Although governments are developing regulation and guidance for app developers, the report indicates that this guidance is siloed and not comprehensive. Data protection authorities are focused on privacy and data protection issues, whereas health authorities introduce safety and efficacy considerations. The spread of different sources of guidance across agencies leaves it up to developers to navigate the complex regulatory environment. As apps are often global products, multiple guidelines and different agencies and requirements make compliance onerous and accountability measures unclear. Although our analysis cannot directly link this fragmented landscape with the poor quality standards of non-medical health apps that has been documented, fragmentation and lack of comprehensive guidance is probably not conducive to effective governance.
Greater policy coordination for the governance of health apps is needed to reduce guidance gaps (eg, on data access and user autonomy), to make quality standards visible and clear, and to create an accessible common reference for developers, users, and payors. As countries move to develop strategies for greater patient-centred care, we must enable cross-country agreement on minimum quality assurance standards to guide app development and use. An OECD-led (Organisation for Economic Co-Operation and Development) multi-stakeholder initiative, building on OECD's ongoing work on health data governance, would be a crucial step towards global consensus.