Q. GPs and software developers frequently come to the GPIT Group with ideas about medical apps they plan to build for smartphones and tablets. There is a standard list of questions that we ask them to consider. Here is the list.

A. This discussion document raises common questions worth asking before you start building a mobile app:

• What is your target audience and what is the smart phone or tablet penetration in that audience?
• Does your target audience have the time available to use the app?
• What is the purpose of your app, what will it do and how will it work better as an app than as a website or a well designed document?
• Do you own the intellectual property the app is based on?
• Do you have the money and the time to complete this project?
• Do you have the technical and educational skills to complete this project?
• Who will develop and code the app? Who will manage the information displayed? How will you update the app as knowledge changes?
• Do you have the resources to develop the app for android and Apple iOS? And will you be able to update the app as
  the mobile operating systems are updated?
• Will your App display properly on both tablets and smart phones?
• Are there any data privacy or data protection issues?
• Will your app be of such a high standard as to be able to compete in a marketplace of hundreds of thousands of existing apps?
• Has this been done before? Is there an existing app that does what you are thinking of doing?
• Will you app be free or paid for?
• How will you promote and market your app?
• What is your motivation for making an app?
• How will you measure success?

When you consider using or recommending a medical app please be careful about your own data and especially about patient data. Consider the business model for the app. If the app is free and there are no in-app purchases then your data may be the business model. In other words the company may sell on your data or your patient data as a method of generating income. There may be a hint of this in a carefully worded sentence in the terms and conditions, but does anyone ever read the terms and conditions before signing up?

Apps often claim to be compliant with data protection requirements, but there is no standard or benchmark or accreditation system to establish this claim. Sometimes they gather excessive information about patients, collecting a detailed address. Sometimes they send confidential information over normal insecure email. Sometimes they store data on their own servers without making this clear to users.

Underlying all this activity is the need for patient consent. Don't enter real patient data on medical apps without patient consent, and document that you obtained that consent. It's OK for people to do this themselves, for example a young diabetic using a smartphone app to track their blood glucose levels. We can expect to see much more of this as self-monitoring becomes established for a range of medical conditions such as hypertension, asthma and Parkinson's disease. Already you can use bands and smart watches to monitor heart rate and oxygen saturation. Wearable biochemical monitors are a couple of years away, at most.