According to a 2010 market research report by Research and Guidance, 500 million smartphone users will be using a health care application by 2015.

“It is a completely different world,” according to Jon Mendelsohn, MD, who has been practicing in the Cincinnati area since 1997, and says within the past couple years he integrated his office into a smartphone- and tablet-friendly environment.

“What used to be on paper is now on an iPad, he notes. “It certainly makes the information available to everyone immediately.”

Consumers are utilizing these tools almost as quickly as they can be developed. As a plastic surgeon, Mendelsohn uses about 20 apps in his practice. Apps that range from PDF Expert, which allow parents to sign consent forms, to Scanner Pro, which can turn an iPhone into a mobile scanner—this allows Mendelsohn to electronically add paper-based information to a patient’s electronic chart.

Among other apps, some allow patients to monitor their calorie intake for healthy weight management, and for physicians there are apps for viewing patient x-rays on their mobile communications device.

In San Francisco, primary care physician Andrew Brandeis, MD, is in the heart of Tech Country. Some start-up tech company CEOs are Brandeis’ patients, and a few of them have asked him to be a consultant for them. One such app is called iHealth Blood Pressure Monitoring System for iPod Touch, iPhone, and iPad.

“I take my patients’ blood pressure on iHealth, and I can track it over time. Eventually, that is going to program into the patient’s electronic medical records,” Brandeis says.

The FDA has publicly stated it is encouraging the exciting development of new applications that can improve the quality of health care services. On the other side of the coin, the same organization also says it has a public health responsibility to oversee the safety and effectiveness of those mobile medical applications that present a potential risk to patients if they don’t work as intently.

“At this time, we haven’t received any reports of problems related specifically to mobile medical applications. We do usually expect under reporting in devices in general. And perhaps with great, you know, we may see an increase in the number of reports with this increased awareness in the guidance,” according to Peper Long, associate director for external communications for FDA’s Center for Devices.


The FDA has released a proposal for regulating mobile medical applications. Currently, the agency is looking for input on its proposed oversight approach for certain mobile medical applications specific to medicine or health care that are designed for use on smartphones and other mobile computing devices. It is focusing on only a select group of applications, and will not regulate the sale or general consumer use of smartphones or tablets.

“In order to provide manufacturers of such mobile medical applications with the clear understanding for which mobile medical applications the FDA will oversee, the FDA has defined a small subset of mobile and medical applications that may impact performance or functionality of currently regulated medical devices,” says Bakul Patel, policy adviser from the Office of the FDAs Center for Devices.

The FDA’s definition includes mobile medical applications that are used as an accessory to a medical device that has already been regulated by the FDA—for example, an application that allows a health care professional to make a specific diagnosis by viewing a medical image from a picture archiving and communication system, also known as PACS, on a smartphone or mobile tablet.

Another example is an app that calculates a patient’s Glasgow Coma Score based on physician inputs.

The definition will also include a mobile medical application that can transform a mobile communication device into a regulated medical device by using attachments or sensors. For example, an application that turns a smartphone into an ECG machine or an electronic stethoscope to detect abnormal heart rhythms or determine if the patient is experiencing a heart attack would be considered under this definition.

Brandeis believes it is inevitable that the FDA is going to be involved with health care-related apps. Any time there is a big trend in health care, he says, the FDA is involved. However, the FDA is slow and the FDA is not perfect. “Right now, you can go to Walgreens and buy a home blood pressure cuff. The FDA did not have to sign off on it. It just had to be the department of weights and measures, saying that it is actually accurate. That is not FDA-approved.

“Now, will the FDA have to approve a blood pressure cuff because it is associated with an app? That does not make sense to me,” Brandeis adds.

“We believe this outline approach does not cover the majority of mobile applications and will continue to promote innovation in this new and expanding field,” Patel says.


HIPAA is black and white on what physicians can and can’t do with patient information, but there is a lot of gray when it comes to the advancement of technology.

“I think technology is way outpacing what HIPAA is controlling,” Mendelsohn claims.

For example, some physicians are using the app Dropbox, a free service that gives users access to your photos, documents, and videos from any device and location. After you install Dropbox on your computer, any file you save to your Dropbox will automatically save to all your computers, your iPhone and iPad, and even the Dropbox Web site.

In June, Dropbox posted on its Web site a response to questions about whether or not the app is compliant with HIPAA, FERPA, SAS 70, Safe Harbor, ISO 9001, ISO 27001, or PCI. Currently, Dropbox does not have any of these certifications, although EU Safe Harbor certification is being pursued.

At present, there are no checks and balances for which apps are HIPAA-compliant. I would urge physicians to proceed with caution when choosing apps. A quick reminder: According to the Department of Health and Human Services (HHS), penalties have increased. Prior to the HITECH Act, the HHS Secretary could not impose a penalty of more than $100 for each violation or $25,000 for all identical violations of the same provision. Section 13410(d) of the HITECH Act strengthened the civil money penalty scheme by establishing tiered ranges of increasing minimum penalty amounts, with a maximum penalty of $1.5 million for all violations of an identical provision.

On The Web!

See also “There Are a Lot of Apps for That” by Wendy Lewis, in the July 2011 issue ofPSP.

The FDA is encouraging feedback from manufacturers, health care providers, and other stakeholders in how its proposal will support the balance between promoting innovation and ensuring safety and effectiveness. Submit an electronic comment to

At this time, the FDA does not have an enforcement game plan for approaching an app manufacturer if the app does not work up to par.

“I think we will be able to look at it on a case-by-case basis, and we would enforce as it’s appropriate. I don’t think a blanket statement would work in any particular situation, including currently regulated medical devices,” Patel says.

Michael J. Sacopulos, JD, is a partner with Sacopulos, Johnson & Sacopulos, in Terre Haute, Indiana. His core expertise is in medical malpractice defense and third-party payment disputes. He can be reached at .