Federal Agencies Set New Privacy Rules For App Developers


An updated trail guide that intends to assist health app developers in understanding which privacy rules and regulations relate to their technology has been made available by a number of federal government entities.

The Office of the National Coordinator for Health Information Technology, the Food and Drug Administration, as well as the Office for Civil Rights within the Department of Health and Human Services all collaborated to create the Mobile Health Apps Tool.

It enables developers to decide whether federal rules apply and which organisations govern certain facets of mobile health technology before building apps that will gather, exchange, utilise, or keep health information. Among the laws are:

  • Rules for privacy, security, and breach notification under the Health Insurance Portability and Accountability Act (HIPAA).
  • The 1938 Food, Drug, and Cosmetic Act (FD&C Act).
  • The health IT and information blocking sections of the 21st Century Cures Act and ONC’s Cures Act Final Rule with the ONC Health IT Certification Program.
  • The Health Breach Notification Rule of the Federal Trade Commission (FTC Act).
  • Act Protecting Children’s Online Information (COPPA).

The tool asks developers a variety of questions to help them understand their roles, like: do users require a prescription to access your app? Or do you permit the exchange of electronic health information among more than two independent parties? As the ONC’s Kathryn Marchesini and Rachel Nelson noted in a blog post, they understand the essential role health technology innovators have in assisting to facilitate and build confidence in the adoption and utilisation of mobile technologies.

Privacy and security are made the default setting in the overall development and design of the technology and business operations by including information privacy and security measures into mobile technology from the beginning, sometimes referred to as privacy or security by design. Users will feel more secure knowing that their data is safe and will only be accessed and released when expected or authorised.

Consumers can choose from among tens of thousands of digital health apps, and according to a recent American Medical Association poll, more doctors believe that using these tools can improve patient care.

However, there are issues with user security and privacy. Some privacy experts contend that information gathered by period-tracking or fertility apps may be used targeting users in regions where abortion is currently illegal following the Supreme Court’s Roe v. Wade decision.

In a recent analysis, the Mozilla Foundation examined 25 wearable technologies and apps for reproductive health. It was discovered that several apps had lax privacy and security requirements, collected a sizable quantity of users’ personal information, and made it challenging for users to understand how their data will be used.