Health software - Part 2: Health and wellness apps - Quality and reliability (ISO/TS 82304-2:2021)

This European Technical Specification will provide a set of requirements for developers of health and wellness apps, intending to meet the needs of health care professionals, patients, carers and the wider public. It will include a set of quality criteria and cover the app project life cycle, through the development, testing, releasing and updating of an app, including native, hybrid and web based apps, those apps associated with wearable, ambient and other health equipment and apps that are linked to other apps. It will also address fitness for purpose and the monitoring of usage. The specification will inform the development of health and wellness apps irrespective of whether they are placed in the market, and including free of charge.
The specification will not cover the processes or criteria that an app developer or publisher follow to establish whether a health and wellness app is subject to regulatory control (e.g. as a medical device, or related to information governance).

Gesundheits- und Wellness-Apps - Qualitätskriterien während des gesamten Lebenszyklus - Verhaltenskodex (ISO/TS 82304-2:2021)

Das Dokument stellt Qualitätsanforderungen für Gesundheits-Apps auf und legt ein Qualitätslabel für Gesundheits-Apps fest, um die Qualität und Zuverlässigkeit solcher Apps anzugeben.
Dieses Dokument ist anzuwenden für Gesundheits-Apps, die eine Sonderform von Gesundheitssoftware darstellen. Es deckt den gesamten Lebenszyklus von Gesundheits-Apps ab.
Dieses Dokument richtet sich an App-Hersteller ebenso wie an Bewertungsorganisationen für Apps und soll diesen dabei helfen, die Qualität und Zuverlässigkeit einer Gesundheits-App zu vermitteln. Verbraucher, Patienten, Pflegepersonen, Fachkräfte der Gesundheitspflege und deren Organisationen, Gesundheits¬behörden, Krankenversicherer und die breitere Öffentlichkeit können das Qualitätslabel für Gesundheits-Apps nutzen und melden, wenn sie eine Gesundheits-App für die Nutzung, die Übernahme in Pflegeleitlinien, Pflegekonzepte und Pflegeverträge empfehlen oder auswählen wollen.
ANMERKUNG 1 Gesundheits-Apps können nationalen Gesetzen, z. B. für Medizinprodukte unterliegen.
ANMERKUNG 2 Siehe Anhang C für weitere Einzelheiten zum Anwendungsbereich.
Außerhalb des Anwendungsbereiches dieses Dokuments liegen Leitlinien zur Einhaltung der Medizin-produkteverordnung.

Logiciels de santé - Partie 2: Applications de santé et de bien-être - Critères de qualité tout au long du cycle de vie - Code de pratique (ISO/TS 82304-2:2021)

Programska oprema v zdravstvu - 2. del: Aplikacije za zdravje in dobro počutje (wellness) - Kakovost in zanesljivost (ISO/TS 82304-2:2021)

General Information

Status
Published
Publication Date
08-Sep-2021
Technical Committee
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
19-Aug-2021
Due Date
24-Oct-2021
Completion Date
09-Sep-2021

Buy Standard

Technical specification
TS CEN ISO/TS 82304-2:2021 - BARVE
English language
87 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST-TS CEN ISO/TS 82304-2:2021
01-oktober-2021
Programska oprema v zdravstvu - 2. del: Aplikacije za zdravje in dobro počutje
(wellness) - Kakovost in zanesljivost (ISO/TS 82304-2:2021)
Health software - Part 2: Health and wellness apps - Quality and reliability (ISO/TS
82304-2:2021)
Gesundheits- und Wellness-Apps - Qualitätskriterien während des gesamten
Lebenszyklus - Verhaltenskodex (ISO/TS 82304-2:2021)
Logiciels de santé - Partie 2: Applications de santé et de bien-être - Critères de qualité
tout au long du cycle de vie - Code de pratique (ISO/TS 82304-2:2021)
Ta slovenski standard je istoveten z: CEN ISO/TS 82304-2:2021
ICS:
35.080 Programska oprema Software
35.240.80 Uporabniške rešitve IT v IT applications in health care
zdravstveni tehniki technology
SIST-TS CEN ISO/TS 82304-2:2021 en,fr,de
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021

---------------------- Page: 2 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021


CEN ISO/TS 82304-2
TECHNICAL SPECIFICATION

SPÉCIFICATION TECHNIQUE

August 2021
TECHNISCHE SPEZIFIKATION
ICS 35.080; 35.240.80
English Version

Health software - Part 2: Health and wellness apps -
Quality and reliability (ISO/TS 82304-2:2021)
Logiciels de santé - Partie 2: Applications de santé et de Gesundheits- und Wellness-Apps - Qualitätskriterien
bien-être - Critères de qualité tout au long du cycle de während des gesamten Lebenszyklus -
vie - Code de pratique (ISO/TS 82304-2:2021) Verhaltenskodex (ISO/TS 82304-2:2021)
This Technical Specification (CEN/TS) was approved by CEN on 28 June 2021 for provisional application.

The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to
submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standard.

CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS
available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in
parallel to the CEN/TS) until the final decision about the possible conversion of the CEN/TS into an EN is reached.

CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia,
Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway,
Poland, Portugal, Republic of North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and
United Kingdom.





EUROPEAN COMMITTEE FOR STANDARDIZATION
COMITÉ EUROPÉEN DE NORMALISATION

EUROPÄISCHES KOMITEE FÜR NORMUNG

CEN-CENELEC Management Centre: Rue de la Science 23, B-1040 Brussels
© 2021 CEN All rights of exploitation in any form and by any means reserved Ref. No. CEN ISO/TS 82304-2:2021 E
worldwide for CEN national Members.

---------------------- Page: 3 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
CEN ISO/TS 82304-2:2021 (E)
Contents Page
European foreword . 3

2

---------------------- Page: 4 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
CEN ISO/TS 82304-2:2021 (E)
European foreword
This document (CEN ISO/TS 82304-2:2021) has been prepared by Technical Committee ISO/TC 215
"Health informatics" in collaboration with Technical Committee CEN/TC 251 “Health informatics” the
secretariat of which is held by NEN.
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. CEN shall not be held responsible for identifying any or all such patent rights.
Any feedback and questions on this document should be directed to the users’ national standards
body/national committee. A complete listing of these bodies can be found on the CEN websites.
According to the CEN-CENELEC Internal Regulations, the national standards organizations of the
following countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria,
Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland,
Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Republic of
North Macedonia, Romania, Serbia, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the
United Kingdom.
Endorsement notice
The text of ISO/TS 82304-2:2021 has been approved by CEN as CEN ISO/TS 82304-2:2021 without any
modification.

3

---------------------- Page: 5 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021

---------------------- Page: 6 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
TECHNICAL ISO/TS
SPECIFICATION 82304-2
First edition
2021-07
Health software —
Part 2:
Health and wellness apps—Quality
and reliability
Reference number
ISO/TS 82304-2:2021(E)
©
ISO 2021

---------------------- Page: 7 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

COPYRIGHT PROTECTED DOCUMENT
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting
on the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address
below or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii © ISO 2021 – All rights reserved

---------------------- Page: 8 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

Contents Page
Foreword .iv
Introduction .v
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
3.1 General terms . 1
3.2 Terms relating to apps . 5
3.3 Terms relating to risk management . 7
4 Health app assessment process . 8
4.1 Quality assessment . 8
4.2 Quality requirements . 8
4.3 Health app quality report . 9
4.4 Health app quality evidence pack . 9
4.5 Health app quality label . 9
5 Quality requirements . 9
5.1 Product information . 9
5.1.1 Product . 9
5.1.2 App manufacturer .10
5.2 Healthy and safe .11
5.2.1 Health requirements.11
5.2.2 Health risks .14
5.2.3 Ethics .17
5.2.4 Health benefit .18
5.2.5 Societal benefit .23
5.3 Easy to use .24
5.3.1 Accessibility .24
5.3.2 Usability .26
5.4 Secure data .30
5.4.1 Privacy .30
5.4.2 Security .36
5.5 Robust build .42
5.5.1 Technical robustness .42
5.5.2 Interoperability .45
Annex A (normative) Health app quality label .47
Annex B (normative) Health app quality score calculation method .54
Annex C (informative) Rationale .58
Annex D (informative) Product safety and lifecycle process recommendations .59
Annex E (informative) Application profile – Contact tracing apps .67
Annex F (informative) Ethical considerations in health apps .70
Annex G (informative) Potential uses of this document .73
Bibliography .75
© ISO 2021 – All rights reserved iii

---------------------- Page: 9 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www .iso .org/ directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www .iso .org/ patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to the
World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT), see www .iso .org/
iso/ foreword .html.
This document was prepared by Technical Committee ISO/TC 215, Health informatics, in collaboration
with Technical Committee IEC/TC 62, Electrical equipment in medical practice, Subcommittee SC 62A,
Common aspects of electrical equipment used in medical practice, and with the European Committee for
Standardization (CEN) Technical Committee CEN/TC 251, Health informatics, in accordance with the
Agreement on technical cooperation between ISO and CEN (Vienna Agreement).
A list of all parts in the ISO 82304 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www .iso .org/ members .html.
iv © ISO 2021 – All rights reserved

---------------------- Page: 10 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

Introduction
Context
Health and wellness apps are a fast-growing market, and there are now hundreds of thousands, with
the most popular of these having many millions of downloads each. Some of these apps fall under
medical devices regulations, most do not. These apps are often promoted directly to consumers through
app stores without going through any formal evaluation. The apps often collect sensitive personal
information yet do not have appropriate privacy controls, and provide advice on topics such as fertility,
diet or activity that are not supported by any evidence. There are widespread concerns about the risks
involved. At the same time, health apps that have proven to be effective and add to quality of life and
even length of life, are not necessarily adopted at scale and reimbursed.
Many health organizations have projects to evaluate, endorse and procure apps that meet locally
defined requirements. These activities are important for any app manufacturer who want to promote
or sell their product to or through providers of health and wellness services, as providers want the
reassurance that the apps they recommend to patients will be safe, reliable and effective. However,
the cost of responding to different extensive sets of criteria and different evaluation regimes in each
country, organization, or region is a barrier for app manufacturers wanting to make their products
available in multiple markets. It is also a problem for those evaluating apps and maintaining libraries
of health and wellness apps. They can miss out on products that effectively address health issues and
health system inefficiencies, do not benefit from economies of scale of others evaluating the same
apps and different evaluations can contradict one another, causing further confusion instead of trust.
Because of the time investment involved, the vast majority of apps are not evaluated at all, although top
10 lists suggest otherwise.
There are several International Standards on health software related to product safety and lifecycle
processes that are applicable to all health software, including health apps. This document provides
quality requirements and health app quality labels as ways for app manufacturers and app assessment
organizations to communicate the quality and reliability of health apps.
The working practice within app development is to deliver a focused piece of functionality, building
on an existing platform - often with a small team doing the work who can be unfamiliar with health
software development. This document includes Annex D to provide guidance specific to this community.
A vibrant transparent market for health apps will benefit individuals and programs across the world
that are addressing issues such as aging population, unhealthy lifestyles, chronic diseases, affordability
of or constrained budgets for health and care, unequal quality and access to health services, and
shortages in health professionals.
This document makes no attempt to determine whether a health app is or should be regulated.
Development methodology
The quality requirements (Clause 5) and health app quality score calculation method (Annex B) have
been developed with a Delphi consensus study. Further input was gathered with surveys, interviews,
and review of existing standards and health app assessment frameworks. The health app quality label
(Annex A) has been inspired by the EU energy label that is also used in more than 50 countries outside
Europe, the Nutriscore and the FDA over-the-counter medicine label. Think-aloud testing of the health
app quality label with people with low health literacy in the Netherlands and subsequently Egypt and
Mexico was used to ensure adequate understanding in different contexts.
Outline
This document defines a set of questions and supporting evidence that can be used to clarify the quality
and reliability of a health app. A health app quality label is defined to summarize this information in a
visually appealing way.
© ISO 2021 – All rights reserved v

---------------------- Page: 11 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

The questions and evidence are listed under the following headings taking into account the need to be
understood by those with low health literacy:
— Product information;
— Healthy and safe;
— Easy to use;
— Secure data;
— Robust build.
This document provides requirements for the specification for the health app quality label in Annex A,
and a calculation method in Annex B to generate the quality score information that is displayed on the
label.
This document also contains annexes covering the following:
— Annex C: the rationale for the scope of this document and content;
— Annex D: a walk through the relevant international health software products and process standards,
providing recommendations and explanations, where appropriate, to help those developing or
evaluating health and wellness apps to understand how the standards can be applied;
— Annex E: an example of how a profile of this document can be defined for the assessment of contact
tracing apps. Similar profiles can be produced for other specific use cases;
— Annex F: ethical considerations for app manufacturers and evaluators to take into account;
— Annex G: a range of ways that this document can be used by different stakeholders throughout the
lifecycle of a health app.
vi © ISO 2021 – All rights reserved

---------------------- Page: 12 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
TECHNICAL SPECIFICATION ISO/TS 82304-2:2021(E)
Health software —
Part 2:
Health and wellness apps—Quality and reliability
1 Scope
This document provides quality requirements for health apps and defines a health app quality label in
order to visualize the quality and reliability of health apps.
This document is applicable to health apps, which are a special form of health software. It covers the
entire life cycle of health apps.
This document is intended for use by app manufacturers as well as app assessment organizations in
order to communicate the quality and reliability of a health app. Consumers, patients, carers, health
care professionals and their organizations, health authorities, health insurers and the wider public can
use the health app quality label and report when recommending or selecting a health app for use, or for
adoption in care guidelines, care pathways and care contracts.
NOTE 1 Health apps can be subject to national legislation, such as for medical devices.
NOTE 2 See Annex C for additional details on the scope.
Outside the scope of this document are guidelines to comply to the medical device regulation.
2 Normative references
There are no normative references in this document.
3 Terms and definitions
For the purposes of this document, the following terms and definitions apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at http:// www .electropedia .org/
3.1 General terms
3.1.1
accessibility
extent to which products, systems, services, environments and facilities can be used by people from a
population with the widest range of user needs, characteristics and capabilities to achieve identified
goals in identified contexts of use
Note 1 to entry: Context of use includes direct use or use supported by assistive technologies.
[SOURCE: ISO 9241-11:2018, 3.2.2]
© ISO 2021 – All rights reserved 1

---------------------- Page: 13 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

3.1.2
effectiveness
ability to produce the intended result
[SOURCE: ISO 81001-1:2021, 3.2.5]
3.1.3
efficiency
resources used in relation to the results achieved
Note 1 to entry: Typical resources include time, human effort, costs and materials.
[SOURCE: ISO 9241-11:2018, 3.1.13]
3.1.4
evidence
directly measurable characteristics of a process and/or product that represent objective, demonstrable
proof that a specific activity satisfied a specified requirement
[SOURCE: ISO/IEC 21827:2008, 3.19]
3.1.5
health
state of complete physical, mental and social well-being and not merely the absence of disease or
infirmity
[53]
[SOURCE: WHO 1948 ]
3.1.6
health benefit
positive impact or desirable outcome of the use of health software on the health of an individual
3.1.7
health intervention
act performed for, with or on behalf of a person or population whose purpose is to assess, improve,
maintain, promote or modify health, functioning or health conditions
[53]
[SOURCE: WHO 1948 ]
3.1.8
health issue
representation of an issue related to the health of a subject of care as identified by one or more
healthcare actors
Note 1 to entry: According to this definition, a health issue can correspond to a health problem, a disease, an
illness or another kind of health condition.
EXAMPLE A loss of weight, a heart attack, a drug addiction, an injury, dermatitis.
[SOURCE: ISO 13940:2015]
3.1.9
health need
deficit in the current health state compared to aspects of a desired future health state
[SOURCE: ISO 13940:2015]
2 © ISO 2021 – All rights reserved

---------------------- Page: 14 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

3.1.10
intended use
intended purpose
health-related use for which a product, process or service is intended according to the specifications,
instructions and information provided by the manufacturer
Note 1 to entry: The intended health benefit, patient population, part of the body or type of tissue interacted
with, user profile, use environment, and operating principle are typical elements of the intended use.
Note 2 to entry: A health app has an intended use irrespective of whether it is a medical device. A concept of
“intended use” is used in a more restrictive sense in some medical device regulations.
[SOURCE: ISO/IEC Guide 63:2019, 3.4, modified — Note 2 to entry added, "intended purpose added" as
a preferred term.]
3.1.11
intended users
group(s) of people for whom a product is designed
Note 1 to entry: In many cases the actual user population is different from that originally intended by the
manufacturer. The intended user group is based on realistic estimations of who the actual users of the product
will be.
[SOURCE: ISO 20282-1:2006, 3.12]
3.1.12
interoperability
ability of two or more systems or components to exchange information and to use the information that
has been exchanged
[SOURCE: IEEE standard computer dictionary: a compilation of IEEE standard computer glossaries.
New York: Institute of Electrical and Electronics Engineers; 1990]
3.1.13
joint PII controller
PII controller that determines the purposes and means of the processing of PII jointly with one or more
other PII controllers
[SOURCE: ISO/IEC 27701:2019, 3.1]
3.1.14
medical device
instrument, apparatus, implement, machine, appliance, implant, reagent for in vitro use, software,
material or other similar or related article, intended by the manufacturer to be used, alone or in
combination, for human beings, for one of more of the specific medical purpose(s) of
— diagnosis, prevention, monitoring, treatment or alleviation of disease,
— diagnosis, monitoring, treatment, alleviation of or compensation for an injury,
— investigation, replacement, modification, or support of the anatomy or of a physiological process,
— supporting or sustaining life,
— control of conception,
— disinfection of medical devices,
— providing information by means of in vitro examination of specimens derived from the human body,
© ISO 2021 – All rights reserved 3

---------------------- Page: 15 ----------------------
SIST-TS CEN ISO/TS 82304-2:2021
ISO/TS 82304-2:2021(E)

and does not achieve its primary intended action by pharmacological, immunological or metabolic
means, in or on the human body, but which may be assisted in its function by such means
Note 1 to entry: Products that can be considered to be medical devices in some jurisdictions but not in others
include
— disinfection substances,
— aids for persons with disabilities,
— devices incorporating animal and/or human tissues, and
— devices for in-vitro fertilization or assisted reproductive technologies.
[SOURCE: ISO/IEC Guide 63:2019, 3.7]
3.1.15
personally identifiable information
PII
any information that (a) can be used to establish a link between the information and the natural person
to whom such information relates, or (b) is or can be directly or indirectly linked to a natural person
[SOURCE: ISO/IEC 29100:2011/Amd.1:2018, 2.9, modified — Note to entry removed.]
3.1.16
privacy
freedom from intrusion into the private life or affairs of an individual when that intrusion results from
undue or illegal gathering and use of data about that individual
[SOURCE: ISO/TS 27790:2009, 3.56]
3.1.17
processing of PII
oper
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.