·  Legal News, Analysis, & Commentary

Health & Medicine

Developing a Legal Framework for Digital Health

— February 4, 2020

An essential part of framing a digital health legal framework is creating a regulatory authority.

The world is mobile. And so are our expectations. Ordering food, buying shoes, purchasing medicines, applying for jobs, filing complaints, and even court procedures are moving online. It is in this era that we need to think about a broader legal perspective on digital health to ensure genuine and authentic health care services.

Now, the World Health Organization (WHO) defines digital health as a collective term that encapsulates e-health, m-health, health services via PDAs (Personal Digital Assistants), etc. in its wide ambit. The e-health, telemedicine, mobile-related applications to measure and evaluate various health parameters are on the rise today. Young people and health-conscious citizens are readily adopting the app way into health since creating a mobile app is a very easy process today. The 3.7 billion health app users in 2017 from 1.7 billion users in 2013 is a clear indication of this trend.

However, all is not well with digital health considering the mounting number of apps and many fraudulent apps. For example, recent research shows that on evaluating 280 diabetes mobile applications, only five had any meaningful output to deliver clinically. The cross-border exchange of patient data and other regional and cultural aspects are pleading for a robust framework on the legal frontier to ensure the quality and usefulness of digital health solutions.

Mapping the Outlines of a Legal Framework 

However, to draw the outlines of a legal framework, we need to consider a basic unit on which the legal frame needs to develop. The difficulty starts here because, in a digital, globalized world, all boundaries are highly volatile. Yet, for the sake of simplicity, we may take ‘nation’ as a basic unit to develop the legal framework around it. It is because today, more than 113 countries follow the rule of law in their day to day administration out of the 166 democracies.

Apple Watch and Fitbit on grey fabric background; image by Andres Urena, via
Apple Watch and Fitbit on grey fabric background; image by Andres Urena, via

Further external data trading and other laws are all signed between nations, and since federal laws usually come under a broader set of national rules, the country as a safe unit to develop a legal framework is the best way forward. While developing a comprehensive legal framework, you need to consider the following:

  • Balancing privacy and data sharing
    One of the primary concerns is data protection of the patients. Today there are many apps that keep doctors away, consequently patients are interacting with virtual elements.They fill forms and divulge information about themselves for the sake of using the app quickly. Here, legal parameters need to define the type of information that a mobile app developer or an e-health service provider can access. The best way to ensure that citizen’s privacy and data is kept safe is to make a privacy policy declaration a mandatory step to get authorization. Apps that do not have a clear privacy policy need to be legally restrained until they define it clearly in line with national or regional privacy laws. Some of the best-followed practices are that of the United States and European Union, where the health information of users are protected under HIPAA1996 and GDPR, respectively.
  • Setting standards
    Standards are essential to ensure that digital health seekers get quality medical and therapeutic interventions. The set of rules needs to emerge from ‘evidence for effectiveness’ criteria. The kind of evidence that digital health technologies have to provide and demonstrate a strong correlation with their claims are all to be pre-defined, and in case of newer innovations, the digital health regulator needs to examine them on a case to case basis.
  • Cross-border data transfer
    Another legal concern with digital health comes in sharing data across borders, especially in sensitive areas like the Middle East. Here a bi-lateral or multi-lateral treaty approach to allow data sharing is a common phenomenon. But the problem arises when the company handling these data transfers have multiple presences and take data to remote servers for safe-keeping. In such cases, a national legal framework for digital health must specifically mention a clause on creating servers in the home country. If data needs migration across borders for safe-keeping, then the whereabouts and security clauses also need to be explicitly defined.
  • Regulating body
    An essential part of framing a digital health legal framework is creating a regulatory authority. The advances in digital health are so fast and growing that a regulatory body that continually monitors the various services like telemedicine, public and private healthcare, third-party outsourcing in hospitals, mobile apps that people are adopting, the effects, etc. is necessary The regulatory body needs to have a mix of experienced health professionals and technical and legal experts in it. It should be capable of conducting independent research in medicine, testing claims of effectiveness of digital technologies in health, and framing new policies beforehand to avoid health-related fraud and with the power to prosecute those who cross the line.

The above points form the basic structure of a legal framework for digital health. The requirement may vary from one country to another, and additions are needed based on cultural, social, geographical, and political factors into this framework for a full-fledged legal framework.

Join the conversation!