For any project enquiries phone +49 (0)761 76 999 422

Last time we introduced Digital Health and its rapid growth, with over 200 health apps per day being released to app stores. Earlier apps were focused on wellness and wellbeing, but many are now transitioning to disease management and even informed decision making. These now make up 40% of the health apps market! With the explosion of Digital Health and the data that it collects and processes, regulators are taking steps to regain control.

Why is there such interest from industry and healthcare providers in this market? The clinical evidence for a subset of apps is there, with over 500 published studies. The second factor is economics, as use of apps in diabetes prevention, diabetes management, asthma management, cardiac rehabilitation, and pulmonary rehabilitation have resulted in reduced use of acute care facilities. Full utilization in these populations is estimated to save health providers in the US over 1.4% of total costs. Furthermore, the EU reports [1] that 80% of people would agree to share their health data and report on treatment efficacy if their data privacy and security can be ensured. The EU is also promoting EU-wide standardization of electronic health records. [2] Access to such a rich data source could provide new insights into disease and public health. All these benefits must, though, be exploited without risk to patients and their data. To this end, regulators are working to ensure that developers have a framework in which to work. Right now country guidelines diverge with little international consensus [3], but more general, international consensus guidelines should be expected to follow in the future.

Towards this goal, the European committee for standardization or CEN [4] are working on an international standard for quality and reliability for health and wellness apps. It is building from one of the first standards in this area: PAS 277:2015, developed by the British Standards Institution (BSI). PAS 277 covers the whole development life cycle, from planning through to decommissioning. It is not, however, a regulatory standard at this time. On regulation, the French authority HAS [3] published a risk matrix detailing the level of review an app should receive dependent on the classification of its intended users (healthcare professionals, patients, or public) and purpose (information, primary prevention, secondary prevention, or data analysis). The template app development process follows the principles of GDPR. Similarly, key recommendations from the US Federal Trade Commission [5] are closely aligned to the principles of GDPR: minimize data, limit access, and implement security by design.

Given its focus on data, and specifically health data, it is not really surprising that Digital Health regulation is being built on and around GDPR. The regulation will also be unlikely to deter healthcare companies, who are already dealing with GDPR, from expanding their services in the digital arena. Just developing a Digital Health offering will not, though, simply equate to a more effective and profitable business. Digital Health must be properly designed and implemented to leverage its full potential – and as noted by Bhavani et al [6] we must “remain vigilant towards monitoring the effectiveness of” Digital Health. If you want to understand the clinical and economic implications of a Digital Health project then feel free to contact us.

Below is a list of best practices and guidelines of potential interest for different countries.


FTC: Mobile Health App Developers: Federal Trade Commission Best Practices [5]
FDA focus on digital health [7]
FDA on MMA (mobile medical application) [8]


eHealth : digital health and care in Europe [9]
eHealth Standards for Europe [10]
Guidance document Medical Devices – MEDDEV 2.1/6 [11]
Report on the cost-effectiveness of standards-driven eHealth interoperability [12]
The eHealth Interoperability Conformity Assessment for Europe (EURO-CAS) project launched on 26 January 2017 [13]


Good Practice Guidelines on Health Apps and Smart Devices (Mobile Health or mHealth) published in October 2016 [3]
Digital healthcare in France: Stratégie nationale e-santé 2020 [14]
Agence nationale des systèmes d’information partagés de santé = ASIP Santé is a public agency created in 2009 and was charged specifically with developing and hosting the electronic health record (DMP). [15]
HAS: Spécificités méthodologiques d’évaluation clinique des Dispositifs Médicaux Connectés. documents published in January 2019 [22]
HAS: Téléconsultation et téléexpertise : guide de bonnes pratiques. documents published in June 2019 [23]
HAS: Téléimagerie : guide de bonnes pratiques. documents published in June 2019 [24]


Bjdw Positionspapier zum Thema e-health und digital health [16]
Vesta – das Interoperabilitätsverzeichnis für IT-Standards im deutschen Gesundheitswesen [17]
Bitkom-pressekonferenz_e-health_prasentation, May 2019 [17b]



Digital health and care Guidance (updated on 20.11.2018) [18]
Guidance on Medical device stand-alone software including apps [19]
NHS, Transforming Digital Health [20]
NHS Apps Library [21]







[6] Bhavani et al, 2016, Mobile technology and the digitization of healthcare.