Hot on the heels of recent announcements from the U.S. Food and Drug Administration (see our prior blogs here), the European Medicines Agency (“EMA”) has joined the conversation on the use of Artificial Intelligence (“AI”) and Machine Learning (“ML”) technologies in the medicinal product lifecycle.
AI and ML have
Continue Reading EMA Releases Reflection Paper on AI/ML in the Medicinal Product Lifecycle
On March 23, 2023, FDA released a Framework for the use of digital health technologies in drug and biological product development (the “DHT Framework”). This DHT Framework is on the heels of a Discussion Paper the Agency released earlier this month on the use of artificial intelligence (AI) in drug
Continue Reading FDA Seeks Comments on Agency Actions to Advance Use of AI and Digital Health Technologies in Drug DevelopmentInnovative digital solutions intended to address health issues typically experienced by women have been an area of increased focus. Ranging from reproductive-related mobile applications to AI-enabled breast cancer screening devices, digital solutions for women+ health show promise to serve an enormous market with medical needs that have often failed to
Continue Reading 5 Reasons Digital Solutions for Women+ Health Will Grow in 2023On September 28, the governor of California signed into law AB 2089, which expands the scope of California’s Confidentiality of Medical Information Act (“CMIA”) to cover mental health services that are delivered through digital health solutions and the associated health information generated from these services.
Continue Reading California Expands the Scope of the CMIA to Cover Certain Digital Mental Health Services and InformationOn June 23, 2022, the German Federal Office for Information Security (“Office”) published technical guidelines on security requirements for healthcare apps, including mobile apps, web apps, and background systems. Although the technical guidelines are aimed at healthcare app developers, they contain useful guidance for developers of any app
Continue Reading German Federal Office for Information Security Publishes Security Requirements for Healthcare AppsOn January 21, the Federal Trade Commission (“FTC”) announced new resources to help companies determine their obligations under the Health Breach Notification Rule (the “Rule”): the Health Breach Notification Rule: Basics for Business, which provides a quick introduction to the Rule, and Complying with FTC’s Health Breach Notification Rule (“Compliance Guidance”), a more in-depth compliance guidance. These resources follow the FTC’s September 2021 Policy Statement, which expanded the Rule’s application to the developers of health apps, connected devices, and similar products, and similarly emphasize the FTC’s continued scrutiny of health technology.
Continue Reading FTC Releases New Health Breach Notification Rule Guidance, Targets Health Apps and Connected Devices
On Wednesday, October 6th, Governor Gavin Newsom signed SB 41, the Genetic Information Privacy Act, which expands genetic privacy protections for consumers in California, including those interacting with direct-to-consumer (“DTC”) genetic testing companies. In a recent Covington Digital Health blog post, our colleagues discussed SB 41 and the growing
Continue Reading California Governor Signs Legislation to Expand Genetic Privacy Protections After Last Year’s Veto
Last Friday, October 1, the Protecting DNA Privacy Act (HB 833), a new genetic privacy law, went into effect in the state of Florida establishing four new crimes related to the unlawful use of another person’s DNA. While the criminal penalties in HB 833 are notable, Florida is
Continue Reading Newly Effective Florida Law Imposing Criminal Sanctions Adds to Developing Nationwide Patchwork of State Genetic Privacy Laws
On September 15, the Federal Trade Commission (“FTC”) adopted, on a 3-2 party-line vote, a policy statement that takes a broad view of which health apps and connected devices are subject to the FTC’s Health Breach Notification Rule (the “Rule”) and what triggers the Rule’s notification requirement.
The Rule was promulgated in 2009 under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act. Under the Rule, vendors of personal health record that are not otherwise regulated under the Health Insurance Portability and Accountability Act (“HIPAA”) are required to notify individuals, the FTC, and, in some cases, the media following a breach involving unsecured identifiable health information. 16 C.F.R. §§ 318.3, 318.5. Third-party service providers also are required to notify covered vendors of any breach. 16 C.F.R. § 318.3.Continue Reading FTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices
Legislation that would amend California’s Confidentiality of Medical Information Act (“CMIA”) is working its way through California’s Senate and passed in the Senate Health Committee earlier this week. The proposed bill passed in the state’s Assembly back in April. Introduced by Democratic California Assemblymember Edwin Chau, who sits on the Privacy and Consumer Protection Committee, the proposed legislation (AB 1436) expands the definition of “provider of health care.” Under the CMIA, providers of health care are subject to various obligations, including provisions that restrict the disclosure of medical information without a prior valid authorization, subject to certain exceptions.
Continue Reading Proposed Bill Would Expand the Scope of the CMIA