19 1 Apps in healthcare and medical research; European legislation and practical tips every healthcare provider should know is advisable to work with a software manufacturer who is experienced in working in the medical app domain or to involve someone to oversee the project and advise on requirements. The Data Protection Officer of an institute can serve as a starting point.10 Table 1: Requirements for data collection, processing and storage according to the GDPR Lawfulness, fairness and transparency Personal data should be processed in a lawful, fair and transparent manner Limited purpose Personal data should only be collected for a specified use Confidentiality and integrity Personal data should be processed according to the appropriate security level and should be protected against unauthorized access, accidental loss, destruction or damage Data minimisation The collection of personal data should be limited, only data relevant to accomplish the specific purpose should be collected Storage limitation Data should not be stored longer than needed to accomplish the specified use Accuracy Personal data should be accurate and kept up to date when applicable Medical Device Regulation The Medical Device Regulation (MDR) came into force on May 26th 2021, after a prolonged transit period of four years in total.7,14, The MDR is effective in all members of the European Economic Community (EEC), including Switzerland, Norway, Iceland, Liechtenstein and excluding Great-Britain. The MDR replaced the Medical Device Directive (MDD) (93/42/ EEC).15 As the MDD was a European directive, its implementation in national laws varied among members of the EEC. Legislation became non-transparent, making it difficult and time-consuming for manufacturers to release new products onto the market, and regulation of medical devices was problematic. The new MDR should improve transparency, decrease time from innovation to market and provide a better overview of available medical devices. As a HCP, the MDR is important to be aware of, as health apps easily meet the definition of a medical device. According to the MDR, ‘medical device’ means: “any instrument, apparatus, appliance, software, implant, reagent, material or other article intended by the manufacturer to be used, alone or in combination, for human beings for one or more of the following specific medical purposes: — diagnosis, prevention, monitoring, prediction, prognosis, treatment or alleviation of disease, — diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or disability, — investigation, replacement or modification of the anatomy or of a physiological or pathological process or state, — providing information by means of in vitro examination of specimens derived from the human body, including organ, blood and tissue donations…” (Fragment of the official definition of a medical device as provided in the MDR)15
RkJQdWJsaXNoZXIy MTk4NDMw