Breakfast Debrief: Code of Conduct for mobile health apps – 11 January 2016

Healthcare disruptors
Mobile health apps are disrupting healthcare in much the same way that the internet previously disrupted the way we consume information, make travel bookings, or shop. This quiet revolution is getting louder as healthcare systems increasingly begin to acknowledge the need to shift from expensive and intensive approaches to preventative investment.
The key for mHealth’s success is that it requires a multitude of stakeholders to buy into it – patients, clinicians, app developers, industry, payers, and the list goes on. The Hill+Knowlton breakfast briefing, held on 11 January 2016, brought together some of these representatives to discuss the industry led Code of Conduct for mHealth apps and its place in the broader framework.
A European reference point
Maintaining a working relationship with Member States that avoid stepping on the toes of national competences continues to play a critical role in the further development of EU activities. As, Peteris Zilgalvis – Head of Unit in the European Commission’s DG Connect – underscored, the impact of the EU action is intended to assist and not replace national work.
“The Code of Conduct is a set of guidelines that serve as an EU-wide framework of reference for developing apps. The Commission is a facilitator in this, certainly not dictating companies or Member-States what to do. Rather than the creation of new law, the Code is intended to facilitate and set the set the scene for future legislation,” Zilgalvis stated.

But while not starting a revolution, the Code of Conduct and supporting guidance, do have the potential to help steer a potentially revolutionary new direction for health in Europe. Tapani Piha, Head of Unit in DG Santé for eHealth and HTA, confirmed his belief in the potential for mHealth to reshape the way Europe (and Europeans) approach health, but not without ample stakeholder cooperation. Piha questioned how significant the overlap between stakeholder interest in the mHealth possibilities and their ability to implement the necessary changes.
“Member States must have the technical capabilities to exchange data, but we also need to take into account the political realities and national priorities. For some countries they will want to participate, but they won’t be able to, others are very capable, but will not be interested.”
To gauge where the capability and interest would overlap on a Venn diagram of mHealth, there are some projects that could provide an indication. For Piha, the call for proposals on Deployment of National Infrastructure for crossborder exchange of data serves as a real “litmus test” for the willingness to cooperate. Without the infrastructure for cooperation, the EU will not move forward and deepening inequalities could result.
Digital transition
The move from a pen and paper system of recording patient data to their electronic counterparts, whether in the form of patient records or through the use of mHealth apps, beckons the questions of where patients fit in. Surely, at its very core. Yet Public Affairs Coordinator at the European Cancer Patient Coalition, Francesco Florindi, questioned how patient-centricity actually fits into the scope of the Code? With the draft code placing much of the burden of responsibility on patients, there may be a need for stakeholders working on its further development to consider how it could be redistributed to ensure that even patients who may not be early adaptors or particularly tech savvy can safely use apps.
Florindi also stressed the need for the Commission to be more prominent in monitoring the implementation of the code as “adherence to the code is crucial for it to be successful.”
One-stop-shopping
Linking the need for Member State enthusiasm and a patient-centric approach, Paulo Silva of DG Justice explained the link between health data and the General Data Protection Regulation (GDPR). He stressed that the new GDPR aims at enhancing the trust of EU Citizens in mobile health by putting individuals in control of their data. For example, individuals will have more information on how their data is processed, the “right to be forgotten” will be enhanced, and users will have the right to be notified when their data has been hacked.
To provide equal protection mechanisms across the Member States, the GDPR is directly applicable and should remove legal fragmentation. By establishing a “one-stop shop” for data protection in the EU, the regulation means that companies will only have to deal with one supervisory authority (not 28) – creating a simpler and cheaper environment for companies doing business in the EU.
Moving forward
The speaker representatives were clear that working together – across DGs, across sectors, across Member States – is critical as the legal basis and guidance for mHealth and its associated sectors is formulated. The safe harbour agreement between the US and the EU anticipated to be finalised at the end of the month and the Working Group on mHealth are just two such examples. Yet while it is evident that all of the involved actors must move in the same direction as the common framework is formulated, outstanding questions remain. As the work on the Code continues, the European Commission hopes to facilitate diminishing these grey areas through references and best practice examples to successfully set the scene for robust legislation that brings mHealth closer to patients and as Florindi stated, “reintegrate the patient back to his normal life.”
Who is Who
Francesco Florindi @francescoflo | European Cancer Patient Coalition @cancereu
Dee O’Sullivan | My Health Apps @my_health_apps
Tapani Piha @tapani_piha | European Commission, DG Santé @EU_health
Paulo Silva | European Commission, DG JUST @EU_Justice
Peteris Zilgalvis @PZilgalvis | European Commission, DG Connect
H+K Strategies @HKBelgium