In this article, Jim Sherwood, partner at BLM and an expert in product liability, questions the legal status of healthcare apps – what is the current regulatory and liability framework for the mHealth sector?
Smartphones are increasingly integral to our lives. According to research, students spend between nine and 10 hours a day ‘engaged’ with their mobile device, managing banking, their fitness regime and retail purchases, in addition to communications.
The growth of m-Health applications reflects this trend, providing information on treatment options, tips on managing illness, and helping to monitor conditions, from high blood pressure to diabetes. Meanwhile the Consumer Rights Act 2015, effective from 1 October, has newly established the legal status of digital content and the rights and remedies of consumers.
While the opportunities to administer treatment more efficiently are clear, the risks in a fast-evolving, lucrative healthcare market are also apparent
It is estimated that by next year, 500 million people will be using healthcare apps and healthcare professionals expect to monitor the provision of treatment increasingly via apps. While the opportunities to administer treatment more efficiently are clear, the risks in a fast-evolving, lucrative healthcare market are also apparent.
Pfizer had to recall a rheumatology calculator app because it generated inaccurate values for markers of disease activity, while an app for diagnosing skin cancer was found to be unreliable.
Insurers have seen recent examples of healthcare technology expose supply chain risks and lack of clarity in a regulatory regime struggling to keep check with an industry which has seen a growth in turnover reaching £17.6billion in 2013.
What is the current regulatory and liability framework for the m-Health sector?
Regulators focus on the intended purpose of the app and adopt a risk-based approach. Under the Medical Device Directive 93/42/EEC (MDD) the regulation of medical devices is undertaken in the UK by the Medicines and Healthcare products Regulatory Agency (MHRA), which produced guidance on medical device standalone software – including apps - in March this year.
Insurers tempted to provide cover for any potential liabilities in the m-Health arena should have a clear appreciation of the risks and regulatory regime in addition to the licensing and supply chain involved and have appropriately-worded exclusion clauses
Under the MDD, which itself is in the process of review, software that has a medical purpose could be a medical device. A medical device is defined in the MDD as ‘software… intended by the manufacturer to be used for human beings for the purpose of: diagnosis, prevention, monitoring, treatment or alleviation of disease… alleviation of or compensation for an injury or handicap, investigation, replacement or modification of the anatomy or of a physiological process, control of conception…’
The MHRA has helpfully identified words and phrases used in marketing literature which may contribute to a determination as to whether the app is indeed a medical device. Where an app provides decision support or decision-making software, which applies some form of automated reasoning, such as calculations or symptom tracking, such software is very likely to meet the definition of a medical device and therefore be regulated by the MHRA. It would therefore have to undergo a conformity assessment ensuring the product meets the relevant essential requirements for its classification as a device.
The MHRA encourages a system of registration/activation to enable manufacturers to trace devices in the event of a recall and also identifies the responsibilities upon UK suppliers/app stores where any problems or risks with the use of devices may be identified.
Any user of apps will be familiar with accepting the terms of a lengthy contract or licensing agreement imposed by the provider. Where a fault emerges in a healthcare app, the potential risks of injury are clear.
m-Health apps are evolving rapidly and regulators in the UK are responding to the challenges of protecting consumers as healthcare moves away from traditional monitoring and treatment
The Consumer Rights Act 2015 introduces a new category of sales contract, namely contracts between a trader and consumer in relation to ‘digital content’, which may include software and mobile phone apps. The act provides implied terms to such contracts that the digital content must be of satisfactory quality, fit for a particular purpose and as described, thus providing potential remedies for consumers which had previously applied to the sales of goods. Hence a consumer may pursue remedies where there have been breaches of the implied terms including, potentially, damages for personal injury where the digital content is not of satisfactory quality and has caused loss.
The right of redress under the Consumer Protection Act 1987 is uncertain. While the CPA covers any goods or electricity, the definition arguably does not apply to software downloaded by a consumer where no physical property has passed. There may, however, be a good argument for a claim in negligence where the manufacturer arguably has a duty of care to the ultimate consumer. There may also be duties upon the supplier of apps where a potential defect has been identified but no action is taken following the recommendations contained in the guidelines issued by the MHRA.
Insurers tempted to provide cover for any potential liabilities in the m-Health arena should have a clear appreciation of the risks and regulatory regime in addition to the licensing and supply chain involved and have appropriately-worded exclusion clauses.
m-Health apps are evolving rapidly and regulators in the UK are responding to the challenges of protecting consumers as healthcare moves away from traditional monitoring and treatment.
