SlideShare a Scribd company logo

mHealth App: Balancing Agility, Risks, and Regulatory Compliance

H
huynh_victor

Overview on the risks and regulatory requirements related to mobile Health (mHealth) Apps and Wearables

Health & Medicine
1 of 28
Achieve Business Agility in mHealth Development While Ensuring Compliance with Regulatory Requirements Victor Huynh, CISSP November 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit Princeton, NJ
Disclaimer Nov. 16, 2016 The opinions expressed in this presentation are based on the personal experience of the presenter. They do not represent the approach, policy, or practice of any particular organization that is currently affiliated with the author. 2 2nd Annual Life Science Mobile Medical Apps Summit
Agenda • The mHealth Universe • The mHealth Regulatory Landscape o Medical Device Regulations (FDA, MHRA, EMEA, etc.) o CE Mark (ISO 13485, ISO 14971, ISO 80001, etc.) o Privacy Regulations (FTC, HIPAA, EU Data Protection, etc.) • Classification of mHealth • Multi-compliance Risk Management for mHealth • Effective Design Controls for mHealth • Data Privacy Issues Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 3
The mHealth Universe • B2C business model o 90,055 mHealth for iOS* • Digital Marketing apps • Wearable accessory apps • Medical Device accessory apps • Stand-alone to complex ecosystem • Customers’ expectations and ratings • Patient’s safety and privacy • Fluid regulatory environment Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 4 * IMS Institute for Healthcare Informatics, 2015
The mHealth Universe – Consumer Sentiment* • 45.7% of mHealth app users discontinue the use • Reason for discontinuation o Too much time to enter data (44.5%) o Loss of interest (40.5%) o Hidden cost (36.1%) o App confusing to use (32.8%) o Data privacy concern (29%) * NIH National Survey of mHealth Apps, 2015 Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 5
Evolution of Mobile Health Apps and Devices Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 6 2013 2014
Evolution of Mobile Health Apps and Device Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 7 2015 2016 -
Making of a Complex mHealth App supporting a Medical Device Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 8 Self-monitoring Device maintenance PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device The Patient Predictive conditions Prescriptive changes Device maintenance Physician Portal The Physician The Device Manufacturer Monitoring Troubleshooting, CAPA Engineering IaaS Servers, databases, application
Impact of Regulatory Requirements Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 9 PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device Physician Portal IaaS Servers, databases, application QSR, MDD, IVDD QSR, MDD, IVDD FTC Security HIPAA HIPAA QSR, MDD, IVDD ISO 13485 ISO 14971 ISO 13485 ISO 14971 ISO 13485 ISO 14971 ISO 80001 EU Data Protection FTC Security HIPAA Where is my data? Is it safe? Is it secret? Will it work? Covered Entity? Who’s responsible? Is the data accurate? How to comply? How to manage risk? How to make it usable? How to deploy it fast? FTC Security
Regulatory Environment for mHeath • Medical Device Regulations o U.S. 21 CFR Part 820, 807, 803, etc. • Mobile Medical Applications Guidance • Postmarket Management of Cybersecurity in Medical Devices o EU Medical Device Directive MDD 93/42/EEC, IVDD 98/79/EC • MHRA Medical Device Stand-alone Software Including Apps o CE Marking (EU and non-US markets) • ISO 13485, Medical Device Quality Management System • ISO 14971, Medical Device Risk Management • ISO 80001, Application of Risk Management for IT-networks incorporating medical devices • Data Privacy Regulations o FTC Security Principles for the Internet of Things, FTC Notice/Consent & Security o HIPAA Security Rules o EU Data Protection Directive 95/46/EC Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 10
Challenges of mHealth Apps and Devices • Consumers’ sentiment and likes o Strong initial uptakes but could fizzle (e.g., Pokemon Go) o Well liked until a poor update released (e.g., Fitbit vs. Edmodo) • Security Breach on 6 o’lock news (e.g., Starbuck) • Privacy Minefield (HIPAA, FTC, EU Data Protection, etc.) • Device Safety and Device Regulations o Digital Marketing has no exposure to device regulations o Product R&D has no exposure to cybersecurity risks affecting device safety o Neither has knowledge of data privacy • Poorly managed mHealth Program would impact brand image Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 11
A Study of 211 mHealth Apps by JAMA Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 12 Source: JAMA, Privacy Policies of Android Diabetes Apps and Sharing of Health Information, March 8, 2016
Overall Process for Effective Management of mHealth Development Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 13 Classification Risk Assessment Design Control Release Support Mgmt. • Regulated mHealth App • Direct Impact • Indirect Impact • EU Class I/II • Non-Regulated mHealth App • Non-R. mHealth • Data Privacy • Promotional • R. mHealth • Patient Safety • Effectiveness • 3rd Party • Cybersecurity • Data Privacy • Promotional • Non-R. mHealth • SDLC • Software Quality • R. mHealth • 3rd Party Controls • SDLC • Design Verification • Design Validation • Security Design • Risk Mgmt. Plan • R. mHealth • Complaints • CAPA • 3rd Party Audits • Etc.
mHealth App Classification • Statement of intended use is key (instruction, promotional materials, etc.) • Georgraphical location is critical (U.S., EU, etc.) • Participation from key stakeholders is essential o R&D / Product Development o Quality Assurance o Information Security / IT Compliance / IT Risk Management o Legal, Regulatory o Commercial / Digital Marketing • Classification Framework o Based on MHRA and FDA Guidance Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 14
mHealth Device App Classification (MHRA) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 15
mHealth App Classfication (FDA) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 16 Not a Regulated mHealth App Control device? Analyze device data? Active patient monitor? Extend functionality of medical device? Provide diagnostic? Recommend treatment? Yes Yes Yes No Directly Regulated mHealth App No Help patients to self managed disease w/o treatment suggestion? Help patients to track, access, organize, interact with e-PHI? HCP interaction? Secondary display of device data? Indirectly Regulated mHealth App No No Yes No Yes Yes
mHealth App Classification Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 17 EU Class II App EU Class I mHealth App US Directly Regulated mHealth App U.S. Indirectly Regulated mHealth App Complex IT eco-system? Yes Basic Design Control & Risk Management Framework ISO Self- certification • 21 CFR Part 807 • 21 CFR Part 812/814 • 21 CFR Part 820 • 21 CFR Part 803 • 21 CFR Part 11 • ISO 13485 • ISO 14971 • ISO 80001 • EU MDD • EU IVDD Self CE Marking ISO Self- certification CE Marking
mHealth App Risk Management • Risks to device safety and privacy • Device safety also affected by cybersecurity and availability for complex ecosystem mHealth apps • Leveraging key partners to identify, evaluate, and control risks: o Information Security for cybersecurity risks o IT Enterprise Architecture for technology risks o Legal / Compliance for data privacy risks o Quality / Compliance for 3rd Party risks • Leveraging IT Enterprise Architecture to manage technology risks Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 18
mHealth Risk Assessment & Management Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 19 Device Risk Management Plan Intended Use Hazards Identification Risk Evaluation Risk Controls Standard ISO 14971 Device Risk Management Framework IT Security Threats Vectors / Vulnerabilities Security Risk Evaluation FTC Security Guide / Doctrine HIPAA Security Rules* IT Risk Management Plan Technical / Quality Agreement Cloud Service Provider Risk Controls FDA Cybersecurity Guidance Standard ISO 80001 IT-network Risk Management Framework Device Design Controls and Quality System External Compliance Requirements IT Risk Management & Quality System
Example of Security Risk Evaluation Matrix Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 20
Design Controls for Regulated mHealth App • More about software and security than traditional medical devices • Leverage IT expertise to build and deploy successful regulated mHealth App o IT Enterprise Architecture – technology to support the current and growth of the app o Information Security – risk identification, vulnerability assessment, and technical controls to safe guard the app and user’s data • Use internal Quality Agreement / Technical Agreement to allow inclusion of IT activities into Design Controls Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 21
Medical Device Quality System Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 22 Management Control CAPA & Device Reporting, Tracking Production & Process Control Facility & Equipment Control Records & Change Control Material Control Design Control • General Requirements • Design & Development Planning • Design Input • Design Output • Design Review • Design Verification • Design Validation • Design Changes • Design Transfer • Design History File Applicable for Regulated mHealth Apps based on classification and risks
Design Control for Regulated mHealth Apps Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 23 Design Input Design Output Design Review Design Verification / Validation Design Design Transfer Standard ISO 13485 Medical Device Quality System / Design Controls Security Technical Standards Security / EA Technical Review Security Vulnerability Code Scanning App Store Deployment Quality Agreement between IT and Device Design Control Enterprise Architecture Standards IT Infrastructure Standards Based on the framework and principles of ISO 80001 and ISO 27001
Data Privacy • Involvement of Legal and Privacy Office • Important of Data Flow Mapping to identify PII and PHI • HIPAA authorization from Covered Entities for PHI data • FTC legal authority to regulate app security under unfairness doctrine (unfair or deceptive practices by business) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 24
Data Privacy and mHealth Apps Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 25 PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device Physician Portal IaaS Servers, databases, application User’s Personal Identifiable Information Patient Health Information FTC Regulates under Unfairness Doctrine* * FTC v. Wyndham Worldwide Corp. – court affirmed FTC’s juridiction to regulate data security. FTC notice / consent & security FTC notice / consent & security FTC notice / consent & security HIPAA BA HIPAA BA HIPAA Authorization
Data Privacy – FTC Security Principles • Start with Security by Design o Don’t Collect PII if not needed o Hold on to PII only as long as legimitate business needs • Control Access to PII o Restrict access to employees and limit admin access • Use Secure Passwords and Authentication o Complex passwords, keep passwors secured o Guarding against brute force attack / authentication bypass • Secure PII in transit and at rest with industry-tested methods • Segmentation and monitoring network • Secure remote access to network • Train developers in current secured coding / practices • Include security in 3rd Party Contracts and audit for compliance • Have information security SOPs and dispose PII securely 26
Examples of FTC Enforcement under Unfairness Doctrine • FTC v. RockYou (collections of PII during registration not demonstrated by business need and store PII in clear text) • FTC v. Guidance Software (store user credentials in clear text) • FTC v. Twitter (failure to guard against bruce force attack) • FTC v. Twitter (almost all employees has admin access) • FTC v. Twitter (no security policy prohibited employees from storing admin passwords in plain text in personal email accounts) • FTC v. Fandago (improper use of SSL encryption in mobile app) • FTC v. Upromise (failure to audit 3rd party developer for compliance) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 27
Questions & Answers Nov. 16, 2016 28 Email: huynh_victor@allergan.com 2nd Annual Life Science Mobile Medical Apps Summit www.linkedin.com/in/victorhuynh

Recommended

RPM Market Leadership
RPM Market LeadershipRPM Market Leadership
RPM Market LeadershipAnthony Fanning
 
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...IMS Health Italia
 
RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™CPaschal
 
PatientKey Investor Update
PatientKey Investor UpdatePatientKey Investor Update
PatientKey Investor UpdateKurt Ludwig
 
eHealth & IOE(The Internet Of Engagement)
eHealth & IOE(The Internet Of Engagement)eHealth & IOE(The Internet Of Engagement)
eHealth & IOE(The Internet Of Engagement)Cheryl Tulkoff
 
Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Levi Shapiro
 
Overview on healthcare applications
Overview on healthcare applicationsOverview on healthcare applications
Overview on healthcare applicationsVishal Bhatia, Mobile and Web Apps
 
WazzApp Marketing Management Proposal
WazzApp Marketing Management Proposal WazzApp Marketing Management Proposal
WazzApp Marketing Management Proposal Elva Sarte
 

Recommended

RPM Market Leadership
RPM Market LeadershipRPM Market Leadership
RPM Market LeadershipAnthony Fanning
 
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...
Big data e social media nel Pharma - IMS Health Italia @Aboutpharma Digital S...IMS Health Italia
 
RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™RiskWatch for HIPAA Compliance™
RiskWatch for HIPAA Compliance™CPaschal
 
PatientKey Investor Update
PatientKey Investor UpdatePatientKey Investor Update
PatientKey Investor UpdateKurt Ludwig
 
eHealth & IOE(The Internet Of Engagement)
eHealth & IOE(The Internet Of Engagement)eHealth & IOE(The Internet Of Engagement)
eHealth & IOE(The Internet Of Engagement)Cheryl Tulkoff
 
Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Catalog of Companies_mHealth Israel at AdvaMED 2019
Catalog of Companies_mHealth Israel at AdvaMED 2019Levi Shapiro
 
Overview on healthcare applications
Overview on healthcare applicationsOverview on healthcare applications
Overview on healthcare applicationsVishal Bhatia, Mobile and Web Apps
 
WazzApp Marketing Management Proposal
WazzApp Marketing Management Proposal WazzApp Marketing Management Proposal
WazzApp Marketing Management Proposal Elva Sarte
 
Marketing project final
Marketing project finalMarketing project final
Marketing project finalJamie Jackson
 
7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPS7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPSMpower Medical Inc
 
Mobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworksMobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworksszabolcs budahazy
 
Lifesciences2020
Lifesciences2020Lifesciences2020
Lifesciences2020MobileMan
 
Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia AndreaGarciaAguirre1
 
mHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs KodakmHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs KodakJoseph Pategou
 
Understanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsUnderstanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsEMMAIntl
 
lauren_rosen_compliance_article
lauren_rosen_compliance_articlelauren_rosen_compliance_article
lauren_rosen_compliance_articleLauren Rosen
 
MobileHealth_Shrestha
MobileHealth_ShresthaMobileHealth_Shrestha
MobileHealth_ShresthaShristina Shrestha
 
Pharma apps by ARworks
Pharma apps by ARworksPharma apps by ARworks
Pharma apps by ARworksszabolcs budahazy
 
Physio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspectivePhysio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspectiveGadi Ginot
 
Agua y luz
Agua y luzAgua y luz
Agua y luzalexandra salazar
 
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...TGA Australia
 
Fundarsköp
FundarsköpFundarsköp
FundarsköpGunnar Jónatansson
 
Medical Device Regulations
Medical Device RegulationsMedical Device Regulations
Medical Device RegulationsLaura Faulconer
 
Presentation: Manufacturing medical devices
Presentation: Manufacturing medical devicesPresentation: Manufacturing medical devices
Presentation: Manufacturing medical devicesTGA Australia
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceComplianceTrack
 
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Compliance LLC
 
Medical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding PrinciplesMedical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding PrinciplesJacobe2008
 
Regulation of Medical Devices in US
Regulation of Medical Devices in USRegulation of Medical Devices in US
Regulation of Medical Devices in USAnkit Geete
 
Understanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical DevicesUnderstanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical Devicesmarchell
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Amazon Web Services
 

More Related Content

What's hot

Marketing project final
Marketing project finalMarketing project final
Marketing project finalJamie Jackson
 
7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPS7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPSMpower Medical Inc
 
Mobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworksMobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworksszabolcs budahazy
 
Lifesciences2020
Lifesciences2020Lifesciences2020
Lifesciences2020MobileMan
 
Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia AndreaGarciaAguirre1
 
mHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs KodakmHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs KodakJoseph Pategou
 
Understanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsUnderstanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsEMMAIntl
 
lauren_rosen_compliance_article
lauren_rosen_compliance_articlelauren_rosen_compliance_article
lauren_rosen_compliance_articleLauren Rosen
 

What's hot (10)

Marketing project final
Marketing project finalMarketing project final
Marketing project final
 
7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPS7 BEST FDA APPROVED HEALTH APPS
7 BEST FDA APPROVED HEALTH APPS
 
Mobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworksMobile apps for pharma and healthcare by ARworks
Mobile apps for pharma and healthcare by ARworks
 
Lifesciences2020
Lifesciences2020Lifesciences2020
Lifesciences2020
 
Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia Digital digest #3- Digital health care- Andrea Garcia
Digital digest #3- Digital health care- Andrea Garcia
 
mHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs KodakmHealth and Digital Masters : Novartis Vs Kodak
mHealth and Digital Masters : Novartis Vs Kodak
 
Understanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and ApplicationsUnderstanding Cybersecurity in Medical Devices and Applications
Understanding Cybersecurity in Medical Devices and Applications
 
lauren_rosen_compliance_article
lauren_rosen_compliance_articlelauren_rosen_compliance_article
lauren_rosen_compliance_article
 
MobileHealth_Shrestha
MobileHealth_ShresthaMobileHealth_Shrestha
MobileHealth_Shrestha
 
Pharma apps by ARworks
Pharma apps by ARworksPharma apps by ARworks
Pharma apps by ARworks
 

Viewers also liked

Physio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspectivePhysio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspectiveGadi Ginot
 
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...TGA Australia
 
Medical Device Regulations
Medical Device RegulationsMedical Device Regulations
Medical Device RegulationsLaura Faulconer
 
Presentation: Manufacturing medical devices
Presentation: Manufacturing medical devicesPresentation: Manufacturing medical devices
Presentation: Manufacturing medical devicesTGA Australia
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceComplianceTrack
 
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Compliance LLC
 
Medical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding PrinciplesMedical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding PrinciplesJacobe2008
 
Regulation of Medical Devices in US
Regulation of Medical Devices in USRegulation of Medical Devices in US
Regulation of Medical Devices in USAnkit Geete
 
Understanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical DevicesUnderstanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical Devicesmarchell
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Amazon Web Services
 
Overview of FDA Regulation of Medical Devices
Overview of FDA Regulation of Medical DevicesOverview of FDA Regulation of Medical Devices
Overview of FDA Regulation of Medical DevicesMichael Swit
 
Keeping House Compliance Risk Assessment Medical Device Summit.PPTX
Keeping House Compliance Risk Assessment Medical Device Summit.PPTXKeeping House Compliance Risk Assessment Medical Device Summit.PPTX
Keeping House Compliance Risk Assessment Medical Device Summit.PPTXGina M. Cavalier
 

Viewers also liked (14)

Physio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspectivePhysio-Logic-InvestorsRegulatoryPerspective
Physio-Logic-InvestorsRegulatoryPerspective
 
Agua y luz
Agua y luzAgua y luz
Agua y luz
 
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
Device Sponsor Information Day: Session 2: Clinical evidence - pre-market and...
 
Fundarsköp
FundarsköpFundarsköp
Fundarsköp
 
Medical Device Regulations
Medical Device RegulationsMedical Device Regulations
Medical Device Regulations
 
Presentation: Manufacturing medical devices
Presentation: Manufacturing medical devicesPresentation: Manufacturing medical devices
Presentation: Manufacturing medical devices
 
Exploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & ComplianceExploring Relationship Between Risk & Compliance
Exploring Relationship Between Risk & Compliance
 
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
Certified Risk and Compliance Management Professional (CRCMP) Prep Course Pa...
 
Medical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding PrinciplesMedical Device Regulations Global Overview And Guiding Principles
Medical Device Regulations Global Overview And Guiding Principles
 
Regulation of Medical Devices in US
Regulation of Medical Devices in USRegulation of Medical Devices in US
Regulation of Medical Devices in US
 
Understanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical DevicesUnderstanding FDA Requirements Medical Devices
Understanding FDA Requirements Medical Devices
 
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
Security, Risk, Compliance & Controls - Cybersecurity Legal Framework in Hong...
 
Overview of FDA Regulation of Medical Devices
Overview of FDA Regulation of Medical DevicesOverview of FDA Regulation of Medical Devices
Overview of FDA Regulation of Medical Devices
 
Keeping House Compliance Risk Assessment Medical Device Summit.PPTX
Keeping House Compliance Risk Assessment Medical Device Summit.PPTXKeeping House Compliance Risk Assessment Medical Device Summit.PPTX
Keeping House Compliance Risk Assessment Medical Device Summit.PPTX
 

Similar to mHealth App: Balancing Agility, Risks, and Regulatory Compliance

Silicon Peel Meetup #18
Silicon Peel Meetup #18Silicon Peel Meetup #18
Silicon Peel Meetup #18riccentre2
 
Development Standards and Regulations for HealthTech
Development Standards and Regulations for HealthTechDevelopment Standards and Regulations for HealthTech
Development Standards and Regulations for HealthTechElinext
 
Artificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceArtificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceClinosolIndia
 
Overcoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareOvercoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareAnyPresence
 
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...IMARC Group
 
A Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppA Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppAndolasoft Inc
 
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...Great Bay Software
 
So, My FitBit is Clinical Trial Grade Right?
So, My FitBit is Clinical Trial Grade Right?So, My FitBit is Clinical Trial Grade Right?
So, My FitBit is Clinical Trial Grade Right?PAREXEL International
 
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...RapidValue White Paper on Regulations and compliance for enterprise mHealth a...
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...Nageena Vijayan
 
The integration of mobile and medical technologies
The integration of mobile and medical technologiesThe integration of mobile and medical technologies
The integration of mobile and medical technologiesUBMCanon
 
The integration of mobile and medical technologies
The integration of mobile and medical technologies The integration of mobile and medical technologies
The integration of mobile and medical technologies UBMCanon
 
From The Friengs To The Forefront mRAN is here to Transform Global Health
From The Friengs To The Forefront mRAN is here to Transform Global HealthFrom The Friengs To The Forefront mRAN is here to Transform Global Health
From The Friengs To The Forefront mRAN is here to Transform Global HealthInsights10
 
Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 20163GDR
 
How to develop healthcare app.docx
How to develop healthcare app.docxHow to develop healthcare app.docx
How to develop healthcare app.docxSophiaJasper
 
Research2Guidance_Mobiquity Webinar 11-19-2014_vF
Research2Guidance_Mobiquity Webinar 11-19-2014_vFResearch2Guidance_Mobiquity Webinar 11-19-2014_vF
Research2Guidance_Mobiquity Webinar 11-19-2014_vFAshkan Afkhami
 

Similar to mHealth App: Balancing Agility, Risks, and Regulatory Compliance (20)

Silicon Peel Meetup #18
Silicon Peel Meetup #18Silicon Peel Meetup #18
Silicon Peel Meetup #18
 
Development Standards and Regulations for HealthTech
Development Standards and Regulations for HealthTechDevelopment Standards and Regulations for HealthTech
Development Standards and Regulations for HealthTech
 
Mobility Management in Healthcare: MDM, BYOD, mHealth
Mobility Management in Healthcare: MDM, BYOD, mHealthMobility Management in Healthcare: MDM, BYOD, mHealth
Mobility Management in Healthcare: MDM, BYOD, mHealth
 
Artificial Intelligence in Pharmacovigilance
Artificial Intelligence in PharmacovigilanceArtificial Intelligence in Pharmacovigilance
Artificial Intelligence in Pharmacovigilance
 
Overcoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in HealthcareOvercoming Cloud-Based Mobility Challenges in Healthcare
Overcoming Cloud-Based Mobility Challenges in Healthcare
 
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...
Patient Centric Healthcare App Market PPT: Growth, Outlook, Demand, Keyplayer...
 
A Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare AppA Complete Guide to Developing Healthcare App
A Complete Guide to Developing Healthcare App
 
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...
OnDemand Webinar: Key Considerations to Securing the Internet of Things (IoT)...
 
So, My FitBit is Clinical Trial Grade Right?
So, My FitBit is Clinical Trial Grade Right?So, My FitBit is Clinical Trial Grade Right?
So, My FitBit is Clinical Trial Grade Right?
 
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...RapidValue White Paper on Regulations and compliance for enterprise mHealth a...
RapidValue White Paper on Regulations and compliance for enterprise mHealth a...
 
Group 17 white paper
Group 17 white paperGroup 17 white paper
Group 17 white paper
 
Group 17 white paper
Group 17 white paperGroup 17 white paper
Group 17 white paper
 
The integration of mobile and medical technologies
The integration of mobile and medical technologiesThe integration of mobile and medical technologies
The integration of mobile and medical technologies
 
The integration of mobile and medical technologies
The integration of mobile and medical technologies The integration of mobile and medical technologies
The integration of mobile and medical technologies
 
Technologies that will change The Future of Healthcare
Technologies that will change The Future of Healthcare Technologies that will change The Future of Healthcare
Technologies that will change The Future of Healthcare
 
Hanu Tech
Hanu TechHanu Tech
Hanu Tech
 
From The Friengs To The Forefront mRAN is here to Transform Global Health
From The Friengs To The Forefront mRAN is here to Transform Global HealthFrom The Friengs To The Forefront mRAN is here to Transform Global Health
From The Friengs To The Forefront mRAN is here to Transform Global Health
 
Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016Digital Health & Wellness Summit @ Mobile World Congress 2016
Digital Health & Wellness Summit @ Mobile World Congress 2016
 
How to develop healthcare app.docx
How to develop healthcare app.docxHow to develop healthcare app.docx
How to develop healthcare app.docx
 
Research2Guidance_Mobiquity Webinar 11-19-2014_vF
Research2Guidance_Mobiquity Webinar 11-19-2014_vFResearch2Guidance_Mobiquity Webinar 11-19-2014_vF
Research2Guidance_Mobiquity Webinar 11-19-2014_vF
 

Recently uploaded

Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdf
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdfHemostasis Physiology and Clinical correlations by Dr Faiza.pdf
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdfMedicoseAcademics
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girlsnehamumbai
 
Call Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknow
Call Girl Lucknow Mallika 7001305949 Independent Escort Service LucknowCall Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknow
Call Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknownarwatsonia7
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowRiya Pathan
 
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...narwatsonia7
 
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbai
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service MumbaiLow Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbai
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbaisonalikaur4
 
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any Time
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any TimeCall Girls Budhwar Peth 7001305949 All Area Service COD available Any Time
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any Timevijaych2041
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...Miss joya
 
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Availablenarwatsonia7
 
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service LucknowVIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknownarwatsonia7
 
Call Girl Surat Madhuri 7001305949 Independent Escort Service Surat
Call Girl Surat Madhuri 7001305949 Independent Escort Service SuratCall Girl Surat Madhuri 7001305949 Independent Escort Service Surat
Call Girl Surat Madhuri 7001305949 Independent Escort Service Suratnarwatsonia7
 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...Miss joya
 
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...narwatsonia7
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalorenarwatsonia7
 
Call Girls Thane Just Call 9910780858 Get High Class Call Girls Service
Call Girls Thane Just Call 9910780858 Get High Class Call Girls ServiceCall Girls Thane Just Call 9910780858 Get High Class Call Girls Service
Call Girls Thane Just Call 9910780858 Get High Class Call Girls Servicesonalikaur4
 
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment Booking
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment BookingCall Girl Koramangala | 7001305949 At Low Cost Cash Payment Booking
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment Bookingnarwatsonia7
 
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipur
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service JaipurHigh Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipur
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipurparulsinha
 

Recently uploaded (20)

Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Whitefield Just Call 7001305949 Top Class Call Girl Service Available
 
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdf
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdfHemostasis Physiology and Clinical correlations by Dr Faiza.pdf
Hemostasis Physiology and Clinical correlations by Dr Faiza.pdf
 
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy GirlsCall Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
Call Girls In Andheri East Call 9920874524 Book Hot And Sexy Girls
 
Call Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknow
Call Girl Lucknow Mallika 7001305949 Independent Escort Service LucknowCall Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknow
Call Girl Lucknow Mallika 7001305949 Independent Escort Service Lucknow
 
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call NowSonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
Sonagachi Call Girls Services 9907093804 @24x7 High Class Babes Here Call Now
 
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
Russian Call Girls in Delhi Tanvi ➡️ 9711199012 💋📞 Independent Escort Service...
 
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...
Call Girls Frazer Town Just Call 7001305949 Top Class Call Girl Service Avail...
 
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbai
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service MumbaiLow Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbai
Low Rate Call Girls Mumbai Suman 9910780858 Independent Escort Service Mumbai
 
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Jp Nagar Just Call 7001305949 Top Class Call Girl Service Available
 
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any Time
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any TimeCall Girls Budhwar Peth 7001305949 All Area Service COD available Any Time
Call Girls Budhwar Peth 7001305949 All Area Service COD available Any Time
 
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
College Call Girls Pune Mira 9907093804 Short 1500 Night 6000 Best call girls...
 
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service AvailableCall Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Available
Call Girls Hebbal Just Call 7001305949 Top Class Call Girl Service Available
 
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service LucknowVIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
VIP Call Girls Lucknow Nandini 7001305949 Independent Escort Service Lucknow
 
Call Girl Surat Madhuri 7001305949 Independent Escort Service Surat
Call Girl Surat Madhuri 7001305949 Independent Escort Service SuratCall Girl Surat Madhuri 7001305949 Independent Escort Service Surat
Call Girl Surat Madhuri 7001305949 Independent Escort Service Surat
 
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
VIP Call Girls Pune Vrinda 9907093804 Short 1500 Night 6000 Best call girls S...
 
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...
Russian Call Girl Brookfield - 7001305949 Escorts Service 50% Off with Cash O...
 
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service BangaloreCall Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
Call Girl Bangalore Nandini 7001305949 Independent Escort Service Bangalore
 
Call Girls Thane Just Call 9910780858 Get High Class Call Girls Service
Call Girls Thane Just Call 9910780858 Get High Class Call Girls ServiceCall Girls Thane Just Call 9910780858 Get High Class Call Girls Service
Call Girls Thane Just Call 9910780858 Get High Class Call Girls Service
 
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment Booking
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment BookingCall Girl Koramangala | 7001305949 At Low Cost Cash Payment Booking
Call Girl Koramangala | 7001305949 At Low Cost Cash Payment Booking
 
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipur
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service JaipurHigh Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipur
High Profile Call Girls Jaipur Vani 8445551418 Independent Escort Service Jaipur
 

mHealth App: Balancing Agility, Risks, and Regulatory Compliance

  • 1. Achieve Business Agility in mHealth Development While Ensuring Compliance with Regulatory Requirements Victor Huynh, CISSP November 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit Princeton, NJ
  • 2. Disclaimer Nov. 16, 2016 The opinions expressed in this presentation are based on the personal experience of the presenter. They do not represent the approach, policy, or practice of any particular organization that is currently affiliated with the author. 2 2nd Annual Life Science Mobile Medical Apps Summit
  • 3. Agenda • The mHealth Universe • The mHealth Regulatory Landscape o Medical Device Regulations (FDA, MHRA, EMEA, etc.) o CE Mark (ISO 13485, ISO 14971, ISO 80001, etc.) o Privacy Regulations (FTC, HIPAA, EU Data Protection, etc.) • Classification of mHealth • Multi-compliance Risk Management for mHealth • Effective Design Controls for mHealth • Data Privacy Issues Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 3
  • 4. The mHealth Universe • B2C business model o 90,055 mHealth for iOS* • Digital Marketing apps • Wearable accessory apps • Medical Device accessory apps • Stand-alone to complex ecosystem • Customers’ expectations and ratings • Patient’s safety and privacy • Fluid regulatory environment Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 4 * IMS Institute for Healthcare Informatics, 2015
  • 5. The mHealth Universe – Consumer Sentiment* • 45.7% of mHealth app users discontinue the use • Reason for discontinuation o Too much time to enter data (44.5%) o Loss of interest (40.5%) o Hidden cost (36.1%) o App confusing to use (32.8%) o Data privacy concern (29%) * NIH National Survey of mHealth Apps, 2015 Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 5
  • 6. Evolution of Mobile Health Apps and Devices Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 6 2013 2014
  • 7. Evolution of Mobile Health Apps and Device Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 7 2015 2016 -
  • 8. Making of a Complex mHealth App supporting a Medical Device Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 8 Self-monitoring Device maintenance PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device The Patient Predictive conditions Prescriptive changes Device maintenance Physician Portal The Physician The Device Manufacturer Monitoring Troubleshooting, CAPA Engineering IaaS Servers, databases, application
  • 9. Impact of Regulatory Requirements Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 9 PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device Physician Portal IaaS Servers, databases, application QSR, MDD, IVDD QSR, MDD, IVDD FTC Security HIPAA HIPAA QSR, MDD, IVDD ISO 13485 ISO 14971 ISO 13485 ISO 14971 ISO 13485 ISO 14971 ISO 80001 EU Data Protection FTC Security HIPAA Where is my data? Is it safe? Is it secret? Will it work? Covered Entity? Who’s responsible? Is the data accurate? How to comply? How to manage risk? How to make it usable? How to deploy it fast? FTC Security
  • 10. Regulatory Environment for mHeath • Medical Device Regulations o U.S. 21 CFR Part 820, 807, 803, etc. • Mobile Medical Applications Guidance • Postmarket Management of Cybersecurity in Medical Devices o EU Medical Device Directive MDD 93/42/EEC, IVDD 98/79/EC • MHRA Medical Device Stand-alone Software Including Apps o CE Marking (EU and non-US markets) • ISO 13485, Medical Device Quality Management System • ISO 14971, Medical Device Risk Management • ISO 80001, Application of Risk Management for IT-networks incorporating medical devices • Data Privacy Regulations o FTC Security Principles for the Internet of Things, FTC Notice/Consent & Security o HIPAA Security Rules o EU Data Protection Directive 95/46/EC Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 10
  • 11. Challenges of mHealth Apps and Devices • Consumers’ sentiment and likes o Strong initial uptakes but could fizzle (e.g., Pokemon Go) o Well liked until a poor update released (e.g., Fitbit vs. Edmodo) • Security Breach on 6 o’lock news (e.g., Starbuck) • Privacy Minefield (HIPAA, FTC, EU Data Protection, etc.) • Device Safety and Device Regulations o Digital Marketing has no exposure to device regulations o Product R&D has no exposure to cybersecurity risks affecting device safety o Neither has knowledge of data privacy • Poorly managed mHealth Program would impact brand image Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 11
  • 12. A Study of 211 mHealth Apps by JAMA Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 12 Source: JAMA, Privacy Policies of Android Diabetes Apps and Sharing of Health Information, March 8, 2016
  • 13. Overall Process for Effective Management of mHealth Development Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 13 Classification Risk Assessment Design Control Release Support Mgmt. • Regulated mHealth App • Direct Impact • Indirect Impact • EU Class I/II • Non-Regulated mHealth App • Non-R. mHealth • Data Privacy • Promotional • R. mHealth • Patient Safety • Effectiveness • 3rd Party • Cybersecurity • Data Privacy • Promotional • Non-R. mHealth • SDLC • Software Quality • R. mHealth • 3rd Party Controls • SDLC • Design Verification • Design Validation • Security Design • Risk Mgmt. Plan • R. mHealth • Complaints • CAPA • 3rd Party Audits • Etc.
  • 14. mHealth App Classification • Statement of intended use is key (instruction, promotional materials, etc.) • Georgraphical location is critical (U.S., EU, etc.) • Participation from key stakeholders is essential o R&D / Product Development o Quality Assurance o Information Security / IT Compliance / IT Risk Management o Legal, Regulatory o Commercial / Digital Marketing • Classification Framework o Based on MHRA and FDA Guidance Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 14
  • 15. mHealth Device App Classification (MHRA) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 15
  • 16. mHealth App Classfication (FDA) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 16 Not a Regulated mHealth App Control device? Analyze device data? Active patient monitor? Extend functionality of medical device? Provide diagnostic? Recommend treatment? Yes Yes Yes No Directly Regulated mHealth App No Help patients to self managed disease w/o treatment suggestion? Help patients to track, access, organize, interact with e-PHI? HCP interaction? Secondary display of device data? Indirectly Regulated mHealth App No No Yes No Yes Yes
  • 17. mHealth App Classification Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 17 EU Class II App EU Class I mHealth App US Directly Regulated mHealth App U.S. Indirectly Regulated mHealth App Complex IT eco-system? Yes Basic Design Control & Risk Management Framework ISO Self- certification • 21 CFR Part 807 • 21 CFR Part 812/814 • 21 CFR Part 820 • 21 CFR Part 803 • 21 CFR Part 11 • ISO 13485 • ISO 14971 • ISO 80001 • EU MDD • EU IVDD Self CE Marking ISO Self- certification CE Marking
  • 18. mHealth App Risk Management • Risks to device safety and privacy • Device safety also affected by cybersecurity and availability for complex ecosystem mHealth apps • Leveraging key partners to identify, evaluate, and control risks: o Information Security for cybersecurity risks o IT Enterprise Architecture for technology risks o Legal / Compliance for data privacy risks o Quality / Compliance for 3rd Party risks • Leveraging IT Enterprise Architecture to manage technology risks Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 18
  • 19. mHealth Risk Assessment & Management Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 19 Device Risk Management Plan Intended Use Hazards Identification Risk Evaluation Risk Controls Standard ISO 14971 Device Risk Management Framework IT Security Threats Vectors / Vulnerabilities Security Risk Evaluation FTC Security Guide / Doctrine HIPAA Security Rules* IT Risk Management Plan Technical / Quality Agreement Cloud Service Provider Risk Controls FDA Cybersecurity Guidance Standard ISO 80001 IT-network Risk Management Framework Device Design Controls and Quality System External Compliance Requirements IT Risk Management & Quality System
  • 20. Example of Security Risk Evaluation Matrix Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 20
  • 21. Design Controls for Regulated mHealth App • More about software and security than traditional medical devices • Leverage IT expertise to build and deploy successful regulated mHealth App o IT Enterprise Architecture – technology to support the current and growth of the app o Information Security – risk identification, vulnerability assessment, and technical controls to safe guard the app and user’s data • Use internal Quality Agreement / Technical Agreement to allow inclusion of IT activities into Design Controls Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 21
  • 22. Medical Device Quality System Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 22 Management Control CAPA & Device Reporting, Tracking Production & Process Control Facility & Equipment Control Records & Change Control Material Control Design Control • General Requirements • Design & Development Planning • Design Input • Design Output • Design Review • Design Verification • Design Validation • Design Changes • Design Transfer • Design History File Applicable for Regulated mHealth Apps based on classification and risks
  • 23. Design Control for Regulated mHealth Apps Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 23 Design Input Design Output Design Review Design Verification / Validation Design Design Transfer Standard ISO 13485 Medical Device Quality System / Design Controls Security Technical Standards Security / EA Technical Review Security Vulnerability Code Scanning App Store Deployment Quality Agreement between IT and Device Design Control Enterprise Architecture Standards IT Infrastructure Standards Based on the framework and principles of ISO 80001 and ISO 27001
  • 24. Data Privacy • Involvement of Legal and Privacy Office • Important of Data Flow Mapping to identify PII and PHI • HIPAA authorization from Covered Entities for PHI data • FTC legal authority to regulate app security under unfairness doctrine (unfair or deceptive practices by business) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 24
  • 25. Data Privacy and mHealth Apps Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 25 PaaS Access & Authentication SaaS Environmental Health Data SaaS Patient Health Data Implantable Device Physician Portal IaaS Servers, databases, application User’s Personal Identifiable Information Patient Health Information FTC Regulates under Unfairness Doctrine* * FTC v. Wyndham Worldwide Corp. – court affirmed FTC’s juridiction to regulate data security. FTC notice / consent & security FTC notice / consent & security FTC notice / consent & security HIPAA BA HIPAA BA HIPAA Authorization
  • 26. Data Privacy – FTC Security Principles • Start with Security by Design o Don’t Collect PII if not needed o Hold on to PII only as long as legimitate business needs • Control Access to PII o Restrict access to employees and limit admin access • Use Secure Passwords and Authentication o Complex passwords, keep passwors secured o Guarding against brute force attack / authentication bypass • Secure PII in transit and at rest with industry-tested methods • Segmentation and monitoring network • Secure remote access to network • Train developers in current secured coding / practices • Include security in 3rd Party Contracts and audit for compliance • Have information security SOPs and dispose PII securely 26
  • 27. Examples of FTC Enforcement under Unfairness Doctrine • FTC v. RockYou (collections of PII during registration not demonstrated by business need and store PII in clear text) • FTC v. Guidance Software (store user credentials in clear text) • FTC v. Twitter (failure to guard against bruce force attack) • FTC v. Twitter (almost all employees has admin access) • FTC v. Twitter (no security policy prohibited employees from storing admin passwords in plain text in personal email accounts) • FTC v. Fandago (improper use of SSL encryption in mobile app) • FTC v. Upromise (failure to audit 3rd party developer for compliance) Nov. 16, 2016 2nd Annual Life Science Mobile Medical Apps Summit 27
  • 28. Questions & Answers Nov. 16, 2016 28 Email: huynh_victor@allergan.com 2nd Annual Life Science Mobile Medical Apps Summit www.linkedin.com/in/victorhuynh