This wiki has undergone a migration to Confluence found Here
<meta name="googlebot" content="noindex">

MHWG Consumer Mobile Health Application Functional Framework,

From HL7Wiki
Jump to navigation Jump to search

Project Co-Leads: Nathan Botts and Frank Ploeg


This project (Consumer Mobile Health Application Functional Framework, (a.k.a. cMHAFF) will define security, privacy and data standards and guidelines for mobile health applications (apps), as well as other aspects of transparency and consumer protection through the life cycle of such apps (from purchase, download, installation, use, and deletion). The intent is to provide industry guidance and common methods to enable the development of mobile health apps targeted to consumers/citizens that use protected health information (PHI) and personally identifiable information (PII). These standards will not address the clinical content of such apps (e.g., "Does it give good advice?"), but will provide a framework for security, privacy and the integration of data generated from apps into Personal Health Record (PHR) and Electronic Health Record (EHR) systems as well as into other types of data repositories (e.g., personal data stores, population care systems). "Mobile Health Apps" include apps running typically on smartphones, but also on other consumer devices such as watches and tablets.

cMHAFF may reuse conformance criteria already available within the HL7 PHR-S and EHR-S Functional Models, augmenting with new conformance criteria specific to mobile platforms (e.g., use of geolocation services, accelerometers, cameras, microphones, contacts). It will also use existing HL7 principles for security and privacy risk assessment. It will not attempt to replicate standards, regulations, and guidelines defined elsewhere, but will reference them where possible.

In particular, cMHAFF will address the following areas:

  • Transparency of information about the app, its purpose, intended use, target audience, authors, sources, evidence, etc.
  • User, device, and cross-system authentication
  • Authorization to content and features
  • Proxy designations
  • Use of location services, camera, accelerometers and other smartphone services
  • Security of data at rest (local and cloud)
  • Security of data in transit (wired and wireless)
  • Minimum data standards for device generated and device transmitted information
  • Record system reliability; record authenticity (it is what it represents to be)
  • Data provenance
  • Audit
  • Discontinuation of use of an app
  • Conditions and agreements, e.g., privacy policy, terms of use, and in-app disclaimers

The cMHAFF project went through an HL7 Comment-Only Ballot in January 2016; comments were reconciled as of September 2016; a revised cMHAFF document is being developed for STU ballot in Jan 2018.

Project Scope Statement

File:PSS Consumer Mobile Health App Framework 20150217.pdf

Meeting Schedule

Standing meetings are every Thursday at 3 PM Eastern. Watch for weekly announcement and agenda.

Westat WebEx

Phone: +1 770-657-9270 Participant Passcode: 465623


cMHAFF Prep for Ballot Material

File:CMHAFF STU Ballot Draft.docx History of cMHAFF drafts, as it evolved toward January 2018 STU ballot. Updated December 14, 2017.

Notice of Intent to Ballot (NIB) for January 2018

Other related documents

File:CMHAFF Update 2017-Sept-WGM 16x9.pptx cMHAFF presentation for September 2017 HL7 Working Group Meeting.

File:CMHAFF-HAS Comparison.docx Side-by-side comparison of cMHAFF vs French HAS Good Practice Guidelines categories

File:MHAFF CONS MHAFF R1 O1 2016JAN Consolidated WG TRACK FOR 2017 BALLOT.xlsx -- Ballot Reconciliation spreadsheet, edited to show work in progress toward next ballot

File:HL7 cMHAFF Informative Ballot Draft.docx DEPRECATED. Kept as archive of cMHAFF as updated after ballot reconciliation, in progress toward next ballot. Updated June 3, 2017. Superseded by HL7_cMHAFF_STU_Ballot_Draft.docx.

HL7 cMHAFF Project Summary

Reference Resources (including European Guidelines and Good Practices)

  • File:PAS 277 (2015).pdf -- U.K. Health and wellness apps – Quality criteria across the life cycle – Code of practice. Includes quality criteria, app project life cycle, risk management, fitness for purpose, etc. Reviewed by Adamu Haruna
    • U.K. Guidance primarily for medical device stand-alone software, but also including apps, from UK Medicines and Healthcare Products Regulatory Agency (MHRA)

Old documents

The following are old, but are included for historical purposes
File:MHAFF CONS MHAFF R1 O1 2016JAN.pdf -- Original cMHAFF as balloted in January 2016

File:HL7 MH Out of Cycle intro v20150427.pptx

File:HL7 Consumer Mobile Framework Overview v20150406.pptx


2018 Meeting Minutes

For all current minutes please go to HL7 CMHAFF Standard Web Portal

2017-2018 Meetings

2016 and Earlier Meetings

Most meetings in 2016 were dedicated to ballot reconciliation, and the results were reflected in the Ballot Reconciliation Spreadsheet (see link under 2017 Workng Documents above).

File:HL7 Consumer Mobile App Framework Minutes v20150818.docx

File:HL7 Consumer Mobile App Framework Minutes v20150810.docx

File:HL7 Consumer Mobile App Framework Minutes v20150615.docx

File:HL7 Consumer Mobile App Framework Minutes v20150601.docx

File:HL7 Consumer Mobile App Framework Minutes v201500518.docx

File:HL7 Consumer Mobile App Framework Minutes v201500504.docx

File:HL7 Consumer Mobile App Framework Minutes v20150427 28.docx

File:HL7 Consumer Mobile App Framework Minutes v20140413.docx

File:HL7 Consumer Mobile App Framework Minutes v20140406.docx