Special Issue

mHealth and telemedicine apps: in search of a common regulation

Chiara Crico1,2, Chiara Renzi2, Norbert Graf3, Alena Buyx4, Haridimos Kondylakis5, Lefteris Koumakis5 and Gabriella Pravettoni1,2

1Department of Oncology and Hemato-Oncology, University of Milan, Milan, Italy

2Applied Research Division for Cognitive and Psychological Science, European Institute of Oncology, Milan 20141, Italy

3Department of Pediatric Oncology and Hematology, Saarland University, Homburg/Saar, Germany

4Department of Biomedical Ethics, Institute of Experimental Medicine, University of Kiel, Germany

5Computational Biomedicine Laboratory, FORTH-ICS, Heraklion, Greece

Correspondence to: Chiara Crico. Email:


Developments in information and communication technology have changed the way healthcare processes are experienced by both patients and healthcare professionals: more and more services are now available through computers and mobile devices. Smartphones are becoming useful tools for managing one’s health, and today, there are many available apps meant to increase self-management, empowerment and quality of life. However, there are concerns about the implications of using mHealth and apps: data protection issues, concerns about sharing information online, and the patients’ capacity for discerning effective and valid apps from useless ones. The new General Data Protection Regulation has been introduced in order to give uniformity to data protection regulations among European countries but shared guidelines for mHealth are yet to develop. A unified perspective across Europe would increase the control over mHealth exploitation, making it possible to think of mHealth as effective and standard tools for future medical practice.

Keywords: telemedicine, data protection, patient data privacy, mobile apps, European community

Copyright: © the authors; licensee ecancermedicalscience. This is an Open Access article distributed under the terms of the Creative Commons Attribution License (, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Published: 11/07/2018; Received: 16/02/2018


Over the last two decades, information and communication technology (ICT) innovations have reached the field of health and healthcare, empowering citizens to take care of their own health, providing resources for patients and healthcare professionals, and improving the efficacy of service provision by hospitals and healthcare systems [1, 2].

The introduction of mobile technologies represents a substantial change in the way individuals relate to medicine and healthcare. For instance, 52% of smartphone owners use their device to search the Internet for health-related information [4]; smartphones and tablets have become the preferred instruments for healthcare practitioners who need to find information from their workplace [4].

Electronic Health (eHealth) can be defined as the safe and productive use of ICT in support of healthcare professionals and patients in health-related fields [1]. Its specific aim is to help and support all healthcare processes, ranging from prevention to detecting health problems, from diagnosis to disease treatment. eHealth may be used to support both professionals and patients: it may provide services for patients, such as monitoring at a distance, remote diagnosis, consultation, home care and training with self-care management, thus empowering patients relative to their disease [5]. At the same time, eHealth can decrease the workload of healthcare professionals, e.g. simplifying inter-professional communication, by providing an easy way to share information involving patients sharing common problems, as well as education and training from a distance [2, 6, 7].

These services are available even via mobile and wireless technologies: Mobile Health (mHealth) represents a subset of eHealth, namely the application of mobile technology to provide or use health services, share clinical information and collect data [7, 8]. mHealth offers the possibility to have a fast diagnosis, to provide a feedback system in order to monitor health status, promoting healthy behaviour and encouraging changes to dysfunctional behaviours; to provide easy access to treatment and rehabilitation; to receive electronic prescriptions or obtain informed consent rapidly, thereby cutting waiting times [1, 9]. Some apps work as information providers, improving health consciousness and literacy, as they give users an easy and portable access to educational material [7, 1013].

Due to the innovative opportunities they offer, mHealth is rapidly spreading in clinical contexts [14]. One of these is the practice of telemedicine, which is the use of ICT to deliver healthcare services by healthcare professionals; it allows a safe exchange of information, enabling people to communicate health-related issues—such as prevention, diagnosis, treatment and follow-up—from a distance, overcoming logistic and long distance criticalities [15].

Nowadays, more than 165,000 apps related to health behaviour are available in online stores. The most common are those related to fitness, behaviour and nutrition [16]. Wellness applications are designed to help people in embracing and maintaining a healthy behaviour, as they deliver interventions that can be customised and may encourage users’ adherence through an interactive system of messages and feedback [3, 17]. With the promises, ‘this app will help you to lose weight’, ‘this app will lower your blood pressure’, apps promoting fitness and healthy lifestyles are gaining success and their use is associated with the intention to change nutrition behaviour and improve physical activity [18]. Due to the nature of the information these apps require, there are issues of data protection and data flow to consider [21], as well as commercial interests in data collected by mHealth apps [22]. In addition, it has also been shown that health apps do not always provide entirely accurate health information to patients [19] and worries exist about their appropriate validation [20]: it should be considered that these apps and their functions are usually tested for usability rather than for medical efficacy. In order to overcome this issue, the Horizon 2020 European project iManageCancer developed an online platform with the aim of empowering cancer patients and strengthening self-management in cancer diseases, and designed a pilot study to test the platform’s efficacy.


Within the broad range of medical apps, some have been specifically designed for patients affected by illnesses with long trajectories. Some mHealth apps are meant for chronic sufferers and cancer patients, to help them manage their different therapies, monitor their symptoms, and improve their adherence to therapy; such tools facilitate patient-physician communication and increase the possibility of remote control, providing real-time exchange of information [2325].

Consequently, these tools attracted the attention of regulatory organisms in the United States and in Europe. Title II of the Health Insurance Portability and Accountability Act, enacted by the United States Congress in 1996, introduces policies to protect data privacy and the security of individuals’ medical information [26]. Then in 2009, the United States Department of Health and Human Services released the Health Information Technology for Economic and Clinical Health Act, a legislation act meant to promote health information technology [27]. In 2015, the Food and Drug Administration established that mHealth apps can fall under the definition of a medical device, when ‘the intended use of a mobile app is for the diagnosis of disease or other conditions, or the cure, mitigation, treatment, or prevention of disease, or is intended to affect the structure or any function of the body of man’ [28]. For the European Commission, the definition of medical device applies to any kind of instrument, including software, which are used for: ‘diagnosis, prevention, monitoring, treatment or alleviation of a disease or a handicap; investigation, replacement or modification of the anatomy or of a physiological process; control of conception’ [29].

In order to promote eHealth and mHealth, in 2012 the European Council released the eHealth Action Plan 2012–2020, the first formal commitment from all Member States to cooperate in the field of eHealth. The goals of the Action Plan range from the creation of an eHealth record to the online set up of health services, such as information on healthy behaviour and prevention of illnesses. Nevertheless, the lack of a uniform regulation among the countries remains a problem and the eHealth Action Plan points it out, underlining the importance of ‘promoting synergies between related policies and stakeholders, so as to develop better solutions, prevent market fragmentation and disseminate best practices’ [31].

The European Union has no uniform regulations for what concerns healthcare and medicine in general; the Directive 2011/24/EU provides the only guidelines available about health services, but many issues are not covered by any European regulation, especially what concerns medical liability [32]. Due to the differences in penal laws among European countries, it is hard to imagine a shared set of norms concerning eHealth, since the lack of uniformity potentially compromises its development [32]. The only directives concerning eHealth are the regulations on information service and data protection: Directive 95/46/EU, 200/31/EC and 2002/58/EC, specifically on ICT [32] and the new General Data Protection Regulation (GDPR) that will enter into force in May 2018.

The new GDPR has been introduced to harmonise privacy and data protection legislation within the European countries. Before the GDPR, most of the Member States had no specific laws on eHealth: each country asserted the general laws on data protection and professional conduct.


Developing novel regulation is made complex by the fact that it has to appropriately address a number of ethical issues relating to health apps. These include the aforementioned problems around accuracy and validity of data as well as data security and fair data flow, but also challenges of understanding and interpretation when patients have to make sense of health information on their own [33]. In addition and particularly considering mHealth instruments that have been designed for patients, it has to be discussed whether or not to require clinicians to treat patients initially in person before accessing, e.g. teleservices [34].

Regarding apps, the European Commission released a Working Document assessing some generic regulations for apps falling under the definition of a medical device [35], but the European legal framework is not sufficiently adapted yet to the regulatory needs arising from mHealth.

First, health apps seem promising tools to increase self-management, empowerment and quality of life [36], and studies involving smartphone apps are increasing in number. However, the efficacy of these tools is difficult to assess and the correlation between apps usage and positive health outcomes is still under investigation [37]. Due to the relatively recent emergence of this technology, evidence-based understanding of its effects has to be improved and further research on this topic is needed. It should also be considered that building a controlled research project may be complex because the testing of apps often implies patients using them in their everyday life; what emerged from the pilot study conducted for the project iManageCancer is the difficulty of combining everyday life with the many functions of the platform. Contrasting results on the effectiveness of these apps may thus depend on how these tools are used: an uncontrolled path entails many challenges in terms of adherence and data collection [38] and this problem is not easily overcome. However, efficacy remains a very important aim to reach, in order to meet patients’ needs.

Furthermore, it should be noted that the use of health apps is not free from risks. In general, health apps are not considered particularly dangerous; however, there is a series of acknowledged limitations and risks: one of them relates to the exposure of individuals’ privacy and security [18, 39]. When using web-based apps, private and sensitive data are collected, linked and analysed, including when data are transmitted from patient to physician [33]. Developing and implementing data protection that is in line with existing European and national regulation, and at the same time appropriately applicable to mHealth, is one of the current challenges for societies and changing medical landscapes [4042].

Another risk concerns the use of information provided by the apps, as mentioned briefly above [1]: many of the health apps act as information channels, but how can we be sure that people understand this information properly? Health literacy varies significantly between populations and abilities as well as cultural aspects shaping understanding of health information and subsequent behaviour differ [43]. The concern about patients’ (and citizens’, in general) literacy and the risk of inaccurate or misleading information is highly relevant [44]: mobile applications are not necessarily based on accepted scientific data and the lack of research and validity of these apps poses a question on who is accountable in case something goes wrong [1]. Concerning apps, generally, the producer is considered liable for damages caused by its product by Council Directive 85/374/EEC [6]; hence, consumer protection applies once the app is released. However, unless an app has been investigated as a medical device, there is no control a priori over its content. The concept of efficacy is still rather unusual for app developers: the success of an app is measured by the number of downloads and ratings, rather than effectiveness [38]. This might change, depending on if health apps will be classed more consistently as medical devices. Currently, however, this is a developing issue. For what concerns the iManageCancer project, designing the platform the developers based the apps on the scientific literature, with the aim of giving the patients verified information and reliable functions to manage their illness.

The incoming GDPR is implemented with some degree of difference between countries. The lack of a shared understanding of the legislation in Europe and the different interpretations it allows, and even more so, the lack of specific guidelines for mHealth guidelines make the use of mHealth tools challenging. They have great potential and could become effective and standard tools for future medical practice [41]. However, to avoid the practical and ethical issues mentioned above, a unified perspective across Europe and clear and specific guidelines both on clinical trials to test apps’ efficacy as well as on their use in clinical practice would allow more effective control over the use of telemedicine and more specific apps. This, in turn, would make it possible to ascertain the quality and validity of a particular instrument’s information, issues of data protection, etc., and how it is being used remotely, with the foreseeable result of increasing its appeal and ultimately, its adoption [30].


This project has received funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 643529. This paper reflects the authors’ view. The Commission is not responsible for any use that may be made of the information it contains.


1. Catan G, Espanha R, and Veloso Mendes R, et al (2015) The Impact of eHealth and mHealth on doctor behavior and patient involvement: An Israeli and Portuguese comparative approach Stud Health Technol Inform 210 813–817

2. Moen A, Hackl WO, and Hofdijk J, et al (2013) eHealth in Europe—status and challenges Yearb Med Inform 8(April 2016) 59–63

3. Dahlke DV, Fair K, and Hong YA, et al (2015) Apps seeking theories: results of a study on the use of health behavior change theories in cancer survivorship mobile apps JMIR Mhealth Uhealth 3(1) e31

4. Ventola CL (2014) Mobile devices and apps for health professionals: uses and benefits P&T 39(5) 356–364

5. Kondylakis H, Koumakis L, and Tsiknakis M, et al (2013) Smart recommendation services in support of patient empowerment and personalized medicine BT Multimedia Services in Intelligent Environments: Recommendation Services eds GA Tsihrintzis, M Virvou, and LC Jain (Heidelberg: Springer International Publishing) pp 39–61

6. Callens S (2010) The EU legal framework on e-health Heal Syst Gov Eur Role Eur Union Law Policy 9780521761(d) 561–588

7. Lewis J, Ray P, and Liaw S-T (2016) Recent worldwide developments in eHealth and mHealth to more effectively manage cancer and other chronic diseases—a systematic review Yearb Med Inform (1) 93–108 PMID: 27830236 PMCID: 5171554

8. USAID (2015) mHealth COMPENDIUM African Strateg Heal Proj 5(June) 1–86

9. Kondylakis H, Koumakis L, and Hänold S, et al (2017) Donor’s support tool: enabling informed secondary use of patient’s biomaterial and personal data Int J Med Inform 97(May) 282–292

10. Mobasheri MH, Johnston M, and King D, et al (2018) Smartphone breast applications 2013; What’s the evidence? Breast 23(5) 683–689

11. Murgia F, Cilli M, and Renzetti E et al (2011) Economic evaluation of telehomecare in chronic lung diseases Clin Ter 162(2) e43–49 PMID: 21533308

12. Sengpiel J, Fuehner T, and Kugler C, et al (2010) Use of telehealth technology for home spirometry after lung transplantation: a randomized controlled trial Prog Transplant 20(4) 310–317

13. Cho J, Park D, and Lee HE (2014) Cognitive factors of using health apps: systematic analysis of relationships among health consciousness, health information orientation, eHealth literacy, and health app use efficacy J Med Internet Res 16(5) e125 PMID: 24824062 PMCID: 4035139

14. Terry M (2010) Medical apps for smartphones Telemed J E Health 16(1) 17–22 PMID: 20070172

15. World Health Organization Global Observatory for eHealth (2010) Telemedicine: opportunities and developments in member states Observatory 2 96

16. IMS Institute for Healthcare Informatics (2015) Patient adoption of mHealth (Parsippany, NJ: IMS Institute for Healthcare Informatics) pp 1–59

17. Quiñonez SG, Walthouwer MJL, and Schulz DN, et al (2016) MHealth or eHealth? Efficacy, use, and appreciation of a web-based computer-tailored physical activity intervention for Dutch adults: A randomized controlled trial J Med Internet Res 18(11) 1–12

18. Carroll JK, Moorhead A, and Bond R, et al (2017) Who uses mobile phone health apps and does use matter? a secondary data analytics approach J Med Internet Res 19(4) e125 PMID: 28428170 PMCID: 5415654

19. Coppetti T, Brauchlin A, and Müggler S, et al (2017) Accuracy of smartphone apps for heart rate measurement Eur J Prev Cardiol 24(12) 1287–1293 PMID: 28464700

20. Mansukhani MP and Kolla BP (2017) Apps and fitness trackers that measure sleep: are they useful? Cleve Clin J Med 84(6) 451–456 PMID: 28628429

21. Rosenfeld L, Torous J, and Vahia IV (2017) Data security and privacy in apps for dementia: an analysis of existing privacy policies Am J Geriatr Psychiatry 25(8) 873–877 PMID: 28645535

22. Grundy Q, Held F, and Bero L (2017) A social network analysis of the financial links backing health and fitness apps Am J Public Health 107(11) 1783–1788 PMID: 28933939

23. Jiang Y, West BT, and Barton DL, et al (2017) Acceptance and use of eHealth/mHealth applications for self-management a mong cancer survivors Stud Health Technol Inform 245 131–135

24. Benze G, Nauck F, and Alt-Epping B, et al (2017) PROutine: a feasibility study assessing surveillance of electronic patient reported outcomes and adherence via smartphone app in advanced cancer Ann Palliat Med PMID: 29156896

25. Jibb LA, Stevens BJ, and Nathan PC, et al (2017) Implementation and preliminary effectiveness of a real-time pain management smartphone app for adolescents with cancer: a multicenter pilot clinical study Pediatr Blood Cancer 64(10) 1–9

26. (1996) GPO Health Insurance Portability and Accountability Act of 1996 vol Public Law [] Date accessed: 23/01/18

27. American Recovery and Reinvestment Act, XIII title (2009) Health Information Technology for Economic and Clinical Health Act

28. U.S. Department of Health and Human Services Food and Drug Administration (2015) Mobile Medical Applications. Guidance for Industry and Food and Drug Administration Staff

29. European Parliament and of the Council (2007) Council Directive 93/42/EEC of 14 June 1993 concerning medical devices Off J Eur Union (June 1993) 1–60

30. Krebs P and Duncan DT (2015) Health app use among us mobile phone owners: a national survey JMIR mHealth uHealth 3(4) e101 PMID: 26537656 PMCID: 4704953

31. European Commission (2012) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions: eHealth Action Plan 2012-2020—Innovative healthcare for the 21st century

32. Raposo VL (2016) Telemedicine: the legal framework (or the lack of it) in Europe GMS Health Technol Assess 12 Doc03 PMID: 27579146 PMCID: 4987488

33. Stellungnahme (2017) Big Data und Gesundheit—Datensouveränität als informationelle Freiheitsgestaltung Dtsch Ethikrat

34. Stroetmann K, Artmann J, and Dumortier J, et al (2012) United in diversity: legal challenges on the road towards interoperable eHealth eolutions in europe Eur J Biomed Informatics 8(2) 3–10

35. European Commission (2014) Green Paper on mobile Health (‘mHealth’) pp 1–20

36. Loiselle CG and Ahmed S (2017) Is connected health contributing to a healthier population? J Med Internet Res 19(11) 1–5

37. Rincon E, Monteiro-Guerra F, and Rivera-Romero O, et al (2017) Mobile phone apps for quality of life and well-being assessment in breast and prostate cancer patients: systematic review JMIR mHealth uHealth 5(12) e187 PMID: 29203459 PMCID: 5735250

38. Nilsen W (2015) mHealth’s revolution: balancing help and harm American Association for the Advancement of Science

39. Mense A, Steger S, and Sulek M, et al (2016) Analyzing privacy risks of mHealth applications Stud Health Technol Inform 221 41–45 PMID: 27071873

40. Prainsack B and Buyx A (2017) Solidarity in biomedicine and beyond (Cambridge: Cambridge University Press) 43–55

41. Carter A, Liddle J, and Hall W, et al (2015) Mobile phones in research and treatment: ethical guidelines and future directions JMIR mHealth uHealth 3(4) e95 PMID: 26474545 PMCID: 4704925

42. Moerenhout T, Devisch I, and Cornelis GC (2018) E-health beyond technology: analyzing the paradigm shift that lies beneath Med Health Care Philos 21(1) 31–41

43. Basu A and Dutta MJ (2008) The relationship between health information seeking and community participation: the roles of health information orientation and efficacy Health Commun 23(1) 70–79 PMID: 18443994

44. Kondylakis H, Kazantzaki E, and Koumakis L, et al (2014) Development of interactive empowerment services in support of personalised medicine Ecancermedicalscience 8(1) 1–14

Related Articles

Innocent Atuhe, Alfred Jatho, Babra Nalwadda, Judith Asasira, Martha Nantayi, Joseph Semujju, Naome Namwira, Kulusum Namayanja, Ashley Atwine, Semei Buwambaza Sekitene, , Jackson Orem
Ximena P González, Isabel Abarca-Baeza, Carmen Gloria San Martin, Ana Belén Ilabaca, Andrea Ibañez-Zuñiga, Rafael Herrada, Berta Cerda-Álvarez, Juvenal A Ríos
Table of Contents
Table of Contents