Legal Advice on Health Apps

Health apps help users promote health, monitor medical values or support therapy. Companies and organisations developing or offering such apps face a wide range of legal challenges, including privacy, data access rights and contract drafting. We provide comprehensive legal advice and support in the development of health apps, whether you are developing the app yourself or working with a service provider.

Our Services Request a non-binding introduction now!

What are health apps?

Health apps are part of the eHealth sector and are digital applications that help users promote their health, monitor medical values or accompany certain therapies. They cover a wide range: from fitness and nutrition apps, to service apps that remind you to take medication or organise doctor's appointments, to medical apps that help diagnose and treat diseases. Providers of these apps are often IT companies, pharmaceutical companies or health insurance companies. Regulatory compliance is particularly important for medical apps, as they need to be approved as medical devices.

What challenges do companies & organisations face when using and/or developing health apps?

Both companies and organisations that use health apps and those that develop them have to comply with data protection regulations. This includes information and documentation obligations, but also dealing with authorities, stakeholders and competitors.

Good contract management is also important when working with external service providers - or as an external service provider. In particular, this involves drafting advantageous contracts and dealing with claims in the event of non-performance or poor performance (e.g. warranty or compensation).

Another challenge is the right of access to data. Developers and providers of health apps need to ensure that they can access and process data, such as patient data or medical measurements, in a legally permissible manner.

If the health app contains AI functionality, additional compliance requirements apply, for example from the AI Regulation or copyright law.

Finally, it can also make sense for an app to be included in the DiGA directory of the Federal Institute for Drugs and Medical Devices (BfArM) as a "digital health application" (DiGA for short). These apps can then be prescribed by doctors and health insurance companies will cover the costs. However, there are special requirements that have to be met.

How we can help you with health apps

  • Comprehensive data protection and information security advice: We help you comply with GDPR and other data protection regulations, as well as IT security to ensure the protection of sensitive health data.
  • Data protection audits and DPIA: We conduct data protection audits and conformity assessments, including data protection impact assessments, and prepare legally compliant data protection statements.
  • Contract drafting and review: We draft and review contracts specifically tailored to the development and use of health applications (e.g. order processing contracts or joint controller agreements).
  • Data access and trade secrets: Advice on data access and the protection of data and trade secrets, taking into account the relevant regulations (including the Data Protection Act, the EHDS, the Law on Trade and Commerce and SGB V).
  • AI advice: Advice on compliance with legal requirements for artificial intelligence - in particular the AI Regulation.
  • DiGA directory: Support for inclusion in the DiGA directory by fulfilling the test criteria of SGB V.
  • Extrajudicial and judicial representation: We represent you in the out-of-court enforcement and defence of claims as well as in administrative and court proceedings.
  • Compliance training: We offer tailor-made training for your team to ensure that all employees are informed about the legal requirements in the eHealth sector.

Request a non-binding introduction now!

Why Schürmann Rosenthal Dreyer is your partner for eHealth solutions

Schürmann Rosenthal Dreyer combines 16 years of legal expertise with in-depth technical know-how to provide you with comprehensive eHealth solutions. Our firm not only has experienced lawyers, but also technology experts who work together to make your digital health projects legally compliant and future-proof. As initiators of the Health & Law network, we are deeply involved in the field of health law and are committed to the legal protection of innovative health solutions.

Our expertise has been recognised many times: We have won the prestigious JUVE award for Law Firm of the Year in the area of Data Protection and IT and are listed in The Legal 500 as one of the top 2024 law firms.

Trust Schürmann Rosenthal Dreyer - the partner who will make your eHealth projects a success with a unique combination of legal excellence and technical understanding.

Non-binding initial consultation for your health app

Why not arrange a no-obligation initial consultation with one of our specialist solicitors to discuss your situation and advice needs?

Request a non-binding introduction now!