Skip to main content
|

Add a bookmark to get started

Bookmarks info
  • Home
  • Insights
  • Mobile Health: Radical change in fitness and wellness is on its way in Italy
5 July 20206 minute read

Mobile Health: Radical change in fitness and wellness is on its way in Italy

Written by:Gualtiero DragottiElena VareseMarco de MorpurgoGiulia Zappaterra

As most EU countries affected by the COVID-19 outbreak are currently experiencing the temporary closure of gyms, wellness centers and spas, the mobile health industry, including smart wellness and smart fitness apps (mHealth Apps), has remarkably increased its impact on the daily life of citizens, offering them the opportunity to take care of themselves while staying at home for the quarantine, as well as to keep their sense of community alive.

This fast moving and rapidly expanding area is transforming healthcare and constantly posing new challenges, as demonstrated by the attention that the EU institutions have dedicated to this sector since the publication of the Commission "Green Paper on mobile health" in 2014.

Likely, the use of mHealth Apps will experience an important growth even after the COVID-19 emergency. Indeed, this unprecedented and collective lock-down period is having a huge impact on the way people are conceiving and practicing wellness and fitness. Therefore, chances are that a change in the health habits of us all will occur in the very near future.

A preliminary list of the legal issues related to the mHealth Apps sector is listed below.

Do mHealth Apps fall into the scope of Regulation (EU) No. 2017/745 on medical devices?

The definition of “medical device” contained in Art. 1 of Directive 93/42/EEC (MDD) includes all devices, including software, that have an intended medical purpose. Regulation (EU) No. 2017/745 (MDR), which is expected to apply as of 26 May 2021, contains a virtually identical definition, also encompassing software as a medical device. Therefore, many providers of digital health apps could fall within the scope of these rules.

As always, the devil is in the details, and it is key for manufacturers to determine whether a given mHealthApp has or does not have an intended medical purpose. As recital 19 to the MDR reminds us, "It is necessary to clarify that software in its own right, when specifically intended by the manufacturer to be used for one or more of the medical purposes set out in the definition of a medical device, qualifies as a medical device, while software for general purposes, even when used in a healthcare setting, or software intended for life-style and well-being purposes is not a medical device".

Importantly, the MDR introduces a new classification rule that is likely to result in up-classification of several mHealth Apps. While under the MDD the majority of software falls under Class I, the more stringent MDR requirements may determine the reclassification of some mHealth Apps into a higher risk class. Moving from Class I to a higher class implies notified body involvement in the conformity assessment, which represents a heavier burden for mHealth Apps developers in terms of budget and time planning.

Possible advertising issues for mHealth Apps

This issue is strictly connected to the one above. Indeed, should some types of mHealth Apps be considered as "medical devices" under Art. 2 MDR, then the specific provisions concerning the claims permitted for the promotion of medical devices, outlined in Art. 7 MDR, would also be applicable to those apps.

Contractual status of trainers

Part-time and continuous commitment of the trainers also from remote could be included in the relevant agreements, but the most appropriate contractual form shall be investigated from an employment law perspective.

Protection of mHealth Apps as software and graphic interfaces

mHealth Apps must be conceived as an important company asset, especially if their development is the core business of a company. In light of this, their protection as software is key to enable developers to value their product. IP protection could also be extended to the graphic interfaces of the app as designs, provided they are new and present individual character. The data generated by the Appsm, and particularly their creative elaboration, can be protected by exclusive rights, under certain conditions.

Protection of specific training methods

As each fitness/wellness app developer might use different training methods and interfaces in order to differentiate their products on the market, protection of these elements must be evaluated. To this end, technological infrastructures enabling the mHealth app developer to demonstrate the date in which each training was disclosed for the first time could be relevant; furthermore mHealth developers must pay attention to the appropriate assignment and management of the rights on trainings.

Data protection issues

The rapid development of the mHealth Apps sector raises concerns about the appropriate processing of the data collected through apps or solutions by individuals and app developers, as this kind of information will be considered as personal data since it concerns information relating to a natural person, who is directly or indirectly identified or identifiable. Even more, in certain instances, such personal data might be considered as special categories of data in case the information relates to, among others, data concerning health.

As of today, a Privacy Code of Conduct on mobile health apps is still in the process of being discussed with industry stakeholders to encourage the further development of the current draft Code. Although it will not be binding for market players, the Privacy Code of Conduct on mobile health apps is expected to raise awareness of the data protection rules in relation to mHealth Apps, facilitate and increase compliance at the EU level for app developers. In the meantime all mHealth Apps need to take into due consideration the obligations deriving from both the Regulation No. 679/2016 (GDPR) as well as local privacy provisions which have been implemented in all member states of the European Union. Among others, the mHealth apps needs to be created in compliance with the privacy by design and by default principle, which requires to take data protection issues into consideration from the very beginning of the design of the relevant product also in order to guarantee that only the strictly necessary personal data are processed for a specific purpose.

Security policies adopted by the mHealth Apps developers

Same attention shall also be paid to the adoption of adequate security measures able to ensure a level of security appropriate to the risk the mHealth apps might bring, also in terms of data breaches. In fact, with regard to security mHealth Apps providers are required to adopt data security policies that minimize the chance of unjustified access to the data, cyberattacks, leaks and data breaches. In fact, given the sensitive nature of health data in general, mHealth Apps shall contain specific and suitable security safeguards such as for instance the encryption of the users' data, as well as appropriate users' authentication mechanisms to mitigate security risks. Of course the adoption of specific security measures is demanded to mHealth Apps providers which are required to identify the adequate solutions also based on risk based approach.

Related Capabilities

Life Sciences
Print
Privacy policyLegal noticesCookie policyModern slaveryWhistleblowingSitemap

DLA Piper is a global law firm operating through various separate and distinct legal entities. For further information about these entities and DLA Piper's structure, please refer to the Legal Notices page of this website. All rights reserved. Attorney advertising.

© 2024 DLA Piper