Medical App Developers: Navigating FDA and FTC Regulations

Developing a medical app can be an exciting process and most are eager to push their product out to app stores. However, depending on the type of medical app created, it may be subject to regulations from the Federal Drug Administration (FDA) or the Federal Trade Commission (FTC).

The FDA only requires regulation of medical apps that meet one of the following criteria:

  • The app is intended to be used as an accessory to a regulated medical device
  • The app transforms a mobile platform into a regulated medical device

If an app does not meet one of these criteria it does not need to be submitted to the FDA for approval.

However, there are other regulations that medical app developers will need to keep in mind when developing and releasing their apps. The FTC has recently stepped up enforcement of the FTC Act, which prohibits making false or misleading claims about an app's efficacy or performance. The developers of apps like Lumosity and UltimEyes have been levied heavy fines by the FTC for making unsubstantiated medical claims about their products. App developers need to have solid evidence to back any claims they make about their apps, especially if they pertain to patient care or treatment. There are also HIPAA and other health privacy laws that may need to be considered.

Two new resources (both from the FTC) can help app developers navigate potentially confusing regulations:

Mobile Health Apps Interactive Tool

This site includes a list of ten questions which assess if an app may be required to comply with the Health Insurance Portability and Accountability Act (HIPAA), the Federal Food, Drug, and Cosmetic Act (FD&C), the Federal Trade Commission Act, or the FTC Health Breach Notification Law. Medical app developers should consider visiting this site early in the app creation process to determine if they may need to submit materials to the FDA, or reconsider the language they use to describe their app.

Mobile Health Developers: FTC Best Practices

This guide provides app developers with a list of best practices regarding medical app security, consumer privacy, and protecting sensitive data. App developers who are considering collecting patient or consumer data with their apps should definitely review this guide.

The medical app environment is for the most part unregulated. App developers typically do not need to worry too much about their app requiring FDA or any other regulatory body’s approval. These tools, however, can help developers better understand the regulatory environment and ensure that their apps are following proper laws and regulations.

Please visit Becker’s Mobile Medicine Guide for more information about medical apps.