Mobile Health Apps Interactive Tool

Find out which federal laws you need to follow

Laws covered include:

• Health Insurance Portability and Accountability Act (HIPAA)
  The Office for Civil Rights (OCR) within the U.S. Department of Health & Human Services (HHS) enforces the HIPAA rules, which protect the privacy and security of certain health information and require certain entities to provide notifications of health information breaches.
  
  
• Federal Food, Drug, and Cosmetic Act (FD&C Act)
  The FDA enforces the FD&C Act, which regulates the safety and effectiveness of medical devices, including certain mobile medical apps. The FDA focuses its regulatory oversight on a small subset of health apps that pose a higher risk if they don’t work as intended. 
  
  
• Federal Trade Commission Act (FTC Act)
  The FTC enforces the FTC Act, which prohibits deceptive or unfair acts or practices in or affecting commerce, including those relating to privacy and data security, and those involving false or misleading claims about apps’ safety or performance.
  
  
• FTC’s Health Breach Notification Rule
  The FTC's Health Breach Notification Rule requires certain businesses to provide notifications following breaches of personal health record information.