Practice Development | Mar/Apr '15

I Have an App for That: Understanding Liability Risks for Mobile Apps

As the number of physician-developed mobile apps increases, health care providers must consider and manage the potential litigation risks associated with apps that do not perform as intended or advertised.

The Impact of FDA Regulation

In 2011, the FDA announced plans to regulate certain mobile apps as medical devices under the Federal Food, Drug and Cosmetic Act. The Act’s definition of device includes instruments that are intended for use in the diagnosis of disease or other conditions or in the cure, mitigation, treatment, or prevention of disease. In 2015, the Agency clarified that it intends to regulate “only those medical apps that are medical devices and whose functionality could pose a risk to a patient’s safety if the mobile app were not to function as intended.”1

As a result, the Agency currently regulates a small subset of apps known as mobile medical apps (MMAs). These apps perform similar functions as other regulated medical devices. The Agency has declined to regulate most general health and wellness apps, which it believes are low risk. It has stated, however, that all app developers should implement quality management processes to ensure the quality, performance, and safety of their products.

Developers of MMAs must follow the FDA’s Quality System Regulation, which describes good manufacturing practice requirements for devices. MMAs are subject to other requirements, including regulations governing labeling, adverse events, recalls, and manufacturing facility registration and device listing. Because these apps are regulated to the same extent as other medical devices, they are potentially subject to the same theories of liability that apply to traditional medical devices, including breach of warranty, negligence, and misrepresentation. For example, the FDA has classified as medical devices “apps that use patient information to calculate dosage therapies for radiation therapy.”1 If a patient alleges injury as a result of exposure to incorrect levels of therapeutic radiation arising from a defect of the dosing app, it is conceivable that the patient could sue the developer under numerous theories of tort liability. It is also conceivable that allegations of malpractice could arise from physician use or prescription of certain apps.

Similar theories would apply to health apps that the FDA has declined to regulate because they are deemed low risk. The low-risk designation may strengthen certain defenses available to developers and physicians in the event of litigation, but it is unlikely to eliminate the risk of liability altogether.

Consumer Protection Statutes

The marketing of non-FDA-regulated apps is subject to oversight by other regulators, including the Federal Trade Commission (FTC). The FTC Act bars “unfair methods of competition and unfair or deceptive acts or practices.”2 The FTC intends to enforce “truth-in-advertising standards” in the mobile app marketplace, and it has advised developers to, among other things, “tell the truth about what your app can do” and “disclose key information clearly and conspicuously.”2

Recent enforcement actions confirm that the FTC is actively policing health apps. For example, the FTC recently initiated enforcement actions against marketers of acne treatment, cancer detection, and autism apps based on alleged false and misleading treatment and efficacy claims. While there is no private right of action allowing consumers to enforce the FTC Act, many state consumer protection statutes allow consumers to sue companies for injuries or loss arising from violations of those laws. These laws are modeled after the FTC Act, and they exist in every state. Potential theories of liability under these laws include false and deceptive advertising and fraudulent misrepresentation.

Managing the Risks

There are a number of practical steps developers can take to manage liability risks, including:
1. Verifiable quality and performance claims;

2. Legal and medical review of app promotional materials, labeling, and advertising; and

3. Clear and conspicuous disclosure of warnings.

Physicians who use or prescribe mobile apps should take steps to:

1. Assess the regulatory status of the app;

2. Read instructions for use and limitations on use;

3. Obtain appropriate training on app operation and maintenance;

4. Develop systems to ensure continuity of care in the event of malfunctions or data loss; and

5. Communicate policies regarding the frequency of monitoring of patient-generated health information that is created or shared through an app.

1. Mobile Medical Applications: Guidance for Industry and Food and Drug Administration Staff. US Food and Drug Administration. February 9, 2015. https://www.fda.gov/downloads/MedicalDevices/…/UCM263366.pdf. Accessed April 1, 2015.

2. Marketing Your Mobile App: Get It Right from the Start. Federal Trade Commission. https://www.ftc.gov/tips-advice/business-center/guidance/marketing-your-mobile-app-get-it-right-start. Accessed April 1, 2015.

NEXT IN THIS ISSUE