Masterstudiengang "Drug Regulatory Affairs"
Master-Thesis
Recent Developments on the EU-Regulatory Approach in mobile Health regarding mobile Health Apps which can be "medical Apps" or "non medical Apps" ***
Regina Kaiser (Abschlußjahr: 2016)
Summary
Language: English
The European Commission (EC) has recognised concerns on the transparency, quality and safety of the rapidly increasing mHealth App market. With its Green Paper on mobile Health (mHealth) the EC has taken a comprehensive regulatory approach for the development of a proportionate regulatory framework on mHealth and mHealth Apps. In this thesis the EC’s overall regulatory approach and the actual status of the currently developing European regulatory framework with focus on mHealth Apps was reviewed. For this purpose mHealth Apps were distinct into "medical" and "non-medical" Apps, which defines whether mHealth Apps are regulated as medical device in Europe or not. The EC’s regulatory approach on mHealth Apps comprises the combined measures of regulation as well as supporting, alternative forms of regulation. The EU regulatory framework regarding mHealth Apps is currently well in progress and the new data security and protection rules will address outstanding issues. The existing requirements like the medical device directives and the co-regulating technical standards are basically sufficient to cover the safe development of medical Apps as medical device. However the regulatory qualification of mHealth Apps can create gray areas for non-medical Apps because more detailed interpretation regarding their increasing complexity in functionalities is needed. The applicable, supplemental European guidelines are trying to clarify the legal status and the borderline between "medical" Apps and "non-medical" Apps. Although they have been recently updated their support stays nascent in nature and more specifically guiding examples regarding the growing spectrum of mHealth Apps are needed. The available co-regulation of key technical medical device standards is basically sufficient; the need of further standard development has adequately been addressed and is already in progress. The new, industry-lead approach to extend technical standards to the general health area of non-medical Apps indicates a trend that the borderline between medical and non-medical Apps becomes more fluent. It is possible that the regulatory status of mHealth Apps change with up-grades during lifecycle management or that the regulatory status is differently assessed in the various regulatory regimes worldwide. In addition there is a general movement of health care toward prevention and healthy aging. Therefore an aligned, standardised technical development for all mHealth Apps seems to be reasonable.
Adequate European requirements on Data security, Privacy and Data protection of Health data were a major concern. Only recently the Dutch Authorities found data protection violation by the Nike+ running App. The new rules, which are coming into force, will cover mHealth App including non-medical Apps more appropriately in future and will assign distinct responsibilities and foster the principle of privacy by design and default. The rules will be supplemented by additional co- and self-regulating measures like an industry code of conduct and voluntary certification. In addition the EC strongly supports initiatives on voluntary certification and quality labelling in order to improve the quality and transparency of reliable and trusted mHealth Apps. Complementary to existing national initiatives the EC has initiated the development of a harmonised European standard on quality criteria for the development of reliable health and wellness apps and Guidelines for assessing Validity and Reliability of mHealth Apps regarding data collection and processing.
The combined measures of regulation, co- and self-regulation as alternative forms of regulation seem to be adequate for the aim of a balanced and proportionate regulatory approach fostering an innovative and emerging technology, while meeting all stakeholders’ demands. To which degree the alternative forms of regulation will work effectively to reveal reliable and trusted mHealth Apps still has to be shown and additional mechanism of compliance will be needed. The alternative forms of regulation should provide added value without compromising the need for conformity assessment of medical Apps. In this context the proposed new design and public access to the European databank on medical devices (Eudamed) could additionally increase transparency, if the database will contain the relevant, product specific information on medical Apps including risk class I.
Several reviews articles revealed the lack of reliable clinical performance of mHealth Apps as potential risks and harms for user like apps for the detection of melanoma skin cancer. This calls for more involvement of experienced, clinical experts in the development of mHealth Apps. However to assess the real clinical value of mHealth Apps appropriate medical research including clinical investigations is needed and specific guidance regarding the clinical evaluation of medical Apps should be available.
Finally the review of the European regulatory framework revealed a regulatory need, which has not yet been addressed by the EC. The applicable risk classification rules of Medical Device Directive 92/43/EEC, Annexe IX don’t work effectively for medical Apps that can use the automatic "fallback" classification rule 12 and therefore fall into the lowest risk class I. In some cases the assigned risk class seems not to be appropriate to the related risk like for medical Apps used to calculate insulin units for the self-injection by the patient. Therefore the characteristics of medical Apps as a new technology needs to be better reflected in the legal risk classification rules and the forthcoming regulation. The appropriateness of the regulation along with the progression of this rapidly advancing technology should be closely monitored in future.
Pages: 63
Annexes: 2, Pages: 87