Wave of the Future: Government Releases New Tool to Aid Medical App Developers Comply with HIPAA

This month, the Department of Health and Human Services (HHS), the Food and Drug Administration (FDA), the Office of the National Coordinator for Health Information Technology (ONC), and the Federal Trade Commission (FTC) released an interactive tool entitled the “Mobile Health Apps Interactive Tool.” The tool is designed to help medical mobile app developers identify the federal law(s) that apply to collecting, storing, and sharing individually identifiable consumer health information.

The automated ten-step survey of questions serves as an easily digestible, quick reference guide which helps app developers understand when the Health Insurance Portability and Accountability Act (HIPAA) comes into play, whether their app is subject to regulation as a medical device by the FDA, and provides notice of several other requirements under the FTC Act or FTC’s Health Breach Notification Rule. Specifically, based on the developer’s response to a particular question, the tool provides a short synopsis of applicable law and links to additional information from the appropriate federal agency.

While this tool aims to provide simple guidance for the modern age, users will need a basic understanding of relevant regulatory principles for this tool to be effective. Thus, developers should we wary that this tool simply serves a starting point to raise awareness of potential federal compliance obligations. The recent increase in regulatory activity in the health-technology sphere suggests that health privacy and security, specifically in the mobile environment, will be an area of focus for regulators in the upcoming year. Although these government-provided portals are useful, they do not replace legal or other expert advice. Before going live, developers should confirm with their legal or regulatory advisors whether their apps comply with relevant healthcare-related laws and regulations.

To review the entire document and formatting for this alert (e.g., footnotes), please access the original below:

Related Services