Launching a functional, intuitive, and successful application or mobile device is a difficult task, but doing so in the healthcare space is further complicated by the number of stakeholders and industry regulations. We compiled this guide to provide recommendations for outlining, developing, and launching a successful digital health application. This guide is for anyone who wants to launch a digital health product—whether you are only assessing the potential of the idea, looking for a development partner, or preparing to launch the product. It's intended to give you a step-by-step overview of the stages of the healthcare application development, listing important considerations and issues to be aware of throughout the whole innovation cycle.
Step 1: Validate the idea
Before you decide to embark on the innovation journey, answer the following questions:
- Who will be the primary user? Will there be more than one user?
In a complex industry like healthcare, there is a large number of stakeholders along the whole healthcare continuum. This means there are also many potential user types for your mobile product. The success of your product depends on identifying and focusing on the most relevant user group(s). The users can be defined as the patient, healthcare provider, health insurance company, or any entity in between. Sometimes, the application can be used by more than one user, so keep in mind that you have to consider all stakeholders during each of the following steps.
- Does my idea add value to the user(s)?
To be viable, your idea should improve a certain outcome or process, or establish a better one altogether.
- Has anyone executed this idea before?
Your idea might be user-focused and functional, but it may not be unique. Do your research and be aware of existing competition to correctly assess the potential of your invention.
- Can I execute my idea better?
While existing competition can create concerns, evaluating the competitors’ offerings is a chance to improve on their shortcomings and introduce a superior product to the market.
Step 2: Validate the business case
Once the value of the idea for the end user is proven, it is important to determine its business value (or in other words, profitability).
The questions to answer at this stage will be the following:
- What is my revenue model?
Determine whether you will offer your product for free, as a one-time sale, as a subscription model, or use an alternative monetization strategy. In a complex industry like healthcare it's possible to build alternative revenue models that will not require payment from the end users, but rather, will be attributed to an intermediary stakeholder. For example, if your product will be used by the nurses, it will most likely be purchased and paid for by the medical facility that employs the nurses—an intermediary stakeholder—rather than the end users. This step requires you to be realistic about all the assumptions you have made so far. Even if your idea adds value to the user, the stakeholders or the end users have to be willing to pay the amount charged for the additional benefit.
- How big is my market?
Keep in mind the total available market for your innovation. While any business is aiming to reach 100% of the market, they most often concentrate on a portion of it, or the serviceable available market (SAM). Cost or location may make it difficult to reach some of the market, but be sure your SAM is sizable enough to ensure your invention has a consistent user base. Keep in mind that you won’t be able to reach the whole SAM at once. Rather, you will slowly be building your share of market to reach all the users in the SAM.
- Is my idea profitable?
So, you've determined how many potential end users you have and whether you are going to charge them directly, or employ an alternative monetization strategy. Now, you have to evaluate whether your selected market and revenue model will be enough to make your business profitable. While it is difficult to make predictions with 100% accuracy, making realistic (and even conservative assumptions) will help you validate the profitability of your venture.
Step 3: Identify applicable regulations
Verifying whether FDA or HIPAA regulations are applicable to your innovation is an important step that often gets overlooked until later in the process. Once the viability and profitability of the innovation are established, the applicability of relevant regulations has to be established as well.
The answers to the following questions can help you determine whether your innovation will be regulated by the FDA or require HIPAA compliance:
- What is the extent of the impact on the user?
You need to accurately specify the effect of your app or device on the users’ health. The FDA will regulate any device or application that can pose a threat to the user’s health. For example, if an application provides important heart rate readings for patients suffering from high blood pressure, the inaccuracy or malfunction can pose a significant risk to the patient’s health. On the other hand, if the application functions as a pedometer or a fitness tracker, it won’t have the ability to negatively impact the user’s health in a way that is life threatening.
- What kind of information will my app or device work with?
To deliver the promised value, your product will most likely collect some health information from the user. Be aware of all the information that will be collected by the device or the app throughout its use. HIPAA compliance is required for any device that is dealing with the patients’ PHI, or Protected Health Information. If your invention requires transmission of personal health data that can be traced back to the individual patient, you will have to make sure that the application or device adhere to all the required HIPAA specifications.
Step 4: Ensure HIPAA compliance
Ensuring compliance can be overwhelming, considering the number of specifications and regulations you have to adhere to, and the legal implications in case of potential violations—whether they were intentional or not. Building FDA-compliant technology can often double or even triple the cost of product development and maintenance. FDA regulations for mobile solutions require an approach similar to the one used for other medical devices regulated by the FDA. It can significantly constrain the agile development process, as FDA projects tend to function under the waterfall model.
For the purposes of this guide, we will only focus on HIPAA compliance. HIPAA specifications encompass the whole cycle of the application development. Working with an educated partner who understands HIPAA regulations and can guide you through the whole development process will eliminate the risk of violations and can ensure that all required guidelines are met.
All of the following issues have to be taken into account while developing the app in order to comply with HIPAA:
- Is the back end of the application and the data within it secure?
Since the main consideration under HIPAA is protecting PHI, it is only expected that the security of the data (and the process that handles it) will be a priority as well. The back end of the application has to be HIPAA-compliant – that means that all the data has to be stored on a dedicated, secure, and compliant storage. The data cannot be stored on the user’s device without proper encryption, and there should be procedures in place for proper disposal of PHI.
Beyond storage, transmitting and use of the collected or stored information can fall under safety regulations of their own. Finally, what data is presented and displayed on the front end needs to be controlled as well. For example, an application that helps the user manage their medications cannot send a push notification that includes the name of the medication. Information about medications falls under PHI, and a push notification can potentially be seen by anyone besides the primary user. Displaying it as a push notification would constitute a HIPAA violation.
- How do security requirements affect UX?
Since security requirements have implications on the user-facing side, it is important to evaluate them before development in order to not compromise the user experience. This will include everything from the design and implementation of login and user access points, to the way the notifications are pushed and displayed. Moreover, user testing of regulated apps is not allowed until after the beginning of clinical trials if the app or device is intended to provide treatment, or can impact the user’s health.
- How do I keep my app compliant without sacrificing functionality?
Striking a balance between functionality and compliance is difficult. When choosing a development partner, look beyond just professionalism and technical expertise. Partnering with a company that understands the extent of HIPAA regulations and can share best practices will facilitate the process. A developer can show you a whole array of standard and up-to-date technical implementations.
However, if the implementation is prohibited by HIPAA, an alternative solution will either come at the expense of the reduced functionality, or additional costs. A knowledgeable partner, however, can provide you with an alternative solution to a problem that would become a major roadblock with a more straightforward approach.
Step 5: Design and Development
Just like with any good design, a good application must be created with a focus on the user. This requires developing an understanding of the current state of the healthcare industry, its operations, and common practices. It also require knowledge of the users and their interactions within the healthcare industry in order to seamlessly integrate the product into the users’ lives.
Some things to consider at the design and development stage are:
- What is the current process followed by the primary users?
Creating an effective user experience requires understanding the primary user or users. Consider the context in which the users apply their day-to-day technology, and whether your app or device will be used in the same context. While you want your solution to positively affect the status quo, you don’t want the change to be so drastic that it prevents the users from adopting it.
- What are the current technology trends?
With the exponential rate of tech innovation, it might be hard to keep up and even harder to stay ahead of competition. Be aware of the technology trends and be open to adopting new technologies to better implement your idea. Conducting a competitive analysis of the technology industry and working with partners that are proficient in new technology can help you deliver value in the best way possible.
- How will the user engage with my app or device?
While you may have a general understanding of how the app or device will function and how it will benefit the end users, even the simplest applications have a more complex set of interaction rules behind them. Consider all, including the most minor, aspects of the user interaction process—from how often the user will need to interact with the product, to the number of steps it will take to login or logout from the app.
Although we outlined the guide above as “steps” essential to launching successful product, in reality, the development and implementation stages have to be performed in several iterations for a truly viable solution. During design and development you will most likely face issues that you hadn’t thought of previously, or simply come up with new and useful features. However, adding a new feature in step 5 requires going back to step 4 to ensure compliance with HIPAA. As a result, steps 4 and 5 are performed on a continuous loop until no further updates are required.
However, a knowledgeable development partner can advise you on when exactly the HIPAA regulations have to be addressed. Sometimes, there are simple workarounds for the challenges the restrictions present. In one example, our team worked with Luminopia, a local Cambridge-based startup aimed at treating visual disorders using emerging virtual reality technology. The Luminopia app teaches users with strabismus to play various VR games to train and improve their vision. When it came time to conduct user tests, Luminopia faced a problem. Patients had to test the app to ensure it worked, but HIPAA regulations prevented testing the application before the completion of clinical trials. Intrepid determined the solution was to test only the onboarding process, not the actual games. This allowed users to still try the app and evaluate the concept, while maintaining the health of the users’ vision and not violating any of the regulations.
When listing product features, always aim for simplicity. Even though the features may seem useful at the first glance, adding too many features can have a negative impact on the user experience, in addition to being more costly. Do not be afraid to try alternative and unexpected solutions—the key to success at these stages is dialogue and exploration.
Ultimately, understanding the whole ecosystem in which the application will exist, and the combination of tech expertise and user insights is what allows one to create a truly useful application. Going through the checklist above and addressing all the considerations will prepare you for the launch of a comprehensive, practical, and innovative digital health application. And, if you feel like you need more guidance, we are always there to help.