Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Health January 2018 HL7 New Orleans WGM

Published by태곤 낭 Modified over 6 years ago

Similar presentations

Presentation on theme: "Mobile Health January 2018 HL7 New Orleans WGM"— Presentation transcript:

1 Mobile Health January 2018 HL7 New Orleans WGM
Consumer Mobile Health Application Functional Framework (cMHAFF) Overview and Update Mobile Health January 2018 HL7 New Orleans WGM

2 cMHAFF Scope and Goals Provide a framework for assessment of the common foundations of mobile health apps Product Information (disclosures/transparency) Security Privacy/consent/ authorization Risk assessment/analysis Data access privileges Data exchange/sharing Usability & Accessibility Assessment could include attestation, endorsement, testing, voluntary or regulatory-driven certification Out of scope: specific clinical content or functionality cMHAFF is scoped towards general-purpose standards and guidelines that span most mobile apps, such as privacy, security, data export, and transparency. Because of the huge range of potential functionality, cMHAFF does not attempt to provide specific guidance for functionality, such as data and capabilities for disease management, fitness, etc. Assessment methods are to be determined, but most likely private sector testing, endorsement, and certification, rather than regulation. 9/16/2018

3 Why cMHAFF? What’s the Need?
Target Audience: mobile health app developers needing guidance on building apps Beneficiaries: consumers, providers, caregivers Consumers need protection, transparency and assurance regarding mobile apps. Some examples: What does the app do? What evidence supports it? What security protections exist behind that “cloud?” Can I comprehend, or even find, privacy policy and terms of use? Who can the app share data with? What does the app know about me (location, microphone, camera, contacts, etc.), and what can it do on my device? Can I access my app data like I can under HIPAA? What happens to my data if I delete an app? To refresh your memory on why this project exists, we believe there are unmet needs that exist in the marketplace, as health IT is increasingly moving to mobile delivery platforms, for consumers as well as clinicians. There is much attention at the Federal level as well, including ONC and FTC, on the need for better guidance for MH apps. While some of the results of cMHAFF may benefit clinicians as well, its scope of guidance is targeted towards developers who build mobile apps for consumers, while the benefiiciaries of apps following that guidance should be the consumers who use those apps. And, of course, if assessment programs arise such as voluntary certification or endorsements, cMHAFF can be a baseline for those. 9/16/2018

4 cMHAFF January Ballot Results
Passed already! 48 Affirmative (30 needed to pass) 2 Negative (both already agreed to withdraw) 57 Abstain 79 specific comments 3 NEG 76 A-S, A-Q, or A-C All comments will be reviewed (11 dispositioned already)

5 cMHAFF Exemplar Use Cases
9/16/2018

6 EHR-Integrated Use Case “C”
A diabetes management app allows a consumer to collect blood sugar readings through a Bluetooth-enabled glucometer. A healthcare provider offers the app to enable the patient’s blood sugar to be captured through devices, rather than relying on manual entry by the patient, and to electronically transmit the readings to the patient’s physician, rather than using paper or FAX. Activity data are collected through an activity tracker, and a consumer can open the app to record meals and snacks to enable estimates of caloric consumption. Collected data is automatically “pushed” to a third-party cloud-based platform. The patient is aware of the cloud, though not familiar in detail with how data are protected in transit or storage. When a consumer views information in the app, which shows daily glucometer readings and related information, this information is “pulled” in but does not persist on the smartphone when the app is closed. It is also possible for the consumer to directly enter blood sugar readings (e.g., if Bluetooth connection is not working). From the cloud platform, consumer information is “pushed” to a provider’s Electronic Health Record (EHR), where it is accepted as Patient Generated Health Data (PGHD), according to the preferences of the patient and the policies of the provider. From the EHR, a physician can define logic to assess blood sugar readings such that the consumer is alerted through the app when a measurement is out of range, or when a set number of high or low readings are noted within a prescribed period of time. 9/16/2018

7 cMHAFF Sections and App Life Cycle
App Development and Support  Regulatory Considerations  Risk Assessment and Mitigation  Usability Assessment  Customer Support Consumer Use of App Product Information Launch app, establish account Authentication Authorization/ consent for data collection/ use Data exchange/ interop Data provenance/ authenticity Security for data at rest & in transit Pairing or syncing with user devices Notifications and Alerts Product Upgrades Audit App and Data Removal 9/16/2018

8 Disclosures Evidence Limitations Contents
Informing Consumers Disclosures Evidence Limitations Contents 9/16/2018

9 Criteria Example: General Product Info
No. Strength Requirement GENERAL INFORMATION G1 SHALL The description of an app includes the main functionality, the intended use, the intended (target) audience, and potential use of the user’s personal data by the app. G2 Screen shots of the app accurately depict the screens of the current version of the product. G3 Product information is provided before the app is used by the consumer, to help consumers decide whether the app is suitable. G4 SHOULD The app description clearly states the human languages the app supports. G5 Provide information about accessibility characteristics in the app description and in contextual assistance sections of the app. G6 Provide information about the app publisher (persons/organizations) and provide mechanisms to communicate with the publishers G7 Provide disclosure about sources of funding and possible conflicts of interest for the app (e.g., app use could incent user to buy products or services from app publisher.

10 European Guidelines Assessed
French mHealth Good Practice Guidelines German Mobile Health Assessment Criteria Andalusian App Recommendations U.K. PAS277 Quality Criteria Finland PHR Cert Criteria Other EU initiatives 9/16/2018

11 Related U.S. & Global Industry Efforts
OWASP Mobile Top 10 Security Risks ONC ISA Task Force and PGHD Whitepaper Some of the many industry efforts being tracked, and publications being referenced, are referenced here. cMHAFF does not intend to reinvent the wheel, but rather to reference authoritative sources of requirements, use cases, standards, guidance, and best practices where they exist, such as: NIST threat catalog and many other publications HITRUST Alliance risk assessments and security frameworks OWASP Mobile Top 10 Security Risks and mitigations FTC’s interactive tool for mobile app developers (co-sponsored by FDA and Office of Civil Rights) SMART on FHIR ISA Task Force Consumer Use Cases ONC/Accenture White Paper on a Policy Framework for Patient-Generated Health Data (PGHD) FTC/FDA/OCR Mobile App Developer Guidance Tool on 9/16/2018

12 cMHAFF Invitation: Join us!
It’s a major opportunity in an exploding space: get in on the ground floor! Action is under way around the world – people are ready! Passed January 2018 STU ballot: just needs to be finalized! Help HL7 collaborate well with the public and private sectors Stay connected via HL7 Mobile Health listserv We will reconciled all comments and then publish 9/16/2018

13 Project and Contact Info cMHAFF meetings are Thursdays at 3pm Eastern Web Meeting Info to be updated Phone , passcode Project Lead: Nathan Botts Join us to publish and start using cMHAFF! 9/16/2018

14 Mobile Health Topics & Projects
January WGM - MH Special Session Wednesday - Q3 Panel Discussion Interactive Perspective on Accreditation and Certification for MH Applications Consumer Mobile Health Application Functional Framework cMHAFF Weekly Meetings Thursdays 3 pm EST Mobile Framework for Healthcare Adoption of Short-Message Technologies mFHAST Weekly Meetings Thursdays 2 pm EST MH Interoperability Environmental Scan (Frameworks and API Comparisons) Pictorial Representation in Mobile Health (ISO/TC 215 Healthcare Informatics) Mobile Health Fridays Every Fridays 11 am EST

Download ppt "Mobile Health January 2018 HL7 New Orleans WGM"

Similar presentations

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.

What is GARP®? GARP® is an Acronym for Generally Accepted Recordkeeping Principles ARMA understands that records must be.
ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.

ELTSS Alignment to Nationwide Interoperability Roadmap DRAFT: For Stakeholder Consideration in response to public comment.
Security Controls – What Works

Security Controls – What Works
1 © 2002-2013 Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered trademarks.

1 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered trademarks.
Note: This is a preliminary discussion

Note: This is a preliminary discussion
Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap – DRAFT Version 1.0 Joint FACA Meeting Chartese February 10, 2015.

Connecting Health and Care for the Nation: A Shared Nationwide Interoperability Roadmap – DRAFT Version 1.0 Joint FACA Meeting Chartese February 10, 2015.
August 12, 20151 Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.

August 12, Meaningful Use *** UDOH Informatics Brown Bag Robert T Rolfs, MD, MPH.
Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 5 Personal Health Records Electronic Health Records for Allied.

Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved. McGraw-Hill Chapter 5 Personal Health Records Electronic Health Records for Allied.
A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality 2014-06-10.

A Robust Health Data Infrastructure P. Jon White, MD Director, Health IT Agency for Healthcare Research and Quality
HIT Policy Committee Accountable Care Workgroup – Kickoff Meeting May 17, 2013 1:00 – 2:00 PM Eastern.

HIT Policy Committee Accountable Care Workgroup – Kickoff Meeting May 17, :00 – 2:00 PM Eastern.
FDASIA REGULATIONS SUBCOMMITTEE May 22, 2013. Agenda 4:00 p.m.Call to Order – MacKenzie Robertson Office of the National Coordinator for Health Information.

FDASIA REGULATIONS SUBCOMMITTEE May 22, Agenda 4:00 p.m.Call to Order – MacKenzie Robertson Office of the National Coordinator for Health Information.
1 © 2002-2013 Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered trademarks.

1 © Health Level Seven International ®, Inc. All Rights Reserved. HL7 International and Health Level Seven International are registered trademarks.
Authentication, Access Control, and Authorization (1 of 2) 0 NPRM Request (for 2017) ONC is requesting comment on two-factor authentication in reference.

Authentication, Access Control, and Authorization (1 of 2) 0 NPRM Request (for 2017) ONC is requesting comment on two-factor authentication in reference.
Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.

Nationwide Health Information Network: Conditions for Trusted Exchange Request For Information (RFI) Steven Posnack, MHS, MS, CISSP Director, Federal Policy.
EHealth/mHealth Gisele Roesems Deputy Head of Unit Health and Well-Being DG CONNECT EUROPEAN COMMISSION 2 nd International Conference on Health Informatics.

EHealth/mHealth Gisele Roesems Deputy Head of Unit Health and Well-Being DG CONNECT EUROPEAN COMMISSION 2 nd International Conference on Health Informatics.
Inter-agency workshop on cash and protection 10-12 March 2015 - Nairobi, Kenya E-learning: E-Transfers and operationalizing beneficiary data protection.

Inter-agency workshop on cash and protection March Nairobi, Kenya E-learning: E-Transfers and operationalizing beneficiary data protection.
S&I Public Health * We will start the meeting 3 min after the hour October 7 th, 2014.

S&I Public Health * We will start the meeting 3 min after the hour October 7 th, 2014.
Chapter 2 Standards for Electronic Health Records McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved.

Chapter 2 Standards for Electronic Health Records McGraw-Hill/Irwin Copyright © 2009 by The McGraw-Hill Companies, Inc. All Rights Reserved.
Chapter 6 – Data Handling and EPR. Electronic Health Record Systems: Government Initiatives and Public/Private Partnerships EHR is systematic collection.

Chapter 6 – Data Handling and EPR. Electronic Health Record Systems: Government Initiatives and Public/Private Partnerships EHR is systematic collection.
UN CEFACT Single Window Recommendation Simplifying International Trade Gordon Cragge Chair – International Trade Procedures Working Group (TBG 15 of UN.

UN CEFACT Single Window Recommendation Simplifying International Trade Gordon Cragge Chair – International Trade Procedures Working Group (TBG 15 of UN.

Similar presentations

Ads by Google