Developers of mobile health apps may be required to comply with certain federal laws such as the FTC Act, FTC Health Breach Notification Rule, Children’s Online Privacy Protection Act (COPPA), Health Insurance Portability and Accountability Act (HIPAA), Federal Food, Drug and Cosmetics Act (FD&C Act), the 21st Century Cures Act, and the ONC’s Information Blocking Regulations.
To help mobile health app developers avoid compliance missteps, the Federal Trade Commission (FTC), in conjunction with the Department of Health and Human Services’ Office for Civil Rights (OCR), Office of the National Coordinator for Health Information Technology (ONC), and the Food and Drug Administration (FDA), developed an online tool to help developers determine which federal laws and regulations they need to comply with.
The online tool asks a series of questions about the nature of the app, the service it provides, the information it collects, and how that information is collected, shared, and used. Based on the answers to the questions, the tool will direct the developer to the relevant federal regulatory privacy, security, and breach notification laws and regulations that may apply.
The tool should be used by any developer of a mobile app that accesses, collects, shares, uses, or maintains information related to an individual’s past, present, or future health. Even if a health app has not been developed for use by a HIPAA-covered entity, there may be one or more federal laws or regulations that apply. The tool will point developers to resources where they can find out more information about their compliance obligations, along with best practices to help them deliver a safe and accurate service while ensuring the privacy and security of the health information of app users.
On December 7, 2022, the HHS announced that the online Mobile Health App Interactive Tool has been updated. The updated version can be found here.
The post FTC and HHS Update Online Compliance Tool for Mobile Health App Developers appeared first on HIPAA Journal.