Health apps are increasingly popular, and with the average smartphone user having 13 apps on their phone, the probability of one of them being a health app is quite high.

One of the hot topics to emerge at EHI Live 2013 was app regulation. How do we know if the apps we use give sound advice? How do we make sure they do not give advice that could put the user in danger?

Ideas range from self-regulation and user reviews, to having a central authority to run formal regulation. This is the model that is being adopted in the US, where the Food and Drug Administration issued its final guidance on the regulation of health apps earlier this year.

The FDA said it will regulate any app that makes the device on which it works into a medical device. The European Union and NHS England have indicated they are interested in a similar approach.

But there was considerable debate about whether this is necessary – or even possible – in the UK.

Stand by your standards

Professor Jeremy Wyatt, a professor of e-health research at the University of Leeds, pointed out that the whole debate is taking place without good ground rules in place.

There is, at the moment, no definition of what makes a good health app. “We need to set up some specific quality criteria,” he said, adding that the health apps library set up by NHS England has failed to do this job.

"Although it goes some way, it is clear that the need for strong health promotion criteria is missing,” he said, “Testing usability, impact, and labelling for the indented user is also missing,” he added.

Dr Maureen Baker, clinical director for patient safety at the Health and Social Care Information Centre, whose team safety approves some of the apps in the apps library, agreed with Wyatt up to a point.

“The regulatory framework that currently applies is not fit for purpose in respect of apps, and this is something we need to address, she told the HANDI Health Apps stream of the conference.

However, she argued that many of the principles that her team has developed for assessing the safety of healthcare software more generally can be applied to apps.

As she explained in an earlier session, Dr Baker has been working with safety engineers for almost a decade to develop safety standards (ISB 0129 and ISB 0160) for both software providers and trusts taking new systems.

She has also been trying to encourage a safety culture built around safety cases, which require multi-disciplinary teams to identify potential problems, decide how serious they are, and work out what can be done about them.

This might range from stopping a project in the face of a huge risk, to mandating certain types of hardware or training, to just living with an issue that might arise but do little harm.

“The principle we always apply to our safety work is light touch, yet robust. If we’re looking at something that is higher risk, as if something goes wrong and the patient can come to harm, the amount of safety assurance needs to increase,” she said.

In the case of the healthcare apps, Dr Baker said her team had ‘triaged’ 176 apps submitted through NHS Choices, and found that most were not safety related. Just 11 were judged to hold some kind of safety risk, and have now been approved.

Trust in the market

Professor Wyatt was more inclined to put his faith in self-regulation by developers and the power of user reviews as the way forward. However, he said the star system applied to any and all of the apps lodged in something like Apple’s iTunes was far from fit for purpose at the moment.

“As a user, you might go for the one rated five stars, thinking it must be safe,” he suggested. But in fact, “it is often the other way around. Apps that have high user ratings tend to be quite evidence light.”

Professor Wyatt suggested the response to this problem should be clear labels on apps that can be well understood by their consumers. With those in place, the apps need to do “what it says on the tin”.

“We need to think differently. Users should decide what is best for them. We need evaluation of apps against quality criteria and explicit labelling to help change. Quality is best achieved by consensus and culture change,” he said.

He also argued that developers should be educated to understand what they need to provide for their app to be safe. “The best way to prevent bad apps is by helping app developers understand quality and safety,” he said. “We need an app market driven by fitness for purpose and evidence of benefit.”

Clinician apps, the next frontier

Most of the debate to date has focused on patient facing apps. But in the NHS, the real issue is likely to be clinician facing apps. EHI is often sent press releases about new apps designed to offer clinicians everything from access to medical journals to assistance in carrying out calculations related to their day to day work.

Yet there is rarely any information about whether they fit with royal medical college, national or local policies, how often they will be updated, and how – if at all – they can be integrated safely with other systems.

This was a key concern for Richard Brady, a surgical registrar at NHS Lothian, who has conducted research into clinical apps, and who feels it is time for the NHS to see the light.

“Health care institutions must wake up to the fact that today, throughout the UK, healthcare professionals are bringing their own portable digital devices to work and some are using apps in care delivery,” he said.

“The challenge is to reap the benefits of such technology but keep security and IT risk minimised whilst fostering and shaping the on-going direction of travel to mobile forms of care delivery.”

Swansea University is working on a clinical app repository and might very well end up working with NHS England on standards for clinician facing apps.

Inderjit Singh, head of enterprise architecture at NHS England, told the conference it also wants to collaborate with the FDA so that apps that are approved in the US should have relatively little trouble being approved here; and vice versa.

On the other hand, he stressed that he does not want to stifle innovation. “From my point of view, NHS England is not about creating a centralised view on how to create an app, but it is about creating a supportive environment,” said Singh.

Time for change

Stifling innovation, extending development times, and trying to apply an approach to apps that simply doesn’t work with the ‘build it and they will come – or not’ ethos of developers, are all reasons that many people have been sceptical about regulating health apps until now.

EHI Live 2013 uncovered a shifting consensus from developers, clinicians and the government is that something needs to be done. What it didn’t find was agreement on what that should be.