Apps Pose Challenge to Protecting Patient Data

By Steve Barrett
Monday, March 19, 2018

Health and wellness apps add layers of complexity to efforts to protect personal medical information, according to a medical media expert at Rice University.

Such apps number in the hundreds of thousands, and the overwhelming majority do not face FDA scrutiny, notes Kirsten Ostherr, a Professor of English and Director of Rice’s Medical Futures Lab.

“[T]he boundaries between medical and nonmedical environments are dissolving through the proliferation of apps that allow people to manage their own care outside of clinical settings,” Ostherr said in a news release from the university. “In some ways, those boundaries are breaking down because a lot of things that used to only happen inside of hospitals can happen outside of them now.”

At issue is how apps are classified. An app is deemed to be a medical device, and is therefore subject to FDA regulation and approval, if it makes therapeutic or medical claims. However, Ostherr points out, most apps merely deliver general health tips based on personal data that users furnish. By not purporting to offer medical interventions, these health and wellness apps avoid FDA regulation — even though they collect vast quantities of data that otherwise would, in many cases, be subject to HIPAA rules.

Rarely, Ostherr adds, does personal health information harvested by unregulated apps reach patients’ physicians so that they can leverage it to improve patient health.