The Federal Trade Commission is offering an interactive tool to help Web developers of mobile health apps know which federal laws may apply to their products. The agency also has issued guidance to developers on building privacy and security into apps.
The FTC built the tool with assistance from the HHS Office for Civil Rights and Office of the National Coordinator for Health Information Technology, as well as the Food and Drug Administration.
Depending on its functions and intended use, a mobile health app may need to comply with several federal laws, such as the FTC Act, FTC breach notification rule, HIPAA and the Federal Food, Drug and Cosmetics Act.
“As Americans become increasingly engaged in managing their health through diverse health IT products, this tool will provide product developers with access to the critical information and consistent guidance they need in order to innovate,” says Lucia Savage, chief privacy officer at ONC.
The guidance for determining appropriate laws that may be applicable walks developers through a series of questions on the nature and function of an app, the data collected and the services provided to healthcare consumers.
Additional guidance on best practices for building privacy and security into apps covers eight broad topics: minimizing data, limiting access and permissions, keeping authentication in mind, considering the mobile ecosystem, implementing security by design, not reinventing the wheel, communicating the app’s security and privacy options to consumers, and determining applicable federal laws.
Register or login for access to this item and much more
All Health Data Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access