Certifying Prescription Grade Smartphone Medical Apps

An article in yesterday's NYT focused on what I call "Prescription Grade Smartphone Medical Apps." The article said the idea of such apps "excites some people in the health care industry, who see them as a starting point for even more sophisticated applications that might otherwise never be built" (read the article here).

"But unlike a 99-cent game, apps dealing directly with medical care cannot be introduced to the public with bugs that will be fixed later. The industry is still grappling with how to ensure quality and safety." I have written about this issue before, although for apps created by the pharma industry and not "Prescription Grade" apps. See, for example:

• Some Unregulated Physician Smartphone Apps May Be Buggy
• FDA Mobile Regulatory Fear Mongering by PhRMA
• Be Aware of What's Behind a Pharma Mobile App: Disclaimers Only Tell Part of the Story

Lee H. Perlman, managing director of Happtique, a subsidiary of the business arm of the Greater New York Hospital Association, says "he believes that doctors will soon prescribe both clinically tested apps and more modest apps, like those that track physical activity or remind patients to take their pills. The company has established its own set of guidelines to determine the quality of health care-related apps, and helps doctors integrate them into their medical practice."

Happtique, in July 2012, released a draft of standards that it will be using to certify medical, health, and fitness apps under Happtique’s App Certification Program. The purpose of the program is to help users identify apps that meet high operability, privacy, and security standards and are based on reliable content. You can find the Happtique certification draft standards attached to this post.

The Happtique Certification Standards include these categories:

• App Operability Standards
• App Privacy Standards
• App Security Standards
• App Content Standards

My interest at the moment is in the App Content (C1) and Security (S6) Standards because these are most relevant to my concerns about the credibility of some recent pharma apps.

Content Standard C1 states: "The app is based on one or more credible information sources such as an accepted protocol, published guidelines, evidence-based practice, peer-reviewed journal, etc.

Performance Requirements for Standard C1

• C1.01 If the app is based on content from a recognized source (e.g., guidelines from a public or private entity), documentation (e.g., link to journal article, medical textbook citation) about the information source is provided.
• C1.02 If the app is based on content other than from a recognized source, documentation about how the content was formulated is provided, including information regarding its relevancy and reliability

I have seen pharma apps that do not comply with C1.01 (e.g., read "Be Aware of What's Behind a Pharma Mobile App: Disclaimers Only Tell Part of the Story").

But more troubling than the lack of documentation regarding content, is the accuracy of the apps software. Happtique Certification Security Standards address some of my concerns.

Security Standard S6 states: "The app owner has a mechanism to notify end users about apps that are banned or recalled by the app owner or any regulatory entity (e.g., FDA, FTC, FCC)."

Performance Requirements for Standard S6

• S6.01 In the event that an app is banned or recalled, a mechanism or process is in place to notify all users about the ban or recall and render the app inoperable.
• S6.02 In the event that the app constitutes a medical device (e.g., 510(k)) or is regulated by the FDA in any other capacity, the app owner has a policy and a mechanism in place to comply with any and all applicable rules and regulations for purposes of handling all aspects of a product notification or recall, including all corrections and removals.

Unfortunately, I do not find a standard for addressing the problem of "buggy" medical app software, which I discussed in a previous post to Pharma Marketing Blog (see "The Problem with Unregulated "Calculator" Apps for Physicians"). Specifically, shouldn't there be some certification standard that specifies how the app software was tested for accuracy? I think so.