{"id":1763,"date":"2012-02-17T00:00:00","date_gmt":"2012-02-17T00:00:00","guid":{"rendered":"http:\/\/otava.test\/mhealth-app-regulations-fda-hipaa\/"},"modified":"2012-02-17T00:00:00","modified_gmt":"2012-02-17T00:00:00","slug":"mhealth-app-regulations-fda-hipaa","status":"publish","type":"post","link":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/","title":{"rendered":"Mobile Health App Regulations: FDA & HIPAA"},"content":{"rendered":"

Mobile healthcare and apps, mHealth, is, at times, quite literally a matter of life and death. And from my recent research on the trend, there\u2019s widespread agreement that the industry requires pre-defined standards and strong regulation to 1) protect the quality of patient care; and 2) ensure PHI is secure and handled properly.<\/p>\n

Yet, being enveloped in the HIPAA realm for some time has skewed my thinking \u2013 when I heard about the FDA regulating healthcare apps, I was confused. Instinctually, albeit not intellectually, I\u2019d always thought the FDA provided insight into topics like food poisoning and MSG \u2013 not smartphones and apps, or anything technology-related.<\/p>\n

However a recent blog post<\/a> by David Lee Scher, MD, opened my eyes to a few reasons why he believes the FDA needs to be the regulatory body of \u201cdigital health technologies.\u201d And some reasons why those in the field aren’t very fond of the organization \u2013 he mentions the fact that the FDA slows the approval process for apps annually and raises review fees for device companies, increasing developer frustration over the increased time to market.<\/p>\n

One of the points he brings up is the fact that the FDA\u2019s mandate isn\u2019t covered by other related agencies \u2013 including the ONC and FCC (broadband access). The ONC, acting on behalf of the HHS, is notorious for enforcing the HIPAA and HITECH compliance laws, yet Scher reduces that to, \u201coversees EHRs.\u201d A slightly broader perspective might say the ONC oversees the handling of PHI, not just EHRs, since the majority of HIPAA breach cases involved some type of physical theft or loss, as you can see in my infographic breakdown of the 2011 HIPAA violation breach types<\/a>\u00a0[for tips on preventing a breach, see\u00a0What is a HIPAA Violation?<\/a>].<\/p>\n

While the FDA should and will be involved in evaluating apps for their ability to improve patient health, they need to make collaboration with the ONC\/HHS a priority to test apps for their ability to keep PHI secure. Scher references commentary in The Washington Times<\/a> by Joel White \u2013 White\u2019s position is primarily against FDA app regulation, including the argument that the FDA\u2019s \u201cpiecemeal and oftentimes conflicting structure\u201d of regulation raises concerns on how these rules intend to coexist with rules established by other agencies.<\/p>\n

White argues a point from a recent State of the Union speech in support of his opinion; \u201ctearing down outdated regulatory structures\u201d allows innovation to flourish and encourages economic growth. Although potentially initially true, I don\u2019t think throwing every regulatory body or law out the window is productive \u2013 without mHealth oversight, patient care may decrease significantly in quality with the advent of untested apps released to market, causing more costly and potentially dangerous issues down the road.<\/p>\n

A regulatory body may also serve to prevent a flooded healthcare app industry (perhaps prolonging its success) and work to inform consumers of their quality and security when it comes to keeping health records secure.<\/p>\n

Ultimately, I think we need a cohesive and productive collaboration between every agency and organization that touches mHealth and a way of streamlining the process to prevent wasted resources and time.<\/p>\n

References:<\/strong>
\nFive Reasons Why Digital Health Technologies Need FDA Oversight<\/a>
\nWhite: FDA\u2019s Assault on Mobile Technologies<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Mobile healthcare and apps, mHealth, is, at times, quite literally a matter of life and death. And from my recent research on the trend, there\u2019s widespread agreement that the industry requires pre-defined standards and strong regulation to 1) protect the quality of patient care; and 2) ensure PHI is secure and handled properly. Yet, being enveloped in the HIPAA realm for some time has skewed my thinking \u2013 when I heard about the FDA regulating healthcare apps, I was confused. Instinctually, albeit not intellectually, I\u2019d always thought the FDA provided insight into topics like food poisoning and MSG \u2013 not smartphones and apps, or anything technology-related. However a recent blog post by David Lee Scher, MD, opened my eyes to a few reasons why he believes the FDA needs to be the regulatory body of \u201cdigital health technologies.\u201d And some reasons why those in the field aren’t very fond of the organization \u2013 he mentions the fact that the FDA slows the approval process for apps annually and raises review fees for device companies, increasing developer frustration over the increased time to market. One of the points he brings up is the fact that the FDA\u2019s mandate isn\u2019t covered by…<\/p>\n","protected":false},"author":3,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1],"tags":[],"other_category":[],"class_list":["post-1763","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"acf":[],"yoast_head":"\nMobile Health App Regulations: FDA & HIPAA | OTAVA<\/title>\n<meta name=\"description\" content=\"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mobile Health App Regulations: FDA & HIPAA\" \/>\n<meta property=\"og:description\" content=\"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\" \/>\n<meta property=\"og:site_name\" content=\"OTAVA\" \/>\n<meta property=\"article:published_time\" content=\"2012-02-17T00:00:00+00:00\" \/>\n<meta name=\"author\" content=\"Irma Brillantes\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Irma Brillantes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\"},\"author\":{\"name\":\"Irma Brillantes\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\"},\"headline\":\"Mobile Health App Regulations: FDA & HIPAA\",\"datePublished\":\"2012-02-17T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\"},\"wordCount\":546,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\",\"url\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\",\"name\":\"Mobile Health App Regulations: FDA & HIPAA | OTAVA\",\"isPartOf\":{\"@id\":\"https:\/\/www.otava.com\/#website\"},\"datePublished\":\"2012-02-17T00:00:00+00:00\",\"description\":\"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?\",\"breadcrumb\":{\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.otava.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mobile Health App Regulations: FDA & HIPAA\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.otava.com\/#website\",\"url\":\"https:\/\/www.otava.com\/\",\"name\":\"OTAVA\u00ae\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.otava.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.otava.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.otava.com\/#organization\",\"name\":\"OTAVA\u00ae\",\"url\":\"https:\/\/www.otava.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"contentUrl\":\"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg\",\"caption\":\"OTAVA\u00ae\"},\"image\":{\"@id\":\"https:\/\/www.otava.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263\",\"name\":\"Irma Brillantes\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g\",\"caption\":\"Irma Brillantes\"},\"url\":\"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Mobile Health App Regulations: FDA & HIPAA | OTAVA","description":"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/","og_locale":"en_US","og_type":"article","og_title":"Mobile Health App Regulations: FDA & HIPAA","og_description":"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?","og_url":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/","og_site_name":"OTAVA","article_published_time":"2012-02-17T00:00:00+00:00","author":"Irma Brillantes","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Irma Brillantes","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#article","isPartOf":{"@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/"},"author":{"name":"Irma Brillantes","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263"},"headline":"Mobile Health App Regulations: FDA & HIPAA","datePublished":"2012-02-17T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/"},"wordCount":546,"commentCount":0,"publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/","url":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/","name":"Mobile Health App Regulations: FDA & HIPAA | OTAVA","isPartOf":{"@id":"https:\/\/www.otava.com\/#website"},"datePublished":"2012-02-17T00:00:00+00:00","description":"Mobile healthcare (mhealth) requires strong oversight to ensure PHI is secure and handled properly. Should that be administered by the FDA?","breadcrumb":{"@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.otava.com\/blog\/mhealth-app-regulations-fda-hipaa\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.otava.com\/"},{"@type":"ListItem","position":2,"name":"Mobile Health App Regulations: FDA & HIPAA"}]},{"@type":"WebSite","@id":"https:\/\/www.otava.com\/#website","url":"https:\/\/www.otava.com\/","name":"OTAVA\u00ae","description":"","publisher":{"@id":"https:\/\/www.otava.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.otava.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.otava.com\/#organization","name":"OTAVA\u00ae","url":"https:\/\/www.otava.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","contentUrl":"https:\/\/www.otava.com\/wp-content\/uploads\/2025\/03\/otava-logo.svg","caption":"OTAVA\u00ae"},"image":{"@id":"https:\/\/www.otava.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.otava.com\/#\/schema\/person\/35774075f8f4fcdd4eae80cb72034263","name":"Irma Brillantes","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d5251bebc1699793a698d1a6158603cb3cdc50a095a12357e42d415b3e5546c2?s=96&d=mm&r=g","caption":"Irma Brillantes"},"url":"https:\/\/www.otava.com\/blog\/author\/ibrillantesotava-com\/"}]}},"_links":{"self":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1763","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/comments?post=1763"}],"version-history":[{"count":0,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/posts\/1763\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/media?parent=1763"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/categories?post=1763"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/tags?post=1763"},{"taxonomy":"other_category","embeddable":true,"href":"https:\/\/www.otava.com\/wp-json\/wp\/v2\/other_category?post=1763"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}