On December 7, 2022, the Federal Trade Commission (“FTC”), along with the U.S. Department of Health and Human Services (“HHS”) and the U.S. Food and Drug Administration (“FDA”), announced updates to the Mobile Health App Interactive Tool­—a questionnaire designed to help mobile health app developers identify federal laws and regulations that may apply to their products.

The tool is designed for mobile apps that access, collect, share, use, or maintain information related to a consumer’s health through features such as fitness tracking, medical record sharing, sleep monitoring, disease diagnostics, and more.

The tool guides developers through fifteen questions, including:

  • Does/will your app collect, share, use, or maintain health information?
  • Is your app for use by consumers?
  • Does your app include a device software function that is the focus of FDA’s oversight?

Based on the answer to each question, the tool directs the user to other relevant questions and highlights at each step the laws and regulations that may apply to the mobile app.  The tool covers, among other laws and regulations, the Health Insurance Portability and Accountability Act of 1996, as amended, and its implementing regulations (collectively, “HIPAA”), the Food, Drug, and Cosmetic Act (“FD&C Act”), the FTC Act, and the 21st Century Cures Act.

The tool was first released in 2016 and included ten questions to help developers determine whether their apps would be subject to HIPAA, the FD&C Act, the FTC Act, and/or the FTC’s Health Breach Notification Rule.  The latest update to the tool adds new questions to help mobile developers understand legal requirements for their apps under the Children’s Online Privacy Protection Rule (“COPPA Rule”) and the 21st Century Cures Act but does not refine the analysis for the laws covered in the original version.  The tool is not intended to offer legal advice and is provided for informational purposes only.

Photo of Libbie Canter Libbie Canter

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports…

Libbie Canter represents a wide variety of multinational companies on privacy, cyber security, and technology transaction issues, including helping clients with their most complex privacy challenges and the development of governance frameworks and processes to comply with global privacy laws. She routinely supports clients on their efforts to launch new products and services involving emerging technologies, and she has assisted dozens of clients with their efforts to prepare for and comply with federal and state privacy laws, including the California Consumer Privacy Act and California Privacy Rights Act.

Libbie represents clients across industries, but she also has deep expertise in advising clients in highly-regulated sectors, including financial services and digital health companies. She counsels these companies — and their technology and advertising partners — on how to address legacy regulatory issues and the cutting edge issues that have emerged with industry innovations and data collaborations.

Photo of Anna D. Kraus Anna D. Kraus

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience…

Anna Durand Kraus has a multi-disciplinary practice advising clients on issues relating to the complex array of laws governing the health care industry. Her background as Deputy General Counsel to the U.S. Department of Health and Human Services (HHS) gives her broad experience with, and valuable insight into, the programs and issues within the purview of HHS, including Medicare, Medicaid, fraud and abuse, and health information privacy. Ms. Kraus regularly advises clients on Medicare reimbursement matters, the Medicaid Drug Rebate program, health information privacy issues (including under HIPAA and the HITECH Act), and the challenges and opportunities presented by the Affordable Care Act.

Photo of Olivia Vega Olivia Vega

Olivia Vega provides strategic advice to global companies on a broad range of privacy, health care, and technology issues, including in technology transactions, mergers and acquisitions, and regulatory compliance. Within her practice, Olivia counsels clients on navigating the complex web of federal and…

Olivia Vega provides strategic advice to global companies on a broad range of privacy, health care, and technology issues, including in technology transactions, mergers and acquisitions, and regulatory compliance. Within her practice, Olivia counsels clients on navigating the complex web of federal and state privacy and data security laws and regulations, including on topics such as HIPAA, California’s Confidentiality of Medical Information Act, and the California Consumer Privacy Act. In addition, Olivia maintains an active pro bono practice.

Photo of Elizabeth Brim Elizabeth Brim

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an…

Elizabeth Brim is an associate in the firm’s Washington, DC office. She is a member of the firm’s Health Care and Data Privacy and Cybersecurity Practice Groups, advising clients on a broad range of regulatory and compliance issues. In addition, Elizabeth maintains an active pro bono practice.

Photo of Guillaume Julian Guillaume Julian

Guillaume Julian is an associate in the firm’s Washington, DC office, where he is a member of the Food, Drug, and Device and Health Care Practice Groups. He advises pharmaceutical, biotechnology, medical device, and food companies on a variety of regulatory and compliance…

Guillaume Julian is an associate in the firm’s Washington, DC office, where he is a member of the Food, Drug, and Device and Health Care Practice Groups. He advises pharmaceutical, biotechnology, medical device, and food companies on a variety of regulatory and compliance issues.