The burgeoning market for health apps holds promise for consumers, but only if – and this is a big if – app developers understand their legal obligations and honor those responsibilities. The FTC just released an updated Mobile Health App Interactive Tool to help industry members determine what federal laws and regulations might apply to their apps. If you’re involved at all in the health apps marketplace, you owe it to your company – and to your present and future customers – to check out this new compliance resource.
Created in conjunction with HHS’ Office for Civil Rights (OCR), the Office of the National Coordinator for Health Information Technology (ONC), and the FDA, the FTC first released the online tool in 2016. But as any app developer knows, that’s the equivalent of a century in tech years. So working with the three offices, the FTC just issued a revised version that reflects regulatory changes that have occurred since then.
A quick look at the updated interactive tool demonstrates how easy the process is. Just answer a few high-level questions about the nature of your app, how it functions, the data it collects, and the services it provides to users. A few clicks later and you’ll be pointed to certain federal laws and regulations that might apply to your product. For example, is your app covered by the FTC’s Health Breach Notification Rule, the Children’s Online Privacy Protection Act (COPPA), the Health Insurance Portability and Accountability Act (HIPAA), the 21st Century Cures Act and ONC Information Blocking Regulations, or the Federal Food, Drug, and Cosmetic Act? To be clear, the interactive tool can’t substitute for personalized legal advice, but it can give you a head start on compliance.
Also on your must-read list: Mobile Health App Developers: FTC Best Practices, which presents a series of issues for health app developers to consider.
The purpose of this blog and its comments section is to inform readers about Federal Trade Commission activity, and share information to help them avoid, report, and recover from fraud, scams, and bad business practices. Your thoughts, ideas, and concerns are welcome, and we encourage comments. But keep in mind, this is a moderated blog. We review all comments before they are posted, and we won’t post comments that don’t comply with our commenting policy. We expect commenters to treat each other and the blog writers with respect.
- We won’t post off-topic comments, repeated identical comments, or comments that include sales pitches or promotions.
- We won’t post comments that include vulgar messages, personal attacks by name, or offensive terms that target specific people or groups.
- We won’t post threats, defamatory statements, or suggestions or encouragement of illegal activity.
- We won’t post comments that include personal information, like Social Security numbers, account numbers, home addresses, and email addresses. To file a detailed report about a scam, go to ReportFraud.ftc.gov.
We don't edit comments to remove objectionable content, so please ensure that your comment contains none of the above. The comments posted on this blog become part of the public domain. To protect your privacy and the privacy of other people, please do not include personal information. Opinions in comments that appear in this blog belong to the individuals who expressed them. They do not belong to or represent views of the Federal Trade Commission.