Canadian Mobile Health Initiatives: Lessons Learned

Recent Canadian initiatives suggest that mobile health applications can help integrate healthcare into individuals’ daily lives, by enabling remote communication between healthcare providers and patients. These first initiatives have revealed significant opportunities for healthcare, as well as important challenges to be addressed. What lessons do we need to learn from these experiences in order to expand the scope of mobile health?

In the last few years, mobile health applications have been launched by several Canadian hospitals and healthcare organizations. Mobile health applications extend healthcare beyond traditional settings by making it possible to monitor patients’ health remotely. Mobile phones and tablets have been adapted to monitor heart rate, blood glucose levels, and other health indicators and upload results to online portals accessible to patients’ healthcare providers. Mobile applications can also be used to educate and inform patients and to enable more frequent communication between patients and healthcare providers. To offer a couple of examples, these capabilities are being used to help patients prepare for surgery and to monitor patients just released from hospital. As for future possibilities, mobile applications are especially well-suited to supporting patients with complex and chronic health conditions that need to be monitored continuously.

Mobile health initiatives have begun to take healthcare into new domains, uncovering new opportunities and challenges. Creators and managers of mobile health applications have had to learn as they go, and adapt to unforeseen obstacles. What can we learn from these initial experiences? We offer a few points of interest to organizations considering the potential of mobile health.

Mobile health lessons learned

Mobile app purchasing is different from software or hardware purchasing.

When healthcare organizations seek to purchase computer hardware, there are usually about ten major vendors to consider. With software, there are perhaps fifty established companies to choose from. There are thousands of mobile application creators. Organizations need support from people with experience in mobile health to formulate clear requirements and priorities and help narrow down an extremely wide field of vendors.

Mobile health apps need to work on more than one kind of phone.

Mobile health applications are often intended to be installed on patients’ own phones. Even where healthcare organizations choose to provide phones to patients, the Canadian Radio-Television Telecommunications Commission (CRTC) requires that they be given the option of switching telecommunications service providers, which may mean switching phones. In either case, mobile health applications have to work on different types of phones (e.g., iPhone, Android, Blackberry). Compared to software, mobile applications rely more heavily on a device’s operating system, with the result that the same app is likely to behave quite differently on different phones. Mobile applications need to be written and tested for different phone operating systems. Since applications are often intended for a large number of users who have different kinds of phones and may lack technological proficiency, considerable technical support is needed to address the variety of problems that may arise.

Calculate costs per capita.

Because different versions of mobile applications need to be designed for different phones, applications usually have higher operating costs than software. Costs of ongoing development and support are also considerable; for instance, the application will need to be updated every time a phone operating system is updated. Before launching an application, organizations need to consider the cost per patient for the patient population they expect to serve. Because of relatively high ongoing costs, it makes most sense to design applications relevant to large populations in order to benefit from economies of scale.

Don’t forget about backend support.

Mobile health apps used by patients or health professionals need to be supported by backend databases and systems (e.g., hospital servers) that manage data collection and storage, user identification, security, and privacy, among other functions. Data collection and access systems need to be designed to protect patient privacy. For example, before the application is launched, it needs to be decided whether incoming data streams will be linked to identifiable individuals or not. Applications will also need to integrate patients’ previously stated privacy and confidentiality preferences regarding who can view their health information. While telecommunications systems can generally assure secure data transmission, backend security systems need be configured to ensure that telecommunications providers do not have access to patients’ personal health information.

Backend support infrastructure requires considerable resources, and is a much better investment if it is capable of supporting future updates and applications. If possible, backend support systems should be aligned with Canada Health Infoway architectural standards, which will allow them to be adapted more easily to future needs and integrate better with other systems.

Plan ahead for operating support.

When healthcare organizations purchase a mobile application from outside IT service providers, they cannot simply turn over responsibility for access, privacy, and security to the provider. If outside service providers are going to provide operating support, healthcare organizations need very well-written agreements to ensure that the service providers comply with the organization’s privacy policies and legal obligations. Mobile health applications cannot be managed in isolation from the organization’s regular operations, but need to be integrated with existing business processes, such as patients’ privacy and confidentiality directives. Deciding how the healthcare organization and IT service provider will work together to manage an application takes careful planning in terms of both policy and operations.

Thinking ahead

Mobile health applications to date have generally been designed along unique lines for specific contexts. Now that they are becoming more common, it makes sense for healthcare organizations to consolidate what they have learned and begin to develop common standards. Comparing notes with other organizations on their application designs and launch experiences would help developers to establish broadly applicable standards, such as a common nomenclature for mobile health applications or a common interpretation of Infoway architecture as it applies to mobile health. Common standards would make it possible for developers’ experience and knowledge to be transferred from one context to another, rather than each new application being designed from scratch.

Common standards would also make it possible to create cornerstone solutions that could be integrated into multiple applications. In particular, designing backend support infrastructure to support a variety of applications would greatly reduce the cost of new applications and enable more complex features, such as linking data collected through different applications. More fully developed privacy and security infrastructure would support the collection of more complex data, and make it possible for users to access some applications anonymously by integrating de-identification or anonymization into data collection.

Mobile health initiatives have opened up a number of new possibilities for healthcare. A variety of applications are beginning to enable more frequent communication between patients and healthcare providers, increase patients’ involvement in managing their own health, and generate high quality information for health research. Learning from early initiatives can help healthcare organizations to begin to take advantage of the full potential of mobile health by designing better applications, integrating them more smoothly into existing infrastructure, and managing them more efficiently and economically.

Extending the Reach of Healthcare: Mobile Health Devices, Privacy and CRTC Compliance

Mobile health devices have extended the reach of healthcare by making it possible for clinicians to monitor patients’ health on a day-to-day basis, regardless of their physical location. These technologies have a great potential to improve care for patients who are not well-served by the traditional healthcare system, including people in remote areas and those with complex and chronic health conditions, especially seniors. Canadian healthcare providers do, however, need to consider several important regulatory and privacy concerns as they adopt mobile health devices.

Mobile health devices are an exciting new development in global healthcare. In Rwanda, lab-on-a-chip technologies are being used to provide highly accurate HIV tests and automatically send results to patients’ electronic health records via cell phone networks. Closer to home, mobile phones and tablets are being adapted to monitor heart rate, blood glucose levels, and other health indicators and upload results to online portals accessible to patients’ healthcare providers. These technologies are particularly well suited to supporting patients who find it difficult to travel to a doctor, such as people in remote areas and housebound seniors. They are also extremely useful for monitoring complex and chronic health conditions. Mobile health devices have the potential greatly to improve care for patients who are not well-served by the traditional healthcare system. Canadian healthcare providers do, however, need to consider several important regulatory and privacy concerns as they adopt mobile health devices.

CRTC Requirements for Mobile Health

Healthcare providers that give patients mobile devices which use cell phone networks are considered by the Canadian Radio-Television Telecommunications Commission (CRTC) to be telecommunications resellers. While the CRTC does not directly regulate resellers, these are none the less obligated to meet certain compliance requirements:

  • Any mobile devices that have voice communications capabilities have to have 911 service capabilities. If devices can be used for phone calls (even if this is not their intended purpose), the CRTC requires that providers test the devices to ensure that they can make 911 calls. If devices are not capable of voice calls, patients need to be explicitly informed of this, and the devices should not look like cell phones (i.e. have features such as keypads).
  • Resellers must report user complaints about mobile devices within five days to the Commissioner for Complaints for Telecommunications Services. Ideally, users’ issues will already be resolved by the time complaints are reported.
  • Devices must be adapted, as needed, for people with visual disabilities. This is both a CRTC requirement and a requirement of the Accessibility for Ontarians with Disabilities Act (2005).
  • Resellers must follow CRTC guidelines of transparency, innovation, clarity and competitive neutrality. This means that they must clearly explain services to users and make information about their business practices available to the public. Competitive neutrality means that users must have the option to switch telecommunications service providers. This means that healthcare providers managing mobile health devices need to have agreements with all national telecommunications carriers. While most urban patients will not be concerned with which carrier serves them, remote areas may not be served by all carriers, and healthcare providers need to be able to switch patients to a carrier that serves their home.

It is also highly advisable for telecommunications resellers to monitor their compliance with CRTC requirements, follow CRTC rulings, and participate in relevant meetings and boards.

Privacy in Mobile Health

Mobile health devices take patients’ personal health information outside of secure healthcare settings into the community. This raises a couple of important privacy issues:

  • Mobile service providers to health devices will have records of patients’ names, addresses, and type of device, and will know that they are participating in a mobile healthcare program. Any employee in the telecommunications company serving a mobile health program will potentially be able to access this information. The worst case scenario is that an employee could steal contact information for vulnerable patients, such as seniors, and sell it to fraud artists. Patients need to be told who will have access to their personal information and what risks this may pose.
  • If a mobile health device is lost, this should be considered a privacy breach, as the SIM card in the device will contain personal information. The healthcare provider will need to be able to respond in 5 days, for example, by disabling the SIM card or tracking the device’s location. Patients need to know that there is personal information on the SIM card and that they should contact the healthcare provider if they lose the device.

Mobile health devices have a great potential for extending healthcare services beyond traditional settings, and in particular, helping patients with complex health needs better to manage their conditions. In adopting these devices, healthcare providers need to take into account the needs of patients with differing abilities in diverse geographical locations. They also need to ensure that patients are thoroughly informed of how their personal information will be managed and whom to contact for help with the device. By planning ahead to fulfill mobile device users’ rights, as set out by CRTC requirements and privacy laws, healthcare providers can offer sensitive and responsible support to patients in need of innovative healthcare approaches.