions simple does not make the answers simple (e.g. defining medical risk or defining what is "clinical" decision support) but the agencies should be applauded for the coordination and effort. It's definitely a big advance beyond a newbie otherwise facing thousands of pages of unfocused websites, documents, rulemaking, and guidance.
It's interesting to think of other settings where this user-friendly type of web interface could apply.