Latest

Tech Law Blog

What’s App? – End of Year Round-up on mHealth App Developments

18 December 2019

An Irish Times special report estimates that over seven million patients worldwide are actively using digital health apps as part of their care plan. The availability of remote and mobile healthcare solutions relating to fitness, wellbeing, health and medical treatment could be life-changing for those living in countries lacking easy access to medical care.

Advantages of mHealth apps include streamlining the exchange of health information and a better user experience. From a data perspective, apps can use big data to analyse unstructured data and identify patterns and environmental factors that will improve patient treatment.

Government adoption

With this in mind, many governments are encouraging the uptake of mHealth apps.

In the UK, the NHS website has a digital library showcasing mHealth apps. It lists mHealth apps that have been deemed as clinically safe. The functionality of the apps is varied and provides services like repeat prescriptions services, speech and language therapy, and instant access to medical records. Patients can even use certain apps to monitor their conditions such as diabetes.

The HSE in Ireland is following the lead of the NHS. It is working with Orcha, a company that reviews health apps, to provide an Irish eHealth app library that lists apps reviewed by Orcha.

Orcha assesses mHealth apps’ data use policies and compliance with relevant standards. It rates the app out of a maximum score of 100, with a lower score indicating that there may be issues that the user should investigate before using the app. Clinical assurance and user experience are also rated to help users and clinicians compare mHealth apps.

The Irish eHealth app library to date lists over 700 mHealth apps. The HSE points out that the library is a tool for users to identify and compare apps themselves but it is not intended to promote or recommend any particular app.

Other developments

Other recent developments in the mHealth sector include:

  • A WhatsApp style messaging app developed by junior doctors that the developers claim could save the NHS £44m a year. The app helps NHS workers exchange patient information, make clinical decisions, manages their workload in a legally compliant forum and removes the need for pagers. Currently more than 100 NHS hospitals and care commissioning groups in the UK are using the app.

  • An app that monitors children’s temperature. It uses a patch to wirelessly monitor the baby’s temperature and sends alerts to smartphones. Unlike a typical thermometer, children do not have to be woken from their sleep to obtain temperature readings.

  • Tablets with micro ingestible sensors embedded in the pills that can alert smartphones when the pills touch the stomach lining of patients. The developers believe this could be useful for the treatment of mental illnesses if medication compliance is proving difficult. It could also be an invaluable tool for pharmaceutical companies or medical institutions to record timings of ingestion of medications during clinical trials.

  • A device and accompanying app that takes ECG recordings via electrodes. The AI system of the software performs an automatic analysis and informs the patient of their heart rhythm. This data can then be sent directly to the patient’s clinician for further analysis and consultation. The product has already launched in the UK.

  • A skin mapping app that incorporates AI technology. The app is designed to detect new moles or marks on the skin. These are one of the most common warning signs of melanoma and early detection can improve the success rate of treatment.

  • Adia Health provides at-home finger prick fertility blood tests, a preconception plan to help improve fertility health and access to fertility specialists remotely.

At a broader level, technologies like blockchain, the Internet of Things and AI / augmented reality are taking mHealth to the next level.

Despite this, the technological advancement and wider adoption of mHealth apps brings important legal responsibilities. From a medical standpoint, mHealth apps can be very useful, but they can never replace the advice of someone’s own clinician.

Regulatory considerations

Depending on their functionality, some mobile apps and standalone software may fall within the definition of a ‘software medical device’. Any mHealth app deemed to be a software medical device will be subject to onerous obligations regarding safety, compliance and post market surveillance.

You can read more about the compliance and liability aspects of mHealth apps and upcoming changes to the law in our recent articles: ‘When is a Health and Fitness App not just an App? and Diagnosis on Demand: Potential of Healthcare Apps.

Health data and data protection

Earlier this year, the British Medical Journal warned that popular mHealth apps may not be keeping personal data about medical conditions confidential and users may not be aware of how the data they provide on these apps is being shared.

In Ireland, mHealth apps must comply with laws like the General Data Protection Regulation (GDPR) and the Irish Data Protection Acts 1988 - 2018. The Data Protection Acts transpose into Irish law the EU’s Law Enforcement Directive and adopt specific rules to regulate the processing of personal data for the purposes of health research.

At a basic level, mHealth apps that process personal data revealing information about an individual’s health will attract more stringent data protection obligations as this data is ‘special category data’ under data protection law. Processing any special category data is only allowed in the limited circumstances set out in Article 9 of the GDPR.

As the vast majority of mHealth apps are designed to operate online they are vulnerable to cyber-security threats. The GDPR make it essential for a data controller to adopt robust security practices for personal data, which may include pseudonymising or encrypting it.

Code of Conduct on privacy for mHealth apps

The Code of Conduct on privacy for mHealth apps aims to regulate and secure the personal data gathered by mHealth apps and promote trust among users. The Code has not yet been approved and the European Commission is working with industry stakeholders to encourage the further development of the current draft Code.

What the future holds

There have been many new developments in 2019 in the mHealth app sector. It is reassuring that governments are encouraging more widespread adoption of digital healthcare solutions by healthcare practitioners and individuals. However, if mHealth apps are to truly flourish, individuals must trust the mHealth industry and how it is regulated.

Many mHealth apps have access to vast amounts of sensitive health information. There are important data protection implications if special category data relating to individual’s health is collected and processed. Given the increased privacy and security risks, tech companies and app developers must be aware of the data protection laws and ensure they are complying with them. From a transparency perspective, they should also ensure users are aware of how the data they provide on mHealth apps is being shared.

From a regulatory point of view, it would be prudent for tech companies and app developers to determine if an app is a software medical device. If so, they should ensure they are meeting their obligations regarding safety, compliance and post market surveillance and keep up to date with regulatory changes due to take effect next year.

We also hope 2020 brings progress in finalising the draft Code of Conduct on privacy for mHealth apps that will set out practical guidance for app developers on data protection principles when developing mHealth apps.

If you have queries onthe above, please contact our Technology and Data Security or our Healthcare & Medical teams.


The content of this article is provided for information purposes only and does not constitute legal or other advice.

Discuss your related queries now with Mark Adair.

Mark_Adair_(Web_153x230).jpg