Legal advice on health apps

Health apps

Health apps developed in compliance with legal requirements

We support the development and operation of health apps, helping with everything from data protection and access to drafting contracts with partners and service providers.

Arrange an initial consultation

What are health apps?

Health apps are part of the eHealth sector and are digital applications that help users promote their health, monitor medical values or accompany certain therapies. They cover a wide range: from fitness and nutrition apps, to service apps that remind you to take medication or organise doctor's appointments, to medical apps that help diagnose and treat diseases. Providers of these apps are often IT companies, pharmaceutical companies or health insurance companies. Regulatory compliance is particularly important for medical apps, as they need to be approved as medical devices.

What challenges do companies & organisations face when using and/or developing health apps?

Both companies and organisations that use health apps and those that develop them have to comply with data protection regulations. This includes information and documentation obligations, but also dealing with authorities, stakeholders and competitors.

Good contract management is also important when working with external service providers - or as an external service provider. In particular, this involves drafting advantageous contracts and dealing with claims in the event of non-performance or poor performance (e.g. warranty or compensation).

Another challenge is the right of access to data. Developers and providers of health apps need to ensure that they can access and process data, such as patient data or medical measurements, in a legally permissible manner.

If the health app contains AI functionality, additional compliance requirements apply, for example from the AI Regulation or copyright law.

Finally, it can also make sense for an app to be included in the DiGA directory of the Federal Institute for Drugs and Medical Devices (BfArM) as a "digital health application" (DiGA for short). These apps can then be prescribed by doctors and health insurance companies will cover the costs. However, there are special requirements that have to be met.

How we can help you with health apps

Comprehensive data protection and information security advice: We help you comply with GDPR and other data protection regulations, as well as IT security to ensure the protection of sensitive health data.
Data protection audits and DPIA: We conduct data protection audits and conformity assessments, including data protection impact assessments, and prepare legally compliant data protection statements.
Contract drafting and review: We draft and review contracts specifically tailored to the development and use of health applications (e.g. order processing contracts or joint controller agreements).
Data access and trade secrets: Advice on data access and the protection of data and trade secrets, taking into account the relevant regulations (including the Data Protection Act, the EHDS, the Law on Trade and Commerce and SGB V).
AI advice: Advice on compliance with legal requirements for artificial intelligence - in particular the AI Regulation.
DiGA directory: Support for inclusion in the DiGA directory by fulfilling the test criteria of SGB V.
Extrajudicial and judicial representation: We represent you in the out-of-court enforcement and defence of claims as well as in administrative and court proceedings.
Compliance training: We offer tailor-made training for your team to ensure that all employees are informed about the legal requirements in the eHealth sector.

Arrange an initial consultation

Intro

Our motto: secure, radical, digital.

SRD is the boutique law firm for digital projects, supporting you from kick-off to go-live. We combine technical innovation with compliance. We create radically clear legal scope for this.