SlideShare a Scribd company logo

RapidValue White Paper on Regulations and compliance for enterprise mHealth applications

Nageena Vijayan
Nageena Vijayan

Healthcare organizations and software firms looking to make investments in mobile applications need to assess implications of HIPAA and FDA in order to protect patient health information and ensure compliances are met. This document outlines some of the key evaluation criteria on regulations and security considerations in healthcare sector that need to be addressed while implementing mobility applications.

Health & MedicineTechnologyBusiness
1 of 13
Download to read offline
Regulations and compliance for enterprise mHealth applications
Contents Mobilizing healthcare applications 4 Security Concerns and Challenges 5 Defining the application – 'Does your mobile app need FDA approval? 6 Secure your mobile app – Understanding HIPAA compliances 8 A.Assess the user base B.Design a strategy C.Deploy and Manage Conclusion 13 About Us RapidValue is a leading international professional services firm focused on building and managing highly scalable mobile and cloud applications for business. RapidValue was founded in 2008 by senior executives from Deloitte, IBM, Oracle, and Infosys to enable enterprises to deploy disruptive solutions in consumer and enterprise mobility. RapidValue delivers its services to companies throughout the world and has offices in United States and India. RapidValue has deployed numerous mHealth solutions in the healthcare industry for leading hospitals and software companies in the world. Our industry experts have helped companies take the big next step in implementing mobility solutions and improve the overall quality of patient care. For more information about RapidValue: Visit us online at www.rapidvaluesolutions.com Visit our blog at www.rapidvaluesolutions.com/blog © RapidValue 2012 | www.rapidvaluesolutions.com
Healthcare organizations and software firms looking to make investments in mobile applications need to assess implications of HIPAA and FDA in order to protect patient health information and ensure compliances are met. This document outlines some of the key evaluation criteria on regulations and security considerations in healthcare sector that need to be addressed while implementing mobility applications. © RapidValue 2012 | www.rapidvaluesolutions.com
mHealth market 2015: 500m people will be using healthcare smartphone applications (research2guidance, November 2010 report) Mobilizing healthcare applications The rapid explosion of mobile platforms and adoption of smart devices have provided greater flexibility and opportunity for physicians and other staff at hospitals to deliver real-time information at the Point of care. Mobile healthcare, or what is more commonly called as mHealth, has created 'a channel to facilitate, communicate and deliver healthcare services via mobile communication devices'. Over the last few months, increasing number of mHealth apps have gained traction that help physicians and other healthcare providers to keep track of reference drugs, monitor patient health records and status, and also manage schedules. While this provides a plethora of opportunities and possibilities for healthcare organizations to reduce costs and improve efficiency, this increased mobility has created new challenges towards healthcare IT. This guide will provide a simple prescription to IT teams to assess and identify basic requirements and help healthcare organizations reduce risk, improve operational efficiencies and achieve compliance goals enabling them to provide a higher quality of patient care. The whitepaper combines industry's best practices along with RapidValue's experience in implementing solutions for many customers. 4 © RapidValue 2012 | www.rapidvaluesolutions.com
Security concerns and challenges The influx and usage of mobile devices have threatened the traditional policies and processes towards security. The mode of data transmission over the last few years through client/server approaches and fixed-line infrastructures have been obsoleted with mobile devices accessing corporate resources and applications from anywhere, cloud services, remote mobile desktops and social networks. As more sensitive information is being fed into mobile applications and into the network cloud in general, the complete security, privacy and regulatory compliance of such information must be assured. Since security breaches are not uncommon in any industry, the healthcare industry has mandated a few regulations and compliansces to ensure patient information is safe. HIPAA (Health Insurance Portability and Accountability Act) - HIPAA in correlation with PHI (Protected Health Information) requires health care organizations ensure that applications are secure, and that sensitive patient and business data is protected when in use, during transmission, or when stored in a mobile device. FDA regulations - Federal Food, Drug, and Cosmetic Act requires that any stand-alone device or an accessory (software applications) that is directly consumed by the end user is subjected to regulations and approval by the FDA. HITECH (Health Information Technology for Economic and Clinical Health) Act - HITECH is part of the American Recovery and Reinvestment Act of 2009 (ARRA). The HITECH Act is intended to encourage more effective and efficient healthcare through the use of technology, like implementing electronic health records (eHR), thereby reducing the healthcare costs and enabling greater access to the system. It aims to address the privacy and security concerns associated with the electronic transmission of health information 5 © RapidValue 2012 | www.rapidvaluesolutions.com
Defining the application – 'Does your mobile app need FDA approval?’ One of the key steps in defining the security compliance strategy for your mobile app is to determine whether the application requires FDA approval. FDA clearance is typically required for apps that are involved in diagnosis, treatment, cure or mitigation of a device. A few examples are given below: Standalone device – Device in finished form, perhaps ready to use with accessories with an intended sale to end-user. Example: iPod touch integrated with an external device to view the blood pressure of a patient. FDA clearance – Yes, requires assessment for exemption Accessory – Software/articles within a standalone device intended for use by end-user. Example: a) An app that is used by a patient to download information from a blood glucose meter. B) An app focused on helping people with weight loss and everyday management of diabetes. FDA clearance - Requires assessment for the type of application On the other hand, applications that are informational and reference-only do not require FDA approvals. So how do we really know if the app developed will be subjected to FDA approval or not? Based on research and experience over the years, we at RapidValue suggest performing an evaluation on the below set of questions for the app not to be subjected to FDA approval Possible considerations for app not being Brainstorm and evaluate subject to FDA approval 1 How is the data going to be Make sure the data to the app is input/entered into the app? Entered manually Not connected to external device/machine through which it receives data Does not require physical contact with the patient specimen 6 © RapidValue 2012 | www.rapidvaluesolutions.com
2 What is the output of the app The output Should not connect to any other device and guide with any instruction. Should only interpret the input and provide meaningful data to the patient Should not cure/mitigate/treat the patient. 3 Does the app provide real-time The app should not updates of a patient? Monitor the patient in real-time Notify users on alarms about the physical condition of a patient Patient-specific result using processing algorithms 4 RapidValue's assessment Typical Apps that do not need approval Wellness related app like track/log/record food habits, physical fitness exercise Medical reference application Medical EHRs/PHRs Apps that improve efficiency like mobile hospital management care (mHMC), workflow management Practice-management applications like track billing, determine medical billing codes, remote physician consultation (mPrescribing) and appointments, Apps that need approval PACS apps (Picture Archiving and Communication Systems) that display radiological images for diagnosis is classified under class II PACS like X-rays scan reports. Monitor blood pressure of patient, display heartbeat of a patient, attachments of ECG reports , device connected to patient to monitor sleep pattern 7 © RapidValue 2012 | www.rapidvaluesolutions.com
Secure your mobile app - Understanding HIPAA compliances For any healthcare application, security and compliance go hand in hand and it is absolutely essential to adopt all healthcare compliances and regulations including HIPAA, HITECH, ITRF Regulation or PCI/PHI compliances governing the Healthcare sector. While a technical architect or product manager takes the decision of whether an application is subjected to FDA regulation, compliances and security need to be incorporated by the development team building the application. Below are the key steps in ensuring a design that addresses compliance and regulation requirements. A. Assess the user base Unlike applications that run on desktop environments where majority of systems run on a single platform/operating system, the market share of mobile platforms is pretty fragmented and Brainstorm Diagnose 1 What is the type of user-group Is the application going to be accessed that will access the application? by consumers? Is it an enterprise-application, which will be accessed only by employees of the organization? 2 Mobile platforms On what platforms does the mobile application need to be supported? iOS (Apple), Android, Blackberry, Windows or All? 3 Server requirements Is the application a stand-alone app or does it communicate with backend server for data synchronization? What will be the application usage at most times? Will the application be accessed and used by large user base? We need to ensure bandwidth of the server handles Assessing information on the above questions will help the IT team to strategize and tailor unique security policies on corporate servers constantly accessed by wireless devices 8 © RapidValue 2012 | www.rapidvaluesolutions.com
B. Design a strategy Over the very few years of inception, smartphones have got smarter and powerful by the year with the capabilities of communicating through multiple channels combined with significant processing power and large storage capabilities. Hence these devices have become the easiest threat to data vulnerability and security compared to laptops. Access to data through external entities (hacking/ theft) Exposure of Loss of device device to Malware Primary risk Areas The Center for Medicare and Medicaid Services (CMS), which oversees HIPAA security rule enforcement, has published a 'HIPAA Security Guidance for Remote Use of and Access to Electronic Protected Health Information' to help organizations determine the best way to protect ePHI available to mobile device users. Our framework of implementing a secure mobile application is based around the CMS guidance with recommendations from a development and implementation perspective. 9 © RapidValue 2012 | www.rapidvaluesolutions.com
1. Secure your device: Make sure the mHealth application requires a set of unique credentials (username and password) to access the application Risk scenario: Login credentials are lost/stolen, which could potentially result in unauthorized access to view/modify ePHI. Solution. a) Implement a two-factor authentication for granting remote access to systems that contain ePHI. Other than username and password, Create a security question like 'Which city you were born’ Create a four-digit security code that will always be requested when the application has been inactive for a specific period of time. The four-digit security code can be used for logging into the application when device i in offline mode. a) Access to application using a VPN client connection through 'Cisco anytime connect' or 'RSA secure ID'. b) Password protection rules such as 6 character pin, expirations, failure thresholds, data wipe after failure. c) Implement a technical process for creating unique user names and performing authentication when granting remote access to a workforce member. d) Set up devices to automatically lock after a specified period of inactivity. e) Whenever a device is stolen, the 'IT help desk' should be notified on the same and a user- interface should be provided on the backend system for the representative to de-register the username. 2. Secure your data: Make sure the data sent to the mobile application is secure on the device as well as during transmission. Risk scenario: Hacking the network or a mobile device from unprotected access points (like hotel business center, airport) is a growing concern and can potentially result in loss of ePHI data Solution: a) Prevent downloading and storing of ePHI data on the device whenever possible. Ensure the data when downloaded is operationally justifiable. b) Minimize caching of data on browsers for web-based applications. c) Implement strong encryption solutions (validated encryption AES256 & Triple DES), for transmission of ePHI using SSL (Secure Socket Layer) as the minimum requirement for mHealth applications. d) Create policies to prevent use of and/or encrypt SD cards and other removable media on mobile devices. a) Ensure that the server to which all web-services request are sent/received from the mobile devices is firewall protected. 10 4 © RapidValue 2012 | www.rapidvaluesolutions.com
f) Ability to perform 'Remote wipe-off' from the server to delete ePHI data from the device. Remote wipe-off can be designed in any of the following ways. Monitor the application 'Agent' continuously during online/offline activities and perform remote wipe-off from the server for suspicious activities. Monitor application 'Agent' during online activities and perform remote wipe-off from the server. If 'Agent' cannot be tracked during offline mode, the data on the device should be deleted for inactive activity of application for about '5' days. 4 11 © RapidValue 2012 | www.rapidvaluesolutions.com
C. Deploy and manage Once the development team implements the application with the compliances discussed above, the next step is in assessing how to deploy the application and manage them over subsequent releases and upgrades. For applications that are not going to be used by consumers but rather within the organization employees, we recommend rolling out using the enterprise distribution model, through which users have access to and download the recommended enterprise apps, receive them in a secure way over-the-air (OTA), and are alerted to and download updates when available. Moreover organizations can leverage this feature to keep an accurate inventory of the mobile apps that are installed at any given time, and be able to monitor them by device and user groups. While there is a significant concern about application vulnerability, integrity and user privacy in Apple app store and Android market, we believe that implementing some of the below security measures will strengthen the compliance policies significantly. 1.Develop processes to ensure backup of all ePHI data sent/received to the mobile are preform on the server side regularly. 2.For enterprise controlled apps/devices, apply Over-the-Air (OTA) provisioning and management of smartphones. 3.Scan for suspicious activities and malware on server network platform regularly. 4.Ensure workforce is appropriately trained on policies and also on the application usage that require accessing any ePHI data. Recommend users to search for and delete any files intentionally or unintentionally saved to external devices. 5.Perform regular internal HIPAA audits when an application is planned for an upgrade to include new enhancements/bug fixes. 4 12 © RapidValue 2012 | www.rapidvaluesolutions.com
Conclusion When considering the trends towards adoption of different digital technologies, today's healthcare organizations are faced with enormous challenges of compliance and regulation. As we have witnessed recently over the years, personal information theft have proven to be costly for organizations, loosing their credibility and being forced out of business. With robust auditing required for HIPAA security compliance, IT groups can no longer ignore mobile devices in their security policy implementation. Companies looking to develop mHealth solutions should look to leverage their existing IT infrastructure, policies, and services and ensure that newer technologies are seamlessly integrated and add significant value to the organization by providing quality care for their patients. Disclaimer This white paper brings out the evaluation criteria of mobile health apps related to FDA and HIPAA compliance aspects based on our research, analysis and understanding. Any architectural assessment and/or design decisions related to the above policies should not be implemented based solely on the recommendations in the document. RapidValue shall have no liability for any direct, incidental, or consequential damages suffered by any third party as a result of decisions/actions taken, or not taken, based on this document. 13 © RapidValue 2012 | www.rapidvaluesolutions.com

Recommended

Improving Efficiency and Outcomes in Healthcare using Internet of Things
Improving Efficiency and Outcomes in Healthcare using Internet of ThingsImproving Efficiency and Outcomes in Healthcare using Internet of Things
Improving Efficiency and Outcomes in Healthcare using Internet of ThingsCitiusTech
 
Challenges and Opportunities Around Integration of Clinical Trials Data
Challenges and Opportunities Around Integration of Clinical Trials DataChallenges and Opportunities Around Integration of Clinical Trials Data
Challenges and Opportunities Around Integration of Clinical Trials DataCitiusTech
 
Challenges of Healthcare Application Development
Challenges of Healthcare Application DevelopmentChallenges of Healthcare Application Development
Challenges of Healthcare Application DevelopmentMarie Weaver
 
Approach to enable your IT systems for FHIR (HL7 standards) compliance
Approach to enable your IT systems for FHIR (HL7 standards) complianceApproach to enable your IT systems for FHIR (HL7 standards) compliance
Approach to enable your IT systems for FHIR (HL7 standards) complianceShubaS4
 
Introducing the mHealth Platform as a Service
Introducing the mHealth Platform as a ServiceIntroducing the mHealth Platform as a Service
Introducing the mHealth Platform as a Servicekidozen
 
mHealth & the Medical Provider
mHealth & the Medical ProvidermHealth & the Medical Provider
mHealth & the Medical ProviderLuca Sergio
 
Application Monitoring Tools
Application Monitoring ToolsApplication Monitoring Tools
Application Monitoring ToolsAdtech Global
 
Acg allscripts powerpoint app submission
Acg allscripts powerpoint app submissionAcg allscripts powerpoint app submission
Acg allscripts powerpoint app submissionDouglas Dew, MD, MBA
 

Recommended

Improving Efficiency and Outcomes in Healthcare using Internet of Things
Improving Efficiency and Outcomes in Healthcare using Internet of ThingsImproving Efficiency and Outcomes in Healthcare using Internet of Things
Improving Efficiency and Outcomes in Healthcare using Internet of ThingsCitiusTech
 
Challenges and Opportunities Around Integration of Clinical Trials Data
Challenges and Opportunities Around Integration of Clinical Trials DataChallenges and Opportunities Around Integration of Clinical Trials Data
Challenges and Opportunities Around Integration of Clinical Trials DataCitiusTech
 
Challenges of Healthcare Application Development
Challenges of Healthcare Application DevelopmentChallenges of Healthcare Application Development
Challenges of Healthcare Application DevelopmentMarie Weaver
 
Approach to enable your IT systems for FHIR (HL7 standards) compliance
Approach to enable your IT systems for FHIR (HL7 standards) complianceApproach to enable your IT systems for FHIR (HL7 standards) compliance
Approach to enable your IT systems for FHIR (HL7 standards) complianceShubaS4
 
Introducing the mHealth Platform as a Service
Introducing the mHealth Platform as a ServiceIntroducing the mHealth Platform as a Service
Introducing the mHealth Platform as a Servicekidozen
 
mHealth & the Medical Provider
mHealth & the Medical ProvidermHealth & the Medical Provider
mHealth & the Medical ProviderLuca Sergio
 
Application Monitoring Tools
Application Monitoring ToolsApplication Monitoring Tools
Application Monitoring ToolsAdtech Global
 
Acg allscripts powerpoint app submission
Acg allscripts powerpoint app submissionAcg allscripts powerpoint app submission
Acg allscripts powerpoint app submissionDouglas Dew, MD, MBA
 
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...CitiusTech
 
Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Levi Shapiro
 
4 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 20104 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 2010Ignacio Martínez
 
Healthcare IT Analysis
Healthcare IT AnalysisHealthcare IT Analysis
Healthcare IT AnalysisDraup
 
Growth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud SolutionsGrowth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud SolutionsKaty Slemon
 
Startup bootcamp 3
Startup bootcamp 3Startup bootcamp 3
Startup bootcamp 3ACCESS Health Digital
 
MDDS & NDHB Principles
MDDS & NDHB PrinciplesMDDS & NDHB Principles
MDDS & NDHB PrinciplesACCESS Health Digital
 
Scary acronyms
Scary acronymsScary acronyms
Scary acronymsDeven McGraw
 
Rise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcareRise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcareZymr Inc
 
PatientKey Investor Update
PatientKey Investor UpdatePatientKey Investor Update
PatientKey Investor UpdateKurt Ludwig
 
MEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journeyMEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journeyMEDx eHealthCenter
 
Emr anywhere stage ii submission
Emr anywhere stage ii submissionEmr anywhere stage ii submission
Emr anywhere stage ii submissionKey Management Group, Inc.
 
Open app challenge Phase 1 submission - kmg
Open app challenge Phase 1 submission - kmgOpen app challenge Phase 1 submission - kmg
Open app challenge Phase 1 submission - kmgKey Management Group, Inc.
 
FDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical ApplicationsFDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical ApplicationsMichael Swit
 
Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012Sam Walmsley
 
DHANA FINAL(1)
DHANA FINAL(1)DHANA FINAL(1)
DHANA FINAL(1)dhana lakshmi
 
Triad Ingenix Dossia Presentation
Triad Ingenix Dossia PresentationTriad Ingenix Dossia Presentation
Triad Ingenix Dossia PresentationRobert Horton
 
Transforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcareTransforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcareEnterprise Bot
 
Introduction - Cover Letter
Introduction - Cover LetterIntroduction - Cover Letter
Introduction - Cover LetterHina Bazta
 
The FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device CybersecurityThe FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device CybersecurityValdez Ladd MBA, CISSP, CISA,
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x TechnologyWebVisions
 
The Near Future of CSS
The Near Future of CSSThe Near Future of CSS
The Near Future of CSSRachel Andrew
 

More Related Content

What's hot

Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...CitiusTech
 
Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Levi Shapiro
 
4 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 20104 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 2010Ignacio Martínez
 
Healthcare IT Analysis
Healthcare IT AnalysisHealthcare IT Analysis
Healthcare IT AnalysisDraup
 
Growth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud SolutionsGrowth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud SolutionsKaty Slemon
 
Rise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcareRise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcareZymr Inc
 
PatientKey Investor Update
PatientKey Investor UpdatePatientKey Investor Update
PatientKey Investor UpdateKurt Ludwig
 
MEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journeyMEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journeyMEDx eHealthCenter
 
FDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical ApplicationsFDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical ApplicationsMichael Swit
 
Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012Sam Walmsley
 
Triad Ingenix Dossia Presentation
Triad Ingenix Dossia PresentationTriad Ingenix Dossia Presentation
Triad Ingenix Dossia PresentationRobert Horton
 
Transforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcareTransforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcareEnterprise Bot
 
Introduction - Cover Letter
Introduction - Cover LetterIntroduction - Cover Letter
Introduction - Cover LetterHina Bazta
 

What's hot (19)

Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
Artificial Intelligence - Potential Game Changer for Medical Technology Compa...
 
Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019
 
4 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 20104 UCAmI ISO9241-151 Valencia 2010
4 UCAmI ISO9241-151 Valencia 2010
 
Healthcare IT Analysis
Healthcare IT AnalysisHealthcare IT Analysis
Healthcare IT Analysis
 
Growth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud SolutionsGrowth of Healthcare Industry Kindled by Cloud Solutions
Growth of Healthcare Industry Kindled by Cloud Solutions
 
Startup bootcamp 3
Startup bootcamp 3Startup bootcamp 3
Startup bootcamp 3
 
MDDS & NDHB Principles
MDDS & NDHB PrinciplesMDDS & NDHB Principles
MDDS & NDHB Principles
 
Scary acronyms
Scary acronymsScary acronyms
Scary acronyms
 
Rise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcareRise of on demand apps and services in healthcare
Rise of on demand apps and services in healthcare
 
PatientKey Investor Update
PatientKey Investor UpdatePatientKey Investor Update
PatientKey Investor Update
 
MEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journeyMEDx.care 2.0 iot healthcare journey
MEDx.care 2.0 iot healthcare journey
 
Emr anywhere stage ii submission
Emr anywhere stage ii submissionEmr anywhere stage ii submission
Emr anywhere stage ii submission
 
Open app challenge Phase 1 submission - kmg
Open app challenge Phase 1 submission - kmgOpen app challenge Phase 1 submission - kmg
Open app challenge Phase 1 submission - kmg
 
FDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical ApplicationsFDA Regulation of Mobile Medical Applications
FDA Regulation of Mobile Medical Applications
 
Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012Regulation of health apps -A practical guide january 2012
Regulation of health apps -A practical guide january 2012
 
DHANA FINAL(1)
DHANA FINAL(1)DHANA FINAL(1)
DHANA FINAL(1)
 
Triad Ingenix Dossia Presentation
Triad Ingenix Dossia PresentationTriad Ingenix Dossia Presentation
Triad Ingenix Dossia Presentation
 
Transforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcareTransforming patient care with the power of ai in healthcare
Transforming patient care with the power of ai in healthcare
 
Introduction - Cover Letter
Introduction - Cover LetterIntroduction - Cover Letter
Introduction - Cover Letter
 

Viewers also liked

The FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device CybersecurityThe FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device CybersecurityValdez Ladd MBA, CISSP, CISA,
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x TechnologyWebVisions
 
The Near Future of CSS
The Near Future of CSSThe Near Future of CSS
The Near Future of CSSRachel Andrew
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad ReviewsGlassdoor
 
Classroom Management Tips for Kids and Adolescents
Classroom Management Tips for Kids and AdolescentsClassroom Management Tips for Kids and Adolescents
Classroom Management Tips for Kids and AdolescentsShelly Sanchez Terrell
 
The Buyer's Journey - by Chris Lema
The Buyer's Journey - by Chris LemaThe Buyer's Journey - by Chris Lema
The Buyer's Journey - by Chris LemaChris Lema
 
The Presentation Come-Back Kid
The Presentation Come-Back KidThe Presentation Come-Back Kid
The Presentation Come-Back KidEthos3
 

Viewers also liked (7)

The FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device CybersecurityThe FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
The FDA and BYOD, Mobile and Fixed Medical Device Cybersecurity
 
Activism x Technology
Activism x TechnologyActivism x Technology
Activism x Technology
 
The Near Future of CSS
The Near Future of CSSThe Near Future of CSS
The Near Future of CSS
 
How to Battle Bad Reviews
How to Battle Bad ReviewsHow to Battle Bad Reviews
How to Battle Bad Reviews
 
Classroom Management Tips for Kids and Adolescents
Classroom Management Tips for Kids and AdolescentsClassroom Management Tips for Kids and Adolescents
Classroom Management Tips for Kids and Adolescents
 
The Buyer's Journey - by Chris Lema
The Buyer's Journey - by Chris LemaThe Buyer's Journey - by Chris Lema
The Buyer's Journey - by Chris Lema
 
The Presentation Come-Back Kid
The Presentation Come-Back KidThe Presentation Come-Back Kid
The Presentation Come-Back Kid
 

Similar to RapidValue White Paper on Regulations and compliance for enterprise mHealth applications

how to develop healthcare app.pdf
how to develop healthcare app.pdfhow to develop healthcare app.pdf
how to develop healthcare app.pdfSophiaJasper
 
how to develop healthcare app.pdf
how to develop healthcare app.pdfhow to develop healthcare app.pdf
how to develop healthcare app.pdfSophiaJasper
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachAkshay Anand
 
A Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppA Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppAndolasoft Inc
 
How to develop healthcare app.docx
How to develop healthcare app.docxHow to develop healthcare app.docx
How to develop healthcare app.docxSophiaJasper
 
iOS App Development for Healthcare - Advanced Features and Cost
iOS App Development for Healthcare - Advanced Features and CostiOS App Development for Healthcare - Advanced Features and Cost
iOS App Development for Healthcare - Advanced Features and CostQSS Technosoft Inc.
 
Remote Patient Monitoring Software Development in Connecticut
Remote Patient Monitoring Software Development in ConnecticutRemote Patient Monitoring Software Development in Connecticut
Remote Patient Monitoring Software Development in Connecticutalexakent
 
Overcoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareOvercoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareAnyPresence
 
HIPAA Compliance Mobile App Development: A Complete Guide
HIPAA Compliance Mobile App Development: A Complete GuideHIPAA Compliance Mobile App Development: A Complete Guide
HIPAA Compliance Mobile App Development: A Complete GuideDashTechnologiesInc
 
free mHealth Checklist
free mHealth Checklistfree mHealth Checklist
free mHealth ChecklistDemet G. Sag
 
How to Build a Successful Healthcare App Development Company.docx.pdf
How to Build a Successful Healthcare App Development Company.docx.pdfHow to Build a Successful Healthcare App Development Company.docx.pdf
How to Build a Successful Healthcare App Development Company.docx.pdfTechugo
 
Improving Healthcare App Development- Reasons Why You Should Invest in it.
Improving Healthcare App Development- Reasons Why You Should Invest in it.Improving Healthcare App Development- Reasons Why You Should Invest in it.
Improving Healthcare App Development- Reasons Why You Should Invest in it.Techugo
 
Whats driving growth in telemedicine and software testing trends
Whats driving growth in telemedicine and software testing trends Whats driving growth in telemedicine and software testing trends
Whats driving growth in telemedicine and software testing trends Concetto Labs
 
mHealth Israel_Digital Health_The Regulatory Landscape 2017
mHealth Israel_Digital Health_The Regulatory Landscape 2017mHealth Israel_Digital Health_The Regulatory Landscape 2017
mHealth Israel_Digital Health_The Regulatory Landscape 2017Levi Shapiro
 
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfImproving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfTechugo
 
Telemedicine App Development: Types, Features, Technologies, Benefits, and Cost
Telemedicine App Development: Types, Features, Technologies, Benefits, and CostTelemedicine App Development: Types, Features, Technologies, Benefits, and Cost
Telemedicine App Development: Types, Features, Technologies, Benefits, and CostDashTechnologiesInc
 
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfImproving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfTechugo
 
Empowering Healthcare: The Evolution of Healthcare App Development Services
Empowering Healthcare: The Evolution of Healthcare App Development ServicesEmpowering Healthcare: The Evolution of Healthcare App Development Services
Empowering Healthcare: The Evolution of Healthcare App Development ServicesElina619459
 
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdf
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdfHow to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdf
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdfMariaMurphy57
 
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdf
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdfEmpowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdf
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdfKathy Miller
 

Similar to RapidValue White Paper on Regulations and compliance for enterprise mHealth applications (20)

how to develop healthcare app.pdf
how to develop healthcare app.pdfhow to develop healthcare app.pdf
how to develop healthcare app.pdf
 
how to develop healthcare app.pdf
how to develop healthcare app.pdfhow to develop healthcare app.pdf
how to develop healthcare app.pdf
 
Mobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory ApproachMobile Medical Apps and FDA Regulatory Approach
Mobile Medical Apps and FDA Regulatory Approach
 
A Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppA Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare App
 
How to develop healthcare app.docx
How to develop healthcare app.docxHow to develop healthcare app.docx
How to develop healthcare app.docx
 
iOS App Development for Healthcare - Advanced Features and Cost
iOS App Development for Healthcare - Advanced Features and CostiOS App Development for Healthcare - Advanced Features and Cost
iOS App Development for Healthcare - Advanced Features and Cost
 
Remote Patient Monitoring Software Development in Connecticut
Remote Patient Monitoring Software Development in ConnecticutRemote Patient Monitoring Software Development in Connecticut
Remote Patient Monitoring Software Development in Connecticut
 
Overcoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareOvercoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in Healthcare
 
HIPAA Compliance Mobile App Development: A Complete Guide
HIPAA Compliance Mobile App Development: A Complete GuideHIPAA Compliance Mobile App Development: A Complete Guide
HIPAA Compliance Mobile App Development: A Complete Guide
 
free mHealth Checklist
free mHealth Checklistfree mHealth Checklist
free mHealth Checklist
 
How to Build a Successful Healthcare App Development Company.docx.pdf
How to Build a Successful Healthcare App Development Company.docx.pdfHow to Build a Successful Healthcare App Development Company.docx.pdf
How to Build a Successful Healthcare App Development Company.docx.pdf
 
Improving Healthcare App Development- Reasons Why You Should Invest in it.
Improving Healthcare App Development- Reasons Why You Should Invest in it.Improving Healthcare App Development- Reasons Why You Should Invest in it.
Improving Healthcare App Development- Reasons Why You Should Invest in it.
 
Whats driving growth in telemedicine and software testing trends
Whats driving growth in telemedicine and software testing trends Whats driving growth in telemedicine and software testing trends
Whats driving growth in telemedicine and software testing trends
 
mHealth Israel_Digital Health_The Regulatory Landscape 2017
mHealth Israel_Digital Health_The Regulatory Landscape 2017mHealth Israel_Digital Health_The Regulatory Landscape 2017
mHealth Israel_Digital Health_The Regulatory Landscape 2017
 
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfImproving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
 
Telemedicine App Development: Types, Features, Technologies, Benefits, and Cost
Telemedicine App Development: Types, Features, Technologies, Benefits, and CostTelemedicine App Development: Types, Features, Technologies, Benefits, and Cost
Telemedicine App Development: Types, Features, Technologies, Benefits, and Cost
 
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdfImproving Healthcare App Development Reasons Why You Should Invest in it.pdf
Improving Healthcare App Development Reasons Why You Should Invest in it.pdf
 
Empowering Healthcare: The Evolution of Healthcare App Development Services
Empowering Healthcare: The Evolution of Healthcare App Development ServicesEmpowering Healthcare: The Evolution of Healthcare App Development Services
Empowering Healthcare: The Evolution of Healthcare App Development Services
 
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdf
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdfHow to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdf
How to Make a Healthcare App Like Doctors On Demand A Detailed Guide.pdf
 
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdf
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdfEmpowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdf
Empowering Wellness_ The Ultimate Guide to Healthcare Software Development!.pdf
 

Recently uploaded

College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...
College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...
College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...perfect solution
 
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Dehradun Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore EscortsVIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escortsaditipandeya
 
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...narwatsonia7
 
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...Dipal Arora
 
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service Available
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service AvailableCall Girls Gwalior Just Call 8617370543 Top Class Call Girl Service Available
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service AvailableDipal Arora
 
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls Delhi
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls DelhiRussian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls Delhi
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls DelhiAlinaDevecerski
 
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...jageshsingh5554
 
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Bareilly Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Service
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort ServicePremium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Service
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Servicevidya singh
 
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Faridabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Ooty Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...chandars293
 
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...astropune
 
Chandrapur Call girls 8617370543 Provides all area service COD available
Chandrapur Call girls 8617370543 Provides all area service COD availableChandrapur Call girls 8617370543 Provides all area service COD available
Chandrapur Call girls 8617370543 Provides all area service COD availableDipal Arora
 
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...Call Girls in Nagpur High Profile
 
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...indiancallgirl4rent
 
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...Dipal Arora
 
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service AvailableDipal Arora
 

Recently uploaded (20)

College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...
College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...
College Call Girls in Haridwar 9667172968 Short 4000 Night 10000 Best call gi...
 
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Dehradun Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Dehradun Just Call 9907093804 Top Class Call Girl Service Available
 
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore EscortsVIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
VIP Call Girls Indore Kirti 💚😋 9256729539 🚀 Indore Escorts
 
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
Bangalore Call Girls Nelamangala Number 7001035870 Meetin With Bangalore Esc...
 
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...
Best Rate (Guwahati ) Call Girls Guwahati ⟟ 8617370543 ⟟ High Class Call Girl...
 
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service Available
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service AvailableCall Girls Gwalior Just Call 8617370543 Top Class Call Girl Service Available
Call Girls Gwalior Just Call 8617370543 Top Class Call Girl Service Available
 
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls Delhi
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls DelhiRussian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls Delhi
Russian Escorts Girls Nehru Place ZINATHI 🔝9711199012 ☪ 24/7 Call Girls Delhi
 
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...
VIP Service Call Girls Sindhi Colony 📳 7877925207 For 18+ VIP Call Girl At Th...
 
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Bareilly Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Bareilly Just Call 9907093804 Top Class Call Girl Service Available
 
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Service
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort ServicePremium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Service
Premium Call Girls Cottonpet Whatsapp 7001035870 Independent Escort Service
 
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Coimbatore Just Call 9907093804 Top Class Call Girl Service Available
 
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Faridabad Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Faridabad Just Call 9907093804 Top Class Call Girl Service Available
 
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Ooty Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ooty Just Call 9907093804 Top Class Call Girl Service Available
 
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...
The Most Attractive Hyderabad Call Girls Kothapet 𖠋 6297143586 𖠋 Will You Mis...
 
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...
♛VVIP Hyderabad Call Girls Chintalkunta🖕7001035870🖕Riya Kappor Top Call Girl ...
 
Chandrapur Call girls 8617370543 Provides all area service COD available
Chandrapur Call girls 8617370543 Provides all area service COD availableChandrapur Call girls 8617370543 Provides all area service COD available
Chandrapur Call girls 8617370543 Provides all area service COD available
 
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...
Book Paid Powai Call Girls Mumbai 𖠋 9930245274 𖠋Low Budget Full Independent H...
 
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...
(Rocky) Jaipur Call Girl - 09521753030 Escorts Service 50% Off with Cash ON D...
 
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...
Call Girls Visakhapatnam Just Call 9907093804 Top Class Call Girl Service Ava...
 
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 9907093804 Top Class Call Girl Service Available
 

RapidValue White Paper on Regulations and compliance for enterprise mHealth applications

  • 1. Regulations and compliance for enterprise mHealth applications
  • 2. Contents Mobilizing healthcare applications 4 Security Concerns and Challenges 5 Defining the application – 'Does your mobile app need FDA approval? 6 Secure your mobile app – Understanding HIPAA compliances 8 A.Assess the user base B.Design a strategy C.Deploy and Manage Conclusion 13 About Us RapidValue is a leading international professional services firm focused on building and managing highly scalable mobile and cloud applications for business. RapidValue was founded in 2008 by senior executives from Deloitte, IBM, Oracle, and Infosys to enable enterprises to deploy disruptive solutions in consumer and enterprise mobility. RapidValue delivers its services to companies throughout the world and has offices in United States and India. RapidValue has deployed numerous mHealth solutions in the healthcare industry for leading hospitals and software companies in the world. Our industry experts have helped companies take the big next step in implementing mobility solutions and improve the overall quality of patient care. For more information about RapidValue: Visit us online at www.rapidvaluesolutions.com Visit our blog at www.rapidvaluesolutions.com/blog © RapidValue 2012 | www.rapidvaluesolutions.com
  • 3. Healthcare organizations and software firms looking to make investments in mobile applications need to assess implications of HIPAA and FDA in order to protect patient health information and ensure compliances are met. This document outlines some of the key evaluation criteria on regulations and security considerations in healthcare sector that need to be addressed while implementing mobility applications. © RapidValue 2012 | www.rapidvaluesolutions.com
  • 4. mHealth market 2015: 500m people will be using healthcare smartphone applications (research2guidance, November 2010 report) Mobilizing healthcare applications The rapid explosion of mobile platforms and adoption of smart devices have provided greater flexibility and opportunity for physicians and other staff at hospitals to deliver real-time information at the Point of care. Mobile healthcare, or what is more commonly called as mHealth, has created 'a channel to facilitate, communicate and deliver healthcare services via mobile communication devices'. Over the last few months, increasing number of mHealth apps have gained traction that help physicians and other healthcare providers to keep track of reference drugs, monitor patient health records and status, and also manage schedules. While this provides a plethora of opportunities and possibilities for healthcare organizations to reduce costs and improve efficiency, this increased mobility has created new challenges towards healthcare IT. This guide will provide a simple prescription to IT teams to assess and identify basic requirements and help healthcare organizations reduce risk, improve operational efficiencies and achieve compliance goals enabling them to provide a higher quality of patient care. The whitepaper combines industry's best practices along with RapidValue's experience in implementing solutions for many customers. 4 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 5. Security concerns and challenges The influx and usage of mobile devices have threatened the traditional policies and processes towards security. The mode of data transmission over the last few years through client/server approaches and fixed-line infrastructures have been obsoleted with mobile devices accessing corporate resources and applications from anywhere, cloud services, remote mobile desktops and social networks. As more sensitive information is being fed into mobile applications and into the network cloud in general, the complete security, privacy and regulatory compliance of such information must be assured. Since security breaches are not uncommon in any industry, the healthcare industry has mandated a few regulations and compliansces to ensure patient information is safe. HIPAA (Health Insurance Portability and Accountability Act) - HIPAA in correlation with PHI (Protected Health Information) requires health care organizations ensure that applications are secure, and that sensitive patient and business data is protected when in use, during transmission, or when stored in a mobile device. FDA regulations - Federal Food, Drug, and Cosmetic Act requires that any stand-alone device or an accessory (software applications) that is directly consumed by the end user is subjected to regulations and approval by the FDA. HITECH (Health Information Technology for Economic and Clinical Health) Act - HITECH is part of the American Recovery and Reinvestment Act of 2009 (ARRA). The HITECH Act is intended to encourage more effective and efficient healthcare through the use of technology, like implementing electronic health records (eHR), thereby reducing the healthcare costs and enabling greater access to the system. It aims to address the privacy and security concerns associated with the electronic transmission of health information 5 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 6. Defining the application – 'Does your mobile app need FDA approval?’ One of the key steps in defining the security compliance strategy for your mobile app is to determine whether the application requires FDA approval. FDA clearance is typically required for apps that are involved in diagnosis, treatment, cure or mitigation of a device. A few examples are given below: Standalone device – Device in finished form, perhaps ready to use with accessories with an intended sale to end-user. Example: iPod touch integrated with an external device to view the blood pressure of a patient. FDA clearance – Yes, requires assessment for exemption Accessory – Software/articles within a standalone device intended for use by end-user. Example: a) An app that is used by a patient to download information from a blood glucose meter. B) An app focused on helping people with weight loss and everyday management of diabetes. FDA clearance - Requires assessment for the type of application On the other hand, applications that are informational and reference-only do not require FDA approvals. So how do we really know if the app developed will be subjected to FDA approval or not? Based on research and experience over the years, we at RapidValue suggest performing an evaluation on the below set of questions for the app not to be subjected to FDA approval Possible considerations for app not being Brainstorm and evaluate subject to FDA approval 1 How is the data going to be Make sure the data to the app is input/entered into the app? Entered manually Not connected to external device/machine through which it receives data Does not require physical contact with the patient specimen 6 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 7. 2 What is the output of the app The output Should not connect to any other device and guide with any instruction. Should only interpret the input and provide meaningful data to the patient Should not cure/mitigate/treat the patient. 3 Does the app provide real-time The app should not updates of a patient? Monitor the patient in real-time Notify users on alarms about the physical condition of a patient Patient-specific result using processing algorithms 4 RapidValue's assessment Typical Apps that do not need approval Wellness related app like track/log/record food habits, physical fitness exercise Medical reference application Medical EHRs/PHRs Apps that improve efficiency like mobile hospital management care (mHMC), workflow management Practice-management applications like track billing, determine medical billing codes, remote physician consultation (mPrescribing) and appointments, Apps that need approval PACS apps (Picture Archiving and Communication Systems) that display radiological images for diagnosis is classified under class II PACS like X-rays scan reports. Monitor blood pressure of patient, display heartbeat of a patient, attachments of ECG reports , device connected to patient to monitor sleep pattern 7 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 8. Secure your mobile app - Understanding HIPAA compliances For any healthcare application, security and compliance go hand in hand and it is absolutely essential to adopt all healthcare compliances and regulations including HIPAA, HITECH, ITRF Regulation or PCI/PHI compliances governing the Healthcare sector. While a technical architect or product manager takes the decision of whether an application is subjected to FDA regulation, compliances and security need to be incorporated by the development team building the application. Below are the key steps in ensuring a design that addresses compliance and regulation requirements. A. Assess the user base Unlike applications that run on desktop environments where majority of systems run on a single platform/operating system, the market share of mobile platforms is pretty fragmented and Brainstorm Diagnose 1 What is the type of user-group Is the application going to be accessed that will access the application? by consumers? Is it an enterprise-application, which will be accessed only by employees of the organization? 2 Mobile platforms On what platforms does the mobile application need to be supported? iOS (Apple), Android, Blackberry, Windows or All? 3 Server requirements Is the application a stand-alone app or does it communicate with backend server for data synchronization? What will be the application usage at most times? Will the application be accessed and used by large user base? We need to ensure bandwidth of the server handles Assessing information on the above questions will help the IT team to strategize and tailor unique security policies on corporate servers constantly accessed by wireless devices 8 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 9. B. Design a strategy Over the very few years of inception, smartphones have got smarter and powerful by the year with the capabilities of communicating through multiple channels combined with significant processing power and large storage capabilities. Hence these devices have become the easiest threat to data vulnerability and security compared to laptops. Access to data through external entities (hacking/ theft) Exposure of Loss of device device to Malware Primary risk Areas The Center for Medicare and Medicaid Services (CMS), which oversees HIPAA security rule enforcement, has published a 'HIPAA Security Guidance for Remote Use of and Access to Electronic Protected Health Information' to help organizations determine the best way to protect ePHI available to mobile device users. Our framework of implementing a secure mobile application is based around the CMS guidance with recommendations from a development and implementation perspective. 9 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 10. 1. Secure your device: Make sure the mHealth application requires a set of unique credentials (username and password) to access the application Risk scenario: Login credentials are lost/stolen, which could potentially result in unauthorized access to view/modify ePHI. Solution. a) Implement a two-factor authentication for granting remote access to systems that contain ePHI. Other than username and password, Create a security question like 'Which city you were born’ Create a four-digit security code that will always be requested when the application has been inactive for a specific period of time. The four-digit security code can be used for logging into the application when device i in offline mode. a) Access to application using a VPN client connection through 'Cisco anytime connect' or 'RSA secure ID'. b) Password protection rules such as 6 character pin, expirations, failure thresholds, data wipe after failure. c) Implement a technical process for creating unique user names and performing authentication when granting remote access to a workforce member. d) Set up devices to automatically lock after a specified period of inactivity. e) Whenever a device is stolen, the 'IT help desk' should be notified on the same and a user- interface should be provided on the backend system for the representative to de-register the username. 2. Secure your data: Make sure the data sent to the mobile application is secure on the device as well as during transmission. Risk scenario: Hacking the network or a mobile device from unprotected access points (like hotel business center, airport) is a growing concern and can potentially result in loss of ePHI data Solution: a) Prevent downloading and storing of ePHI data on the device whenever possible. Ensure the data when downloaded is operationally justifiable. b) Minimize caching of data on browsers for web-based applications. c) Implement strong encryption solutions (validated encryption AES256 & Triple DES), for transmission of ePHI using SSL (Secure Socket Layer) as the minimum requirement for mHealth applications. d) Create policies to prevent use of and/or encrypt SD cards and other removable media on mobile devices. a) Ensure that the server to which all web-services request are sent/received from the mobile devices is firewall protected. 10 4 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 11. f) Ability to perform 'Remote wipe-off' from the server to delete ePHI data from the device. Remote wipe-off can be designed in any of the following ways. Monitor the application 'Agent' continuously during online/offline activities and perform remote wipe-off from the server for suspicious activities. Monitor application 'Agent' during online activities and perform remote wipe-off from the server. If 'Agent' cannot be tracked during offline mode, the data on the device should be deleted for inactive activity of application for about '5' days. 4 11 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 12. C. Deploy and manage Once the development team implements the application with the compliances discussed above, the next step is in assessing how to deploy the application and manage them over subsequent releases and upgrades. For applications that are not going to be used by consumers but rather within the organization employees, we recommend rolling out using the enterprise distribution model, through which users have access to and download the recommended enterprise apps, receive them in a secure way over-the-air (OTA), and are alerted to and download updates when available. Moreover organizations can leverage this feature to keep an accurate inventory of the mobile apps that are installed at any given time, and be able to monitor them by device and user groups. While there is a significant concern about application vulnerability, integrity and user privacy in Apple app store and Android market, we believe that implementing some of the below security measures will strengthen the compliance policies significantly. 1.Develop processes to ensure backup of all ePHI data sent/received to the mobile are preform on the server side regularly. 2.For enterprise controlled apps/devices, apply Over-the-Air (OTA) provisioning and management of smartphones. 3.Scan for suspicious activities and malware on server network platform regularly. 4.Ensure workforce is appropriately trained on policies and also on the application usage that require accessing any ePHI data. Recommend users to search for and delete any files intentionally or unintentionally saved to external devices. 5.Perform regular internal HIPAA audits when an application is planned for an upgrade to include new enhancements/bug fixes. 4 12 © RapidValue 2012 | www.rapidvaluesolutions.com
  • 13. Conclusion When considering the trends towards adoption of different digital technologies, today's healthcare organizations are faced with enormous challenges of compliance and regulation. As we have witnessed recently over the years, personal information theft have proven to be costly for organizations, loosing their credibility and being forced out of business. With robust auditing required for HIPAA security compliance, IT groups can no longer ignore mobile devices in their security policy implementation. Companies looking to develop mHealth solutions should look to leverage their existing IT infrastructure, policies, and services and ensure that newer technologies are seamlessly integrated and add significant value to the organization by providing quality care for their patients. Disclaimer This white paper brings out the evaluation criteria of mobile health apps related to FDA and HIPAA compliance aspects based on our research, analysis and understanding. Any architectural assessment and/or design decisions related to the above policies should not be implemented based solely on the recommendations in the document. RapidValue shall have no liability for any direct, incidental, or consequential damages suffered by any third party as a result of decisions/actions taken, or not taken, based on this document. 13 © RapidValue 2012 | www.rapidvaluesolutions.com