Sybase Mobile Evangelist

Ian Thain

Subscribe to Ian Thain: eMailAlertsEmail Alerts
Get Ian Thain: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn


Related Topics: iPhone Developer, iPhone for Business, iPhone Developer Summit, Mobile Enterprise Application Platforms, iPhone Apps on Ulitzer

iPhone Apps: Article

Enterprise Mobility and Regulation

Mobile Apps following Rules

Whether you build a Mobile Apps as part of a public product or service, or develop in-house Mobile Apps to support your own business processes, it is useful to keep an eye on what the government regulators are up to regarding all things mobile. There is a lot of debate about what, if anything, requires regulation, and what those regulations should be.

For example, many companies have developed customer facing mobile applications that enable them to engage directly with their customers. These are especially popular among retailers, but they also commonly used by insurance providers, financial services companies, and various kinds of publishers. Many of these mobile apps do more than provide special features, products, and services for customers. They also provide a direct communication channel to customers. And, they can collect information. Given the nature of mobile devices today, that information may go way beyond what you might normally collect from the user interacting with the application. It might include geographical information (for example, where was the person located when they clicked on that feature?), or personal profile information in the context of phone actions. This may be useful information for marketing purposes, but it is also personal information. I personally feel there should also be aspects of self regulation, for example the collection of this information should be clearly stated and even the possibility of opting out given the the Mobile App end-user.

What are the regulations related to collecting this kind of information? That’s a good question, and there is a lot of discussion among regulators and others in the industry about this, but right now there are no clear answers. What is gradually emerging, is a lot of regulatory discussion in two principle areas: healthcare and privacy.

Last summer, in the U.S. the FDA issued a press release calling for public input on regulatory guidance pertaining to mobile devices and applications used in healthcare. Specifically they wanted to focus on mobile applications that:

“a. are used as an accessory to medical device already regulated by the FDA (For example, an application that allows a health care professional to make a specific diagnosis by viewing a medical image from a picture archiving and communication system (PACS) on a smartphone or a mobile tablet); or

b. transform a mobile communications device into a regulated medical device by using attachments, sensors or other devices (For example, an application that turns a smartphone into an ECG machine to detect abnormal heart rhythms or determine if a patient is experiencing a heart attack).”


Suggestions have been coming in. For instance, late last year the American Telemedicine Association suggested, that FDA classify mobile health tools under five categories:


•    Medical Information and Measurement Capture Systems
•    Data Aggregators
•    Communication Technologies
•    Network Infrastructure Tools
•    Health Care Provider Graphic User Interfaces


Obviously this discussion is in its early stages, but there is little doubt that the FDA will eventually regulate healthcare related mobile apps. Any business that releases a mobile healthcare app, whether it is a health care provider, a device manufacturer, or a pharmacy, should pay attention to this ongoing regulatory discussion.

In the area of privacy, the U.S. Federal Trade Commission has long been interested in how companies use, store, and protect personal data. Some years ago the FTC released the Fair Information Practice Principles to articulate basic guidelines. Although these guidelines are not legally binding, they have become the bases for many state and federal rules regarding the handling of personal information. Recently here in Europe, the European Union has proposed new rules to govern privacy among EU nations.

Mobility has added a new dimension to the kinds of information that it is technically possible to collect, and that has regulators taking a close look at rules governing personal data. It is also important to note that regulations in this area can vary from one country to another.

The take-away here is that if you are building applications that are healthcare or finance related or designed for use by consumers, it is a good idea to consider the regulatory environment as part of your application planning and design.

Please follow me on Twitter @ithain

More Stories By Ian Thain

As one of the Sybase Technical Evangelists, Ian regularly addresses technical audiences all over the world and his sessions are always very well attended. He also writes education classes, whitepapers, demos and articles for various Sybase products and publishes regularly in Journals such as SYS-CON's PBDJ and International Developer Magazine. He is also the Sybase Unwired Platform & PocketBuilder Evangelist and works closely with the team in Dublin, CA and Concord, MA on new features and demonstrations for the products. In his customer-facing Evangelist role, Ian is very involved with the design, production and testing of Enterprise class Unwired Solutions, that have been implemented using Sybase's Unwired tools for Sybase customers around the globe. In addition, Ian is a dedicated technical expert continually working with Sybase's key partners and clients to enhance the capabilities of the Unwired solutions that Sybase can offer to its customers. Ian can also be found on Twitter @ithain