23 1 Apps in healthcare and medical research; European legislation and practical tips every healthcare provider should know PART II: RESPONSIBILITY AND LIABILITY OF THE END-USER The manufacturer is the legal person responsible for compliance with the GDPR and the MDR of an app. However; any person, organization or company that puts a name or trademark on a medical device is stated as the manufacturer. In healthcare it is imaginable that a HCP has an idea for an app and then starts looking for a manufacturer. In large healthcare organisations, this may be facilitated in-house, but in smaller organisations this may be an external party. In the first scenario, the healthcare organisation is also the manufacturer. In the second scenario, where the app was built by an external party, the issue of who is deemed the manufacturer is more complex. For example, when the healthcare organization publishes an externally built app in the app stores, it is the healthcare organisation who legally becomes the manufacturer. When a healthcare organization uses a pre-existing app, but rebrands the app to match the corporate identity, the healthcare organization might become the manufacturer as well. In those scenario’s it is important to be aware of the responsibilities attached to being the manufacturer, or legally transfer them to the organization or party that actually built the app.21 When considering using a pre-existing app it is important to realise that the HCP using or advising the medical app can be held responsible when any harm occurs to the end user. Imagine a HCP considering a diagnostic test for a specific patient. The HCP uses a medical app to aid his/her decision and decides not to perform a diagnostic test based on the outcome advice of the app. What if the HCP misses an important finding or diagnosis? When the HCP uses an app that has been thoroughly tested and complies with all applicable legislation, the HCP cannot be held responsible as an individual healthcare provider, but the manufacturer can be. A manufacturer can also be held responsible for an app on which a CE-marking is wrongly applied or does not comply with the standards for post market surveillance. When HCPs decide to use an app which is not CE-marked it is their miscalculation to choose this app and therefore both the HCP and the organization they are working in, can be held responsible. Every medical device has a clearly stated intended use; the medical device is tested and certified for this use. When the HCP uses the app for purposes other than the intended use, the manufacturer cannot be held responsible. Manufacturers will therefore be very specific in formulating the intended use of a medical device. In this regard, it is essential that apps to be used are assessed on their quality and safety conformity and intended use, which may be done by several frameworks as discussed in the next section.
RkJQdWJsaXNoZXIy MTk4NDMw