In an effort to protect consumers, Apple has released guidelines for its health apps. In developer guidelines released this summer, it dictates: “If your app behaves in a way that risks physical harm, we may reject it.”
Apple’s stance on health app safety will be regarded as the first significant industry step towards self-regulation of health apps. This self-regulation is a major step toward better health apps and a victory for healthcare worldwide allowing for rapid innovation while protecting consumers.
The FDA regulates certain medical apps as medical devices under the Federal Food, Drug, and Cosmetic Act, but many wellness apps are not medical devices and are not regulated by the FDA. Other medical apps fall within the FDA’s authority, but because they pose a lower risk to the public the FDA has stated that it will exercise “discretionary authority”.
In the last several years, wellness apps have become incredibly popular on the AppStore; there are more than 165,000 of them. Meanwhile pharma and device companies are creating apps aimed at disease management, such as companion apps to drugs and devices. Researchers and care providers also want to take advantage of the power of mobile to study and cure diseases, conduct research studies, or add comfort to the sick.
But these companies and research innovators have been caught in health app purgatory: it can be prohibitively expensive to develop robust health apps because of the need to meet privacy and security requirements like the ones required by the FDA or under HIPAA. And this is in addition to the cost of developing analytical tools that require several developers, regulatory experts, and other resources.
Thousands of health apps that should be developed don’t ever see the light of day. And even when health apps get developed, physicians are reluctant to recommend them without confidence that those apps are able to improve their patients’ health or wellness and to protect their privacy.
Earlier this year, Apple launched ResearchKit to give health researchers a framework for developing apps. Apple’s framework has the potential to help researchers study disease longitudinally. There is enormous optimism that mobile phones can provide datasets that have never been imagined. And yet some researchers are still reluctant to develop apps. While app development generally can be inexpensive, health app development has hidden costs because of regulatory concerns, and so the health care app development for disease study and management hasn’t been as vibrant as it should be.
By taking a stand on harmful software, Apple has forced developers to truly look at how they develop their health apps, and this opens up the world to better medical research. Rightly or wrongly, Apple has been criticized for taking baby steps into healthcare, which has been a virtual holdout in digitization. (Other industries, such as finance and transportation are a decade or more ahead of healthcare.) But by emphasizing quality and responsibility, Apple has taken the most profound position yet on health apps.
Right now, consumers have no idea which apps are effective. Physicians are rightly worried about recommending apps that may or may not have gone through testing, but measure health or wellness and may recommend health responses.
Apple’s stance creates a necessary dialogue around all health apps and begs the question— how can health care providers and consumers of health and wellness apps know which health or wellness apps to trust with their health and their privacy?
The first step has been taken by Apple. Apps available from the AppStore should meet Apple’s standards and as a result consumers should be able to trust that those apps do not behave in a way that risks physical harm. But I would argue that this first step is not far enough.
While Apple also addresses privacy concerns, from a health perspective, Apple only states that apps that risk physical harm may be rejected by Apple. As a physician and a consumer of health and wellness apps myself, this qualification alone would not be enough for me to be comfortable recommending a health or wellness app to a patient or a friend.
In recommending an app for health or wellness, or to utilize an app for healthcare research, I would want to know that an app not only meets regulatory requirements, but that the app also meets the type of standards that constitute best practices in the industry. Platforms designed to meet the standards like HIPAA and the Food, Drug and Cosmetics Act in addition to Data Protection and quality assurance regulations in Europe would give me comfort that privacy and security standards are met, and that the app functions reliably. Because of my role as the CEO of a company specializing in health technology, I know which apps meet these standards.
How can physicians and consumers who do not track health tech know which apps to trust? The blunt answer today is that there is no easy way. And again, this demonstrates how far behind health tech is today. Seals of approval are not new.
Long before digitization, the BBB seal of the Better Business Bureau or Good Housekeeping’s Seal of Approval indicated a level of quality in a product or service. Later, badges/seals like TRUSTe’s Certified Privacy seal for privacy of consumers and children, Paypal’s Paypal Verified seal and Authorize.net’s Verified Merchant seal, and the Norton Secured seal for security were created to give confidence to consumers using the internet. But there remains no recognized seal for health & wellness apps and for healthcare research.
As a physician and a technologist in the healthcare space, I think that it is time for a seal that indicates that a health or wellness app is built on a platform designed to be reliable, secure and private in a way that meets the highest industry standards. This seal could be relied on by healthcare providers, consumers and even Apple to know which health or wellness apps can be trusted.
Until a trust seal for health and wellness apps becomes available, both health & wellness app users and participants in healthcare research are going to have to rely on their own research to determine whether an app is trustworthy. They will have to find out whether the app has been built to meet the highest industry standards and ask questions like “Was this built on a trusted healthcare platform?”, “What security is used?”, “How is my privacy protected?” and “Is the app reliable?”
Opinions expressed by HIT Consultant Contributors are their own.