Engineering Health Information Systems

There is a fast emerging market for mobile apps (software) to be downloaded on mobile devices (such as smart phones, iPods, tablets, etc). These apps range from simple information aids up to complex radiology imaging software with decision support. They also target a variety of users, including GPs, specialists, patients and caregivers. Clearly, there is concern about the safety (and security) of these devices. The U.S. FDA has made it clear that even software can be considered a medical devices if it is used in clinical practice and risks are associated with it. However, it is unclear how to properly control software in general – and mobile apps specifically. Now, the FDA has held a hearing on that subject matter. An interesting summary and protocol of that hearing can be found here. It provides a good account of the difficulties associated with an attempt of regulating the “health app market”.

One point that I found particularly interesting is the aspect of daisy chaining of apps. This problem occurs when multiple interoperable apps exchange data. The normal approach of regulators such as the US FDA and Health Canada is to put tight controls only on those software apps that play an important role in diagnosis or treatment. However, if such an app received data from another app that is less controlled, lack of data quality (e.g., errors in that data caused by errors in this other app) may contribute to safety hazards. This “daisy chaining” problem may in fact indicate that we need a new way of asserting controls, shifting the focus from “software devices” to “data items”.