Like any other software development project, components for building a mobile health app need to be hashed out and discussed before delving into the building and testing process. Deciding feature sets for mobile health apps requires more planning than most other kinds of apps as this technology is subject to more regulation than run of the mill applications.
Building a mobile health app – note that we’ll occasionally use the term ‘mHealth’ as well – requires a bit more planning than traditional apps as a software of this flavor is subject to more criteria than just feature sets – everything in the medical realm is subject to HIPAA regulation meaning that elements need to be airtight. Here, we’ll start by looking at the most critical components of this highly-regulated software then soundboard on popular auxiliary features for mobile health applications.
Establishing a baseline for features and minding the security
Before thinking about the various features you might want to include, you need to create a foundation for decision making that captures the essence of balancing convenience with data security and privacy protection. Above all, users ranging from patients to practitioners need to be secure from end to end while using a mHealth app.
Developing such applications has an inherent amount of risk that can be quantified by identifying areas that can be abused. One such example is with content you may be tempted to aggregate from other sources – if you’re whimsically pulling content from third-parties and make the claim that you provide medically sound advice, you could open yourself up for legal action if someone were to be injured or killed.
More than ever, mobile authentication is perhaps the top priority for mobile health, just as it is for run-of-the-mill applications we see in app stores. Ensuring that users “are who they say” is critical to protecting private health information and maintaining trust. It should be both a convenient process for users as well as secure enough to satisfy HIPAA compliance. Too, users need to be secure throughout the time they’re using the app which is critical when deciding the feature set that you’ll either build or integrate from third-party service providers.
The most important components in building a mobile health app
One of the first matters to consider before getting the ball rolling in building a mHealth app is deciding who will be using the app. Is it going to be an app used by the masses like a fitness app or is it going to extend beyond “regular” usage and integrate with medical service provider systems like EMR or EHR platforms?
The US National Library of Medicine (NCIB) produced a significant study on feature sets for mobile health apps. They compiled a high-level list of some of the most important features that can (and should) be included when building a mobile health app.
Let’s look at some top features NCIB mentions and expand on the most pertinent components with some additional insight.
General education via good content. Solid, verifiable information is the bedrock of building and sustaining trust with a userbase for virtually everything on the Internet. The nice part is that this doesn’t require any kind of special component as your content is something that is controlled via a REST HTTP API that will push and pull data from your database.
The one area where content can cause issues is when aggregating content from other services. You run the risk of cross-site scripting (XSS) exploits (among other attacks) when pulling data from third-party sources. In these kinds of attacks, code can be embedded into content meaning you need to be careful when selecting resources for your content. Ideally, content should be original and any links you choose to include should be reviewed to ensure nothing dangerous is hidden in third-party content.
Gamification to keep users engaged. If sports or video games didn’t include systems that scored based on your performance, the appeal wouldn’t be quite the same. We use these metrics to determine “who is better” which is the basis for competition. However, scoring through gamification doesn’t necessarily mean being better than anyone else – today, we use scoring systems as a KPI for self-improvement.
As you can see from the Apple Activity screenshots in this section, gamification can be applied to everything from exercising, for example, tracking your performance on walks, bike rides, to other metrics like diet, weight, blood pressure, and much more. Adding a scoring system engages people and helps them meet goals so it should tie to long-term analytics that tracks and assesses a person’s progress with their mHealth data.
The one area where this gets tricky is when companies decided to integrate social media functions that can post information to one or more platforms. It’s one thing when you have a fitness app like Strava that can share your course and times but it’s another when you collect and retain HIPAA protected information. If you choose to include such features – at Blue Label Labs don’t recommend doing so – apps must be refined to only share non-HIPAA protected information to public forums. While some people enjoy sharing their stats with the world, you run the risk of users inadvertently sharing sensitive information that could land you in hot water.
Planning and workflow. Planning and workflow are prima facie deciders for many users in selecting mobile health apps as these tools are the staple of any health-related journey. Planning and workflow in a mobile health allows users to construct a timeline for fitness goals as well as see results from data collected over time. For example, It’s one thing to be able to review a timeline of, say, your blood pressure but it’s another when this information is tethered to a plan and augmented with analytics that truly provides insight for making improvements.
Secure systems like the Validic offer data-driven tools that collect health information you plug into an app as well as information for appropriately configured biometric devices. In conjunction with a workflow system, you can build great experiences that help users both identify and progress towards health goals. Too, this system can securely pass off data via a REST API to medical providers, making it useful for clinical application.
Communication tools. It has become popular to integrate messaging and calling software into mHealth apps for a couple of reasons. Certain apps (namely, fitness apps) function as social platforms where users engage with other users, sometimes through community forums and occasionally, through messaging systems. For true mobile health apps, this opens up capabilities in connecting with medical service providers by leveraging secure tools to communicate with staff for everything from scheduling appointments to conducting telehealth services.
We recommend using Twilio as a third-party integration for communication service when building a mobile health app. It has one of the most robust APIs on the market for communication – at the end of the day, this means that it can be tailored to meet HIPAA compliance for messaging, calling, and video.
EMR and other third-party integrations. You don’t need to reinvent the wheel or necessarily build-out every feature that you want to include. Using services like Apple Health and their HealthKit, your app can securely communicate with a repository for health data. It provides a toolset that allows you to select à la carte features that you’d like to use for your app via their API.
Google Fit does the same by offering another good toolset – they provide an SDK that allows developers to use their features for developing fitness apps allowing developers to piggyback on Google Fit features in lieu of building them from the ground up or using features from a less reputable platform.
A mobile health app that will connect with EMR systems depends on the existing technologies in place at any given medical service provider. Medical systems like athenahealth provide a RESTful API that furnishes developers with the ability to push and pull HIPAA-protected information between the app and medical databases. With athenanet and other similar platforms, this opens up a new world of data for providers that can be used to help treat a variety of conditions by providing a continuous feed of data from an app, whether it’s manually inputted by a user or automatically collected from a biometric Bluetooth device.
When you’re integrating with medical providers, it is important to mitigate risks by ensuring that data stays effectively siloed. It’s a lot like feeding a toddler that won’t eat their food if it’s touching – except instead of a temper tantrum, you can run the risk of inadvertently transmitting data to areas of an app where it can be abused, especially if you decide to integrate social components like community forums (or other less secure features) into your app.
Sharing data with open data sets. Some apps, for example, those that take advantage of contact tracing features, will need to push and pull data from publicly accessible resources like those offered by HealthData.gov. For health apps designed for population health, APIs provided by such systems are integral to developing large sets of data that public health scientists can learn from.
Much like the point we just made above, data needs to be combed through and presented without any kind of personally identifiable information (PII) attached to be HIPAA compliant. Developers will need to “clean” data for this usage scenario as sharing any information with a central repository could mean costly HIPAA fines and a lack of trust.
Blue Label Labs can build your mobile health app
Through data strategy, we challenge assumptions and hone in on real usage scenarios to break away from the competitive set in the mobile health world to build innovative apps. We recognize the obstacles and rewards when building apps for healthcare – our experiences with medical development allow us to make secure, functional apps that delight users and meet all data compliance regulations. If you’re in the market to build your app or integration, talk to us today to learn more about our process.
Get the latest from the Blue Label Labs’ blog in your inbox
More in Development
How to Setup SSH Tunneling to Access AWS EC2 and RDS Resources Using PuTTY
Accessing AWS resources, such as a Linux EC2 machine or a PostgreSQL…
App Marketing Tools That Can Help You Grow Your Business
The idea behind most software releases is to garner as many users…
How Pet Tech Can Follow in the Footsteps of Home IoT
Our pets bring substantial joy to our lives which is why we…