The Federal Trade Commission unveiled a new online tool to help mobile health app developers figure out what federal laws and regulations might apply to their products.
The tool asks developers a series of yes-or-no questions, each related to one of four possibly applicable laws: the Health Insurance Portability and Accountability Act, the Federal Food, Drug, and Cosmetic Act, Federal Trade Commission Act, and FTC’s Health Breach Notification Rule. The tool was created with the Department of Health and Human Services and the Food and Drug Administration.
Along with the tool, the FTC released a guidance to help developers “comply with the FTC Act, by building privacy and security into their apps.”
In a release, Bakul Patel, associate director for digital health in the FDA’s Center for Devices and Radiological Health, said the growth in the mobile health field underscores the need to clarify what rules apply to what products.
During a House science subcommittee hearing last month, app makers and lawmakers talked about the challenges of encouraging innovation in the field while still ensuring users’ privacy and security. Some suggested HIPAA, a major health law to safeguard patients’ health information, was due for an overhaul.
“Much of the guidance around remote patient access to data on HIPAA predates the iPhone,” Morgan Reed, executive director of ACT | The App Association trade group, complained at the time.
Later, a group of lawmakers urged HHS Secretary Sylvia Burwell to further clarify HIPAA’s privacy and security standards as they apply to mobile apps.
“Advances in mobile health technology have the potential to dramatically improve patient outcomes and the accessibility of health care,” the letter said. “This innovation is coming at a rapid pace, but your agency has done little to demonstrate it can manage the significance.”