DiGA and the app on prescription
On 10 February 2021, 46 interested parties met for the online event "The Digital Healthcare Act - DiGA and the app on prescription", which was organized by BioRegioSTERN. There was a diverse group of participants: representatives from research institutions, software and medical technology companies and authorities showed interest in the latest developments.
In their presentations, the speakers gave an overview of the technical and legal requirements for an app to be approved as a digital health application (DiGA):
Mr. Christoph Kisselbach (Schrack & Partner) showed when software should be classified as a medical device and which risk class a software should be assigned to in individual cases. The participants asked questions about the differentiation from wellness products, which are generally not medical devices, and about the scope of application of Annex XVI to Directive 2017/745 (MDR).
In the subsequent presentation on the current legislative and implementation status, Dr. Ulrike Brucklacher (VOELKER & Partner mbB) explained when a DiGA may be prescribed at the expense of statutory health insurance (SHI). The first hurdle that must be overcome by manufacturers/developers is inclusion in the directory for digital health applications (Section 139e SGB V), which is maintained by the Federal Institute for Drugs and Medical Devices (BfArM). Dr. Brucklacher also emphasized that the DiGA must be prescribed by a doctor or psychotherapist. Only when the DiGA is prescribed and subsequently downloaded/used does the manufacturer/developer begin to realize a return on investment. At the end of the presentation, a brief outlook was given on the rehabilitation and care app ("DiPA"), for which draft legislation is currently available.
Dr. Gerrit Hötzel (VOELKER & Partner mbB) began his presentation by pointing out the first practical pitfalls: Independent security researchers had discovered a significant security vulnerability in a DiGA shortly after its inclusion in the list maintained by the BfArM. This incident led to a sensitization with regard to data protection in the DiGA approval process and to the planned amendment of the DiGAV: penetration tests and security certificates will also be required for inclusion as a DiGA in the future. Dr. Hötzel showed how the production process of a DiGA could work and how cooperation with (foreign) service providers can be structured in a legally secure manner.
Ms. Jana Fessler (BioRegioSTERN) then presented a support offer from BioRegioSTERN regarding blockchain solutions for manufacturers/developers of DiGAs.
In the subsequent discussion round, the integration of US service providers against the background of the ECJ decision "Schrems II" on the invalidity of the "EU-US Privacy Shield" and the requirements of a clinical trial and its costs were discussed.
The event was moderated by Dr. Klaus Eichenberg and Ms. Anja Reutter (both BioRegioSTERN). Due to the great interest and the dynamic legal developments, it has already been announced that the event will be followed up with an update in fall 2021 - hopefully as a face-to-face event!
Status: 11.02.2021