Will New Apple Health Apps Excerbate Privacy Concerns?

On September 9, 2014, Apple unveiled its new iPhone 6 and iPhone 6 Plus as well as several new health applications (apps) meant to provide a plethora of health services, communication, and tracking options for Apple users. While these apps were designed to bridge the patient-client divide and advance the health care options of users, will users also expose themselves to privacy and information stealing data in the process? Although Apple has explained the means these apps employ to overcome privacy and confidentiality concerns, do these measures, especially when considering the recent security breaches in the health information industry, go far enough?

New Apple Apps and Devices

Along with the release of the new Apple phones, the company introduced a smartwatch that has been reported to “double as a fitness device that can track steps, calories, and heart rate, among other things.” Additionally, the new operating system that is slated to be introduced with the new versions of the iPhone, the IOS 8, will include an app called Health, which will serve as a “dashboard for health and fitness information such as heart rate, calories burned, blood sugar, and cholesterol, plus lab results and medications.” Finally, HealthKit, the new tool for developers, allows them to share users’ health care data, if the user so chooses, according to Apple.

According to a CBS report on the new Apple device and app launch, the introduction of these systems have the potential to “revolutionize health care.” HealthKit, which was designed by Mayo Clinic doctors, is expected to be able to collect information for use in many different formats over long periods of time. Dr. John Wald, one of the creators of Healthkit, described the use of the tool in this way: “The grand vision would be once the information is contained within HealthKit, patients can take that on their iDevices or eventually Android and transfer that to wherever they are in the world or country.”

Privacy Guards, Risks

While the Wall Street Journal (WSJ) reported that Apple announced the policy of not allowing developers to use data gathered from HealthKit for advertising or data-mining, it also noted that some experts believe that the Apple policy “leaves room for interpretation.” Specifically, “the Apple guidelines don’t specifically require app companies to account for any disclosures they make,” and according to Deborah Peel, the founder of Patient Privacy Rights Foundation, instead, “users should be able to see exactly how these apps are using their data.”

Moreover, the WSJ discussed how Apple has partnered with “Epic, a large provider of electronic medical records to feed data into HealthKit,” and further noted that “few details of that arrangement have been disclosed.” In turn, the WSJ piece posed the question of whether Apple will sell the data collected by its Health apps, which would be highly sought after by medical researchers and insurers. Finally, the article noted the privacy laws that these apps could be subject too, specifically the Health Insurance Portability and Accountability Act (HIPAA) (P.L. 104-191), and discussed the extent Apple would have to comply with these measures. While the WSJ stated that “Apple hasn’t said whether it will apply HIPAA protections to the sensitive data it collects,” Dr. Wald was quoted as confirming that HIPPA safeguards were in place and were ultimately the responsibility of the user: “There are extra screens for users to view their HIPAA authorizations, view their privacy and to educate them a little bit about how to secure their device. Once the information leaves our establishment, it’s their responsibility.”

Despite the fact that there is evidence that Apple is attempting to ensure privacy compliance, the question of whether the information would not be appropriately secured so as to prevent a breach of confidential personal medical records is less clear. In light of the recently reported hacked medical reports in health information systems across the country, this could be the largest threat posed by the newest devices, apps, and tools in the health industry.
For a discussion of the FDA’s regulation of mobile medical device apps, please see House Committee Grills FDA on Regulation of Mobile Medical Devices and Mobile Applications as Medical Devices.

Medical Device Excise Tax Program May Require Surgery to Meet its Goals

The Treasury Inspector General for Tax Administration (TIGTA) has issued a report revealing inadequacies in the Internal Revenue Service’s (IRS) current strategy for ensuring compliance with the medical device excise tax created by the Patient Protection and Affordable Care Act (ACA) (P.L. 111-148). According to the TIGTA press release, the current IRS protocol for processing the Form 720, Quarterly Federal Excise Tax Returns that manufacturers, producers, and importers are obligated to file, is not sufficiently ensuring compliance and reporting of the new ACA tax.

Excise Tax

The ACA, through amendment to the Internal Revenue Code (IRC) (26 U.S.C. 4191), implemented an excise tax of 2.3 percent on the sale of certain medical devices. The tax, set out in regulations at 21 C.F.R 807, was projected to produce $20 billion in revenue for Fiscal Years (FYs) 2013 through 2019. The IRS has issued final regulations and the Department of Treasury has issued notices that are designed to provide guidance and ensure compliance with the new tax.Despite the agency outreach, the TIGTA investigation and report revealed that the number of Forms 720 filed and the amount of revenue reported was lower than had been projected.


The TIGTA Report identified $117.8 million in medical device excise tax discrepancies between the amount of tax collected by the IRS through the Form 720 process and the amount TIGTA calculated as proper. The TIGTA investigation revealed 219 “failure to deposit” penalties totaling $706,753 that were incorrectly assessed by the IRS. The IRS reversed 133 of those penalties and the remaining 86 were reversed by IRS management after TIGTA identified the errors. A significant fault in the present system that TIGTA identified is the inability of the IRS to determine the medical device manufacturers that are registered with the FDA, which are required to submit a Form 720. Without the ability to identify the tax paying population, TIGTA believes the IRS will be unable to form an effective strategy to ensure businesses are remaining compliant.


TIGTA’s primary recommendation is for the IRS to develop a protocol for identifying non-compliant manufacturers. Another recommendation is for the IRS to review tax returns that resulted in improper payments so the IRS can identify the appropriate amount owed. TIGTA also suggest that the IRS develop a correspondence mechanism so that IRS can obtain information about missing taxable sales and tax amounts.

Mobile Health Apps Bridge Doctor-Patient Divide

Among the top-rated iPhone and Android apps, according to healthline.com, are programs that allow users to track the distance they walked or biked for the day, keep a personalized log of prescription drugs and relevant medical information, record recurring symptoms, and even monitor their sleep cycles, so a programmed alarm clock will go off when the users are at their lightest sleep period and ready to be awakened. Recent reports have indicated that these apps are not just being used by consumers, but are also being touted by physicians as tools used in patient treatment. As the “convergence of medical and consumer apps” becomes more apparent, newer, more highly-functioning apps are expected, yet, will those apps overload our collective hard drive and prove to be more hassle than helpful?


A techonomy.com article explored the notion of the converging paths of medical and consumer health apps, stating that recent reports have shown that, “in the future, experts see the integration of consumer apps and devices into ‘a comprehensive healthcare and wellness information system,’ that could enable medical professional to help patients manage their health…” Specifically, the piece mentions the use of mobile apps at the cardiac rehabilitation program at the Mayo Clinic of evidence that, as one expert stated, “physicians are embracing the trend.” Additionally, four large app-building projects are underway at the Center for Digital Health Innovation at the University of California, San Francisco that would, if turned into products, be available to consumers to collaborate with physicians on health issues.

Recipe for Disaster?

While some are optimistic about the future of professional- and consumer-based usage of apps, others have raised questions about the future mobile app industry’s propensity for unwieldiness. In particular, an expert opined that the massive amounts and breadth of data that could be collected by these apps could present a regulatory nightmare while another claimed that “too much data could stifle physician productivity.”

On the Horizon

Regardless of the potential issues raised by the merging of mobile apps for consumers and physicians, it appears that innovation is already pointing in that direction, as one analysis finds that health care management apps are following in the footsteps of (and working in conjunction with) wearable fitness tracking devices. The report acknowledges certain apps that are “worth a look” including: Samsung S Health, which allows the consumer to track nutrition, fitness, and wellness; WebMD Healthy Target, which was designed as a tool for diabetics, hypoglycemic individuals, and those struggling with obesity to monitor weight and blood sugar; and Apple Health, which “displays personal biometric data- heart rate, calories consumers and burned, blood sugar and cholesterol – from the fitness apps that actually collect the data and from devices such as JawBone and IBGStar Blood Glucose Meter.”

An article published on the online Business Insider, however, states that while the new innovations in health care apps are popular, they are not necessarily effective. That source refers to a 2013 report issued by the IMS Institute for Healthcare Informatics that found “most consumer-oriented health apps are severely lacking when it comes to functionality or what they actually allow users to do.” Indeed, “…increased usage doesn’t necessarily correlate with quality.” Specifically, the author of this piece points out that while these health care supporting apps are plentiful, their functionality is limited. In turn, the source predicts, the real revolution is not in the convergence of consumer and medical professional usage of health apps but in the merging of wearable trackers that also function, as apps do, to compile and analyze tracked data. “The real killer app probably won’t be an app at all. It will be whatever device successfully combines the limited functionality that so many apps have into an integrated platform that can actually change people’s health and habits in a holistic way.”

This proposition begs the question, will these combined function devices take over the health care app game? If so, will these devices face similar regulatory and data administration and use challenges that health care apps potentially face? Regardless of the direction of this industry, the bridge between patient care by medical professionals, consumerism, and technology has been forged and consideration of its implications must be undertaken in order to cross it.

Breast Cancer Detection Rates Show Improvement with 3D Mammography

Researchers at 13 participating institutions have reported in The Journal of the American Medical Association that use of tomosynthesis, also referred to as 3D mammography, in conjunction with digital mammography screening was associated with an increase in cancer detection rates and decrease in the recall rate for additional imaging. The research was sponsored and funded by Hologic, Inc. of Massachusetts, manufacturer of the Selenia Dimensions 3D System,  which was approved by the FDA in 2011. The device takes many low-dose X-rays at different angles to create a three-dimensional cross-sectional image of the breast. The total radiation dose when tomosynthesis is added is approximately twice the current digital mammography dose but remains well below the limits defined by the FDA.

The study, “Breast Cancer Screening Using Tomosynthesis in Combination with Digital Mammography,” was led by Sarah M. Friedewald, MD of the Caldwell Breast Center, Advocate Lutheran General Hospital in Park Ridge, Illinois. A total of 454,850 examinations (281,187 conventional mammograms compared to 173,663 3D mammography exams) from March 2010 through December 2012 were analyzed in the study. Mammography plays a key role in early breast cancer detection and single-institution studies have shown that adding tomosynthesis to mammography increases cancer detection and reduces false-positive results. The new study analyzed the records from 13 U.S. mammography centers before and after they added tomosynthesis; comparisons were made of the cancer detection rate, how often women had to be called back for more scans to check on suspicious findings, and what proportion of the callbacks and biopsies actually found cancer.

Significantly the study observed use of 3D mammography with digital mammography  resulted in a: (1) 41 percent increase in the detection of invasive breast cancers; (2) 29 percent increase in the detection of all breast cancers; and (3) 15 percent decrease in women recalled for additional imaging. Cancer was detected in 4.2 of every 1,000 scans with digital mammography alone, but in 5.4 when the tomosynthesis was added. The researchers were encouraged by the increase in detection of invasive breast cancers, noting that tomosynthesis was “picking up the ones we want to be picking up.” In addition, the reduction in recalls of women for additional imaging was important to alleviate the associated concerns expressed upon reimaging.

While the studies bode well for other device manufacturers to market the device as a screening method in the United States, further studies are needed to assess the relationship of 3D mammography to clinical outcomes.