Digital health application: The app on prescription

Digital health application: The app on prescription

Eine Chance für Dich, die digitale, medizinische Versorgung voranzutreiben, Dein Portfolio zu erweitern und Dich einem international einzigartigen Kostenerstattungsweg zu eröffnen. Denn, gesetzlich Krankenversicherte haben seither nach dem Digitalen Versorgungsgesetz (DGV) einen Anspruch auf die Versorgung mit DiGA, die von Ärzt:innen und Psychotherapeut:innen verordnet und durch Krankenkassen erstattet werden können. Alternativ können Patient:innen die Erstattung einer DiGA auch direkt bei ihrer Krankenkasse beantragen.

What does DiGA support?

DiGA unterstützen u.a. bei der Behandlung von Krankheiten sowie dem Umgang mit medizinischen Beschwerden und dürfen seit dem neusten Update auch telemedizinische Services enthalten. Dabei kann es sich um eine App für das Smartphone, aber auch um eine Webanwendung für den Browser handeln.

Doch vor dem Markteintritt prüft das Bundesinstitut für Arzneimittel und Medizinprodukte (BfArM), ob eine DiGA alle Anforderungen erfüllt. Erfahre in unserem Blogbeitrag mehr darüber, welche sechs Fakten Hersteller:innen unbedingt beachten sollten.

Would you like to bring a DiGA to the market? 

Inclusion in the DiGA directory by the Federal Institute for Drugs and Medical Devices is granted if your DiGA meets all requirements, including safety, suitability for use, quality, medical benefit, data protection and data security.

The pathway of a Digital Health Application until its inclusion in the DiGA Directory (BfArM) looks like this:

Characteristics of a DiGA:
DiGA meets requirements for:
ensures positive supply effects:
DiGA meets requirements for:
No exclusion of DiGA according to:

Medical device

main function based on digital technology

purpose of use is health-related

low risk potential (class I, IIa or IIb)

security

Suitability for use and quality of the medical device

details according to DiGAV

medical benefit

or

patient-relevant improvement of structure and processes

(studies may be required)

details according to DiGAV

Data protection

and

Data security

details according to DiGAV

chapter 3 SGB V

or

negative decision by the G-BA

medical (or psychotherapeutic) prescription or approval by the health insurance company

The positive supply effect

The positive care effect of digital health applications

Medical benefit

  • Improvement in the state of health
  • Reducing the duration of illness
  • Prolonging survival
  • Improving the quality of life

Patient-relevant improvement of structure and processes (among other things):

  • Coordination of treatment procedures
  • Easier access to healthcare
  • Patient safety
  • Developing health literacy

The requirements and development of DiGA

Functionality and safety

According to §3 Abs. 1 DiGAV, proof of compliance with the safety and functionality requirements is deemed to have been provided by the CE marking.

Data protection and data security

Manufacturers meet data protection and security requirements through a self-declaration

  • The declaration is based on Annex 1 of the DiGAV
  • BSI Standard 200-1, 200-2 and 200-3 provide instructions
  • Introduction of a complete ISMS in accordance with ISO 27001
  • BfArM does not check for compliance with data law (risk of incorrect assessment)
Interoperability

Exchange of data via networks in a specific format; electronic patient file (ePA) is the central data hub

  • Export in human-readable and printable form
  • Export in machine-readable, interoperable format
  • Hardware connectivity (sensor) – use of an interoperable interface
User-friendliness and accessibility

Verification of user-friendliness for the intended groups (also for digitally untrained persons); accessibility: All DiGA listed in the directory must be either:

  • include assistance for people with disabilities or
  • support operating aids offered by the platform (support for every form of disability – hearing, vision, motor skills)

Penetration testing in the development of DiGA

With the enactment of the DVPMG, penetration testing is now mandatory for all Digital Health Applications, not just those with elevated protection requirements. The goal of penetration testing is to quickly identify security vulnerabilities and create maximum data security. We are happy to support you in creating the test concept in accordance with the BSI’s implementation concept for penetration tests and taking into account the current OWASP Top 10 security risks. In order to maintain objectivity, all our penetration tests are carried out by our BAYOOTEC experts.

Do you have an idea for a DiGA?

Wir wissen, welche regulatorischen Anforderungen bei der Entwicklung und Zulassung von DiGA gefordert sind. Von der Interoperabilität bis zum Datenschutz und Cybersecurity – das erfahrene Team von BAYOOMED entwickelt und realisiert gemeinsam mit Dir Deine DiGA.

Standardfunktionen wie Onboarding, DiGA-Code-Validierung, Tagebuch, Connectivity, sowie Module zur Patienteninformation und Interoperabilität sind bereits Bestandteil der MedicalOne Connect Plattform – somit kann die Entwicklungszeit bis zum Markteintritt verkürzt werden.