Digital health has become a much bigger legal sector than it ever was before. This is because consumer products, telecommunications and health are already heavily regulated sectors.
It has resulted in a fragmented market. Some are very innovative but have missed out some of the regulations that apply. This has led to many discussions related to the regulation of mobile health apps and greater scrutiny. What is a good quality product?
A lot of entrepreneurs have low levels of legal awareness in some areas. The general laws are:
Data protection, Consumer protection, Copyright protection, distance contracts, soft laws, medical devices directives (for medical apps).
Part of the problem is differentiating between medical apps and non-medical apps. Both will have different regulatory mechanisms and laws governing them. Either way you need to get proper consent for whatever data you collect.
Medical devices: these need to serve a medical purpose. They need to be CE marked and they need to be registered with regulatory authorities. You need to be clear about this from the outset. The key thing is actually promotion. If your business case is based on the medical claims made about the product then it is likely to be recognised as a medical device.
Consumer products: These don’t have to be CE marked or tested. The impact of consumer protection legislation has to be clear here. Health or fitness apps fall under this group. This means they are NOT making medical claims. Again you have to be careful about the marketing. The way you market the product will affect how the regulators will perceive it. There are certain disclaimers and product liability options which need to be considered.
The medical device guidelines are out of date and need to be updated. More guidance is forthcoming and the regulators are gradually catching up. Again the key is how the product is marketed.
This is so important and often underestimated by entrepreneurs. MHRA guidance
If your product is low risk and aimed at general wellness/fitness then the regulators are unlikely to be very concerned about it.
Once you get down to a particular disease it gets a bit more tricky. However, if the advice remains general and broad again it is probably acceptable and outside the FDA guidelines. Especially if it is in a low risk group and area.
The data you obtain is likely to be very tightly controlled. Therefore there needs to be a disclaimer, terms and conditions and consenting. Is this valid and meaningful or explicit? You have to be careful how you collect the data, and how you store and manage it. This applies whatever the data might be, especially if it might be construed as personal.
There was a recent court case in Holland where they took Nike to court because it didn’t have explicit enough consent to use the data in the app. The court determined that Nike was in breach of data protection laws because it was processing personal data without consent (on peoples fitness).
You need to consider how and where you will place these. There should be a number of places where it is presented. There has been a recent privacy code of conduct approved by the european court. It is voluntary but if you apply it then you can leverage that as a potential marketing advantage.