Why mHealth apps require risk assessment, framework prior to use

Mobile healthcare apps pose "significant potential for harm," and require the development of a risk assessment model as well as a framework for supporting clinical use of apps, according to a new study by Warwick Medical School researchers.

The study, published in the Journal of Medical Internet Research, reveals risk to patient safety and professional reputation are valid and require mitigating steps before widespread use of apps takes root within healthcare.

"Identification of all the different kinds of risk and of key variables that influence risk are key stages in the development of a risk assessment model, which should also take into account app complexity and the probability of harm," according to the study, which also notes education efforts for health practitioners about risks needs to begin soon before patients are harmed by the use of a medical app. A lack of education is the biggest threat to patient safety, the study says.

"We think in the vast majority of cases, it is probably the actions of a user resulting from a specific app that leads to harm, rather than the app itself," write the researchers, who recommend further study on the recognition and mitigation of medical app risk." The outlook for medical apps in healthcare is bright once their quality and safety can be "reliably assessed and managed," according to the researchers.

The research arrives as lawmakers and app industry groups grapple with the issue of regulatory oversight on apps while at the same time not thwarting innovation. Two congressmen are asking the Department of Health and Human Services to develop "clear, easily accessible and up to date regulatory guidance" regarding apps and requesting the agency to update online technical compliance. Security and privacy remain top concerns as well as mobile app privacy policies are hard to find, and those in place are not providing transparency on privacy practices and more than half aren't focused software, according to a new study.

The Warwick study researchers suggest identifying various risks medical apps bring into play and the creation of a model to assess such risks. Without these steps the "vast majority" of apps are accessible without any form or regulation or safety check.

"Developing a formal risk assessment framework for mobile medical apps should enable us to reduce the 'residual risk' (exposure to loss remaining after all other known risks have been countered, factored in, or eliminated) by recognizing and implementing a range of possible safety measures in future app development, procurement, and regulation models," note the researchers.

To learn more:
- read the study

Related Articles:
Lawmakers lobby feds to update regulatory guidance for mHealth apps
Mobile app privacy practices scarce, lack transparency
NIST looks for public comment on mobile app vetting draft guidance