Summary Report of European Commission’s mHealth Consultation Published
The European Commission has finally published its summary of 211 responses to its mobile health (“mHealth”) consultation. The summary and original responses to the consultation have been made available on the Commission’s website at https://ec.europa.eu/digital-agenda/en/news/summary-report-public-consul...
The consultation covered a broad range of important issues for mHealth, including legal frameworks, privacy and data protection, patient safety, mHealth’s role in healthcare systems, equal access, interoperability, funding and reimbursement, liability, research & innovation, international cooperation, and market access issues, particularly for web entrepreneurs.
Of particular note was the general feeling that the regulatory framework around lifestyle and wellbeing apps needed to be improved. The U.S. FDA has recently released guidance on the topic, and there is clearly appetite for similar guidance in Europe. Yet there was even greater demand for a specific regulatory framework, suggesting that many developers are finding it difficult to navigate the existing product safety, data protection, medical device, consumer protection and e-commerce laws that can apply to those products.
A number of respondents called for increased state/insurance funding or reimbursement of mHealth. This is seen as key to the future of mHealth in Europe, but it is not necessarily something which the Commission will do much about: the delivery of healthcare and the manner in which it is reimbursed is usually left to the individual EU Member States. At the national level, however, many national health services have no defined system for pricing and reimbursement of mHealth initiatives. Even where Member States have defined a structure, mHealth payment and market access is a turbulent and fast-evolving topic. For instance, the Commission highlighted France’s conditional reimbursement programme for Continuous Positive Airway Pressure (CPAP) treatment; patients are reimbursed only if the remote monitoring device reports that they are self-administering the treatment correctly. However, the program was struck down by a decision of the French Supreme Court (Conseil d’Etat) late last November.
The Commission noted that a slim majority of respondents called for stronger enforcement of data protection and medical device rules. Several also felt that certification and quality standards would enhance patient safety and user trust. Apps that fall under medical device rules already need to be “CE marked” to indicate conformity to EU medical device safety and quality standards, but there are no official equivalents for privacy protection; instead, providers generally declare their conformity to standards such as ISO/IEC 27001 and 27002, or run their apps through programs such as the NHS Health Apps Library, which screens apps for their compliance with data protection law (as part of a fuller evaluation of their regulatory compliance and safety).
The European Commission is planning to produce a set of policy responses to the consultation during the course of 2015. It will need to hurry, however, if it wants to feed these into the major ongoing reforms to the EU’s medical device and data protection laws.