Does Your Healthcare App Need FDA Approval?
The world needs more healthcare apps ASAP, but with all those medical rules and regulations to deal with, some people get lost before finding the starting line. That’s why we’re here to help. We’ve built several healthcare apps, IoT apps, and everything in-between. We’ve seen lots of wild medical ideas requiring wildly different regulations. We know what’s up, and we’re here to help you figure out if your healthcare app needs approval or not.
Before we begin, it should go without saying that this article is not legal advice. It’s intended for educational purposes only. We aren’t your attorney, and if you really want to know if your app needs FDA approval, ask the FDA. Discover more.
Short Answer: You need approval if it’s used as a medical tool
If the app is used as a medical tool, it needs FDA approval. If it’s used to aid memory, automate processes, or complete some other non-medical task, it probably does not need FDA approval.
But, of course, it’s a bit more complicated than that quick summary.
Long Answer: It depends on how the healthcare app is used.
Regulations are messy. Some safe-seeming apps need FDA approval, while some scary-sounding apps won’t even get glanced at by the government.
The single best way to tell if your app needs approval or not is to ask the FDA directly. No educational blog post will answer the article for you, so ask someone from the FDA before jumping to any conclusions. Learn more.
If you want to get a feel for whether your app needs approval, ask yourself some of the following questions.
Is my healthcare app close to something the FDA already regulates?
The first thing you should check is whether something similar to your app is already regulated. If so, this will save you a lot of time, and you’ll know for sure that your app needs FDA approval.
To see what apps the FDA regulates, check out this list on their website. Even if you don’t find something just like your app, you’ll know what types of apps the FDA needs to approve.
If you can’t find anything similar, there’s a chance it may not need approval, but it’s too early to tell. Ask yourself a few more questions first.
Is my healthcare app close to something the FDA already said doesn’t need regulation?
If your app isn’t on the FDA’s must-have-approval list, it may not need any at all. Before you continue, check out the FDA’s list of apps that do not need approval. If your app or something like it is on this list, then you’re set. Your app has been determined by the FDA to be completely safe.
If not, don’t fret. You’re one of the special middle cases. We’ve filtered out all the apps that always need FDA approval and all the apps that never need it. Most medical apps fall somewhere in the middle.
However, you’ll have to do a tad bit more work to figure out if your healthcare app needs FDA approval.
Is my healthcare app a medical device?
Your app probably needs FDA approval if it’s classified as a medical device.
The word “medical device” conjures up images of x-rays, heart-rate monitors, and surgical robots, but some apps are medical devices, too. It’s all about the function. If your software serves some sort of direct medical purpose, it’s a medical device. You can look at some examples here, but if you’d rather cut to the point, here’s what the FDA has to say:
intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man or other animals
If the app monitors, diagnoses, cures, relieves, or prevents a condition and its symptoms, it’s a medical device. In other words, if it acts like a medical device, it is one.
Lots of healthcare apps aren’t medical devices. The app we built for R&G Medical, for instance, lets you view complex scan files on a web browser without special hardware. It’s very much a healthcare app, but it’s not a medical device because it doesn’t deal with diseases or other medical conditions. Similar apps, like medical database systems, process automation tools, and more may not need FDA approval (although they still may need to comply with HIPAA standards).
If your app isn’t a medical device, you’re in the clear (but talk to the FDA anyway to make sure your app truly isn’t a medical device–you don’t want to skip FDA approval just because you mislabeled your app). If your app is a medical device, it probably needs FDA approval–but not always. You still have to ask yourself a few more questions to be sure.
Does my medical device put patients at risk?
Okay, your app is a medical device, but is it really that risky? An app that organizes your health information is a lot safer than a new vaccine or a surgical robot. Why should that app go through the same lengthy review process?
Well . . . a lot of the time, it doesn’t.
The FDA has the right to be more lenient with some technologies than others, and this may save your app from the lengthy FDA approval process. This is called “discretion,” and it allows certain low-risk technologies to get made faster. Here’s what the FDA has to say about it.
Many software functions are not medical devices (meaning such software functions do not meet the definition of a device under section 201(h) of the Federal Food, Drug, and Cosmetic Act (FD&C Act)), and FDA does not regulate them as devices. Some software functions may meet the definition of a medical device, but because they pose a lower risk to the public, FDA intends to exercise enforcement discretion over these devices (meaning it will not enforce requirements under the FD&C Act).
This quote suggests that a lot of medical apps are in the clear because they’re a lower risk than other medical devices. Thus, if the FDA thinks your app is low-risk, they may not enforce all the regulations–even if your app is clearly a medical device.
Of course, this doesn’t mean you’re entirely in the clear. Not every app makes the cut. Here’s how the FDA decides which apps can get through without approval and which ones can’t.
[T]he FDA intends to apply its regulatory oversight to only those software functions that are medical devices and whose functionality could pose a risk to a patient’s safety if the device were to not function as intended.
Did you get that? Even if the app is a medical device, it can get through without approval as long as its failure won’t hurt anyone.
However “risk” is pretty hard to measure. Some apps are very clearly risky while others are obviously tame. It’s the grey areas that are tricky.
To make it easier, the FDA put together a list of apps that are medical devices, but too low-risk to regulate. If any of these apps look similar to your own, you may be in the clear. However, if you’re even the slightest bit unsure whether an app poses a risk to patients, please ask the FDA at this link. We’re app developers, not legal experts, so please don’t use this educational guide as legal advice.
If your medical device is super low-risk and looks super similar to something on the FDA discretion list, you may be good to go. However, if you’re still unsure, check with an FDA representative.
Remember: just because your app doesn’t need FDA approval doesn’t mean you’re in the clear. If your healthcare app handles patient data, the app probably needs to be HIPAA compliant. Even if not, it may need to comply with other organizations.
This is the big one. The Health Insurance Portability and Accountability Act, known almost universally as HIPAA, regulates private health information. At all times, private health information needs to be kept absolutely secure. You can learn more about HIPAA in app development on the HIPPAA developer portal.
Remember: just because an app doesn’t need FDA approval doesn’t mean it’s above HIPAA. If it handles any private health information, it needs to be HIPAA compliant. We’ve built apps that don’t need FDA approval, but still need to comply with HIPAA. They’re mutually exclusive, so check that your app is in the clear.
The Center for Biologics Evaluation and Research, better known as CBER, has lots of regulations for apps and other devices pertaining to biological products. Apps do not usually need to be regulated by CBER, but looking at the regulations could save you a world of pain if your app helps with certain niche biological practices.
The Center for Drug Evaluation and Research, or CDER, focuses on chemicals you put in your body. Apps don’t often fall under their jurisdiction, but if your app fulfills some niche drug-related purpose, it may need to follow additional regulations. More likely than not, an app that needs to follow CDER regulations also needs FDA approval, but it’s worth a look at the laws.
The Center for Veterinary Medicine, or CVM regulates all things animal-related. Again, they’ll only handle niche apps, but if you’re making an app for pet health, they may have some specific rules you need to follow.
The Center for Tobacco Products, or CTP, manages tobacco. If your app relates to smoking, tobacco, or tobacco prevention, it wouldn’t hurt to look over their rules.
So . . . does my healthcare app need approval?
Ultimately, no article can tell you whether your specific app needs FDA approval or not. Remember: we aren’t legal experts, and this article is for educational purposes only, not legal advice. These resources and tips can give you a pretty good idea of what regulations your app needs to succeed, but they are not legal advice.
If you’re thinking of building a healthcare app, your best bet is to ask someone at the FDA about regulations and ask someone at Fyresite about the technical details. We’ve built lots of healthcare apps, so we know what goes into making your medical dream a reality. Fill out the form for a free consultation.