On September 2, 2020, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced a new “Health Apps” feature on the HHS.gov website. The new website, which replaces the OCR’s Health App Developer Portal, highlights existing guidance for mobile health (“mHealth”) apps regarding the Health
Continue Reading HHS Launches New “Health Apps” Website to Highlight HIPAA Guidance for Mobile Health Applications
MHealth
Key Takeaways from Covington’s Webinar about Digital Health Associated with Pharmaceuticals
On February 1, 2018, Covington’s Digital Health team hosted a webinar examining U.S. and EU regulatory issues for digital health associated with pharmaceuticals. Here are some key takeaways from that webinar:
- Neela Paykel from Proteus Digital Health, noted that “you need to think outside the box for how to engage,
ICO Rules UK Hospital-DeepMind Trial Failed to Comply with UK Data Protection Law
The UK Information Commissioner’s Office (“ICO”), which enforces data protection legislation in the UK, has ruled that the NHS Royal Free Foundation Trust (“Royal Free”), which manages a London hospital, failed to comply with the UK Data Protection Act 1998 in providing 1.6 million patient records to Google DeepMind (“DeepMind”), requiring the Royal Free to sign an undertaking committing to changes to ensure it is acting in line with the UK Data Protection Act.
On September 30, 2015, the Royal Free entered into an agreement with Google UK Limited (an affiliate of DeepMind) under which DeepMind would process approximately 1.6 million partial patient records, containing identifiable information on persons who had presented for treatment in the previous five years together with data from the Royal Free’s existing electronic records system. On November 18, 2015, DeepMind began processing patient records for clinical safety testing of a newly-developed platform to monitor and detect acute kidney injury, formalized into a mobile app called ‘Streams’.
Continue Reading ICO Rules UK Hospital-DeepMind Trial Failed to Comply with UK Data Protection Law
EU Updates MEDDEV 2.1/6 Guidance on Standalone Software
On 15 July 2016, the European Commission updated MEDDEV 2.1/6 (the “MEDDEV Guidance), its medical device guidance on the qualification and classification of stand alone software used in the healthcare setting. The updated version replaces an earlier version of MEDDEV 2.1/6 issued by the European Commission in January 2012.
MEDDEV 2.1/6 generally stands as a valuable resource to assist software developers in the assessment of whether software is a medical device. However, some have expressed disappointment that the updated guidance did not go further in clarifying the picture, particularly those operating within the mobile health (mHealth) space.
Indeed, the main changes consist of additions to the definitions section of the MEDDEV Guidance. There is now a definition to clarify that “software” is a “set of instructions that processes input data and creates output data“. There are also accompanying definitions of “input data” and “output data”.
Continue Reading EU Updates MEDDEV 2.1/6 Guidance on Standalone Software
EU Commission Creates New mHealth Data Quality Working Group
Following a 2014 mHealth consultation and two open stakeholder meetings in 2015 (see here and here), the European Commission has announced the formation of a new working group aiming to draft guidelines on mHealth app data quality.
Continue Reading EU Commission Creates New mHealth Data Quality Working Group
May 2015 EU mHealth Round-Up
May 2015 saw a number of developments in the EU mHealth sector worthy of a brief mention. The European Commission announced that it would work on new guidance for mHealth apps, despite the European Data Protection Supervisor and British Standards Institution publishing their own just weeks earlier. In parallel, the French data protection authority announced a possible crackdown on mHealth app non-compliance with European data protection legislation. This post briefly summarizes these developments.
Continue Reading May 2015 EU mHealth Round-Up
Article 29 Working Party Clarifies ‘Health Data” in the Wellbeing App Context
The Article 29 Working Party has published a letter (with Annex) to the European Commission, clarifying the scope of the key legal term “health data” in relation to lifestyle and wellbeing apps.
Continue Reading Article 29 Working Party Clarifies ‘Health Data” in the Wellbeing App Context
Summary Report of European Commission’s mHealth Consultation Published
The European Commission has finally published its summary of 211 responses to its mobile health (“mHealth”) consultation. The summary and original responses to the consultation have been made available on the Commission’s website at https://ec.europa.eu/digital-agenda/en/news/summary-report-public-consultation-green-paper-mobile-health
The consultation covered a broad range of important issues for mHealth, including legal frameworks, privacy and data protection, patient safety, mHealth’s role in healthcare systems, equal access, interoperability, funding and reimbursement, liability, research & innovation, international cooperation, and market access issues, particularly for web entrepreneurs.Continue Reading Summary Report of European Commission’s mHealth Consultation Published
JP Morgan Conference Highlights eHealth Technologies, Data-Driven Therapeutics
The excitement around eHealth innovations was palpable throughout San Francisco this week as the annual JP Morgan healthcare conference flooded the city. JP Morgan itself offered panels and presentations from industry leaders and emerging companies, while simultaneously occurring conferences, speaker programs, and networking events throughout San Francisco featured discussions on the changing face of healthcare in today’s world of increasing digitization, economic transformation and regulatory oversight.
Major deal announcements were also triggered by the “Superbowl of Healthcare” buzz this week, including scores of new eHealth initiatives and start-ups. We’ve highlighted a few of the big deals of the week below.
Complex Cross-Disciplinary Approaches: Roche and Foundation Medicine Announce New Partnership
In an approximately $1.2 billion deal, Roche agreed to acquire a majority stake in cancer diagnostic maker Foundation Medicine. The companies simultaneously entered into a series of commercial arrangements in which Foundation’s tumor analysis and cancer genetics capabilities will be incorporated into Roche’s clinical development platform. The companies will also collaborate to co-develop novel cancer diagnostics as well as to educate physicians about genetic informatics-based cancer care.
Continue Reading JP Morgan Conference Highlights eHealth Technologies, Data-Driven Therapeutics
FTC Remarks Signal Heightened Focus on Mobile Health Devices
Federal Trade Commission (FTC) chairwoman Edith Ramirez’s remarks at the International Consumer Electronics Show on Tuesday signal that FTC may be paying increased attention to privacy and security issues in the mobile health industry.
The speech focused on how “the introduction of sensors and devices into currently intimate spaces – like our homes, cars, and even our bodies” results in increased data sensitivity and heightened challenges for consumer protection. Those challenges, according to Ramirez, stem from three overarching issues: (1) ubiquitous data collection; (2) using data in ways consumers don’t expect (and the adverse consequences of such use); and (3) heightened security risks.
While FTC has been focused on consumer issues raised by the “Internet of Things” (IoT) era for quite some time, the examples cited by Ramirez suggest that e-health products are among the IoT applications of greatest salience when it comes to consumer protection. She specifically called out smart glucose meters, heart monitors and health monitoring wearables in the speech.
Continue Reading FTC Remarks Signal Heightened Focus on Mobile Health Devices