Author: Abasiodiong Ubong Udoakpan
Data Protection Advisor, Researcher and a Human Rights Lawyer
As the use of digital mental health solutions continues to grow, there is an urgent need for regulatory frameworks to ensure their safety, effectiveness, and ethical use. The regulatory landscape for digital mental health solutions is complex and evolving. At the global level, the World Health Organization (WHO) has developed a framework for digital health that includes guidance on the development, evaluation, and regulation of digital health interventions. The WHO framework emphasizes the need for evidence-based interventions that are safe, effective, and ethical, and that are responsive to the needs of different populations. The framework also highlights the importance of data protection and privacy, as well as the need for equitable access to digital health solutions.
At the national level, some countries have developed specific regulations for digital mental health solutions. For example, the United States Food and Drug Administration (FDA) has developed a regulatory framework for digital health that includes guidance on the regulation of software as a medical device (SaMD). The FDA framework requires SaMD to be safe and effective and to meet certain performance and quality standards. The FDA also requires SaMD manufacturers to provide evidence of the safety and effectiveness of their products, and to adhere to certain post-market surveillance and reporting requirements.
In the European Union, the General Data Protection Regulation (GDPR) provides a regulatory framework for the protection of personal data, including health data. The GDPR requires that personal data be processed in a lawful, fair, and transparent manner, and that data subjects be provided with certain rights, such as the right to access and correct their data. The GDPR also imposes certain obligations on data controllers and processors, such as the obligation to implement appropriate technical and organizational measures to ensure the security of personal data.
In this piece, I will examine the regulatory landscape for digital mental health solutions, discuss the need for regulation and propose some regulatory principles and mechanisms that can be used to regulate these solutions.
Need for Regulation of Digital Mental Health Solutions
The need for regulation of digital mental health solutions is driven by several factors. First, as digital mental health solutions become more widespread, there is a need to ensure that these solutions are safe, effective, and ethical. This is particularly important in the context of mental health, where the potential for harm is high, and where the vulnerability of users must be taken into account.
Second, the need for regulation is driven by the potential for digital mental health solutions to exacerbate existing health inequalities. There is a risk that certain populations, such as those with low health literacy, limited access to technology, or poor mental health, may be excluded from the benefits of digital mental health solutions. There is a need for regulation to ensure that these solutions are accessible and equitable, and that they do not exacerbate existing health disparities.
Third, the need for regulation is driven by the potential for digital mental health solutions to violate users’ privacy and data protection rights. The use of digital mental health solutions involves the collection, storage, and processing of sensitive personal data, such as health information. There is a need for regulation to ensure that this data is protected and that users’ privacy rights are respected.
Regulatory Principles and Mechanisms
To effectively regulate digital mental health solutions, regulatory principles and mechanisms must be developed that are responsive to the unique characteristics of these solutions. Some possible regulatory principles and mechanisms include:
- Evidence-based regulation: Regulatory frameworks for digital mental health solutions should be evidence-based and should require that interventions meet certain safety, effectiveness, and quality standards. The use of randomized controlled trials and other rigorous research designs should be encouraged to generate high-quality evidence on the safety and effectiveness of digital mental health solutions.
- Risk-based regulation: Regulatory frameworks should take into account the potential risks associated with different types of digital mental health solutions, and should require manufacturers to demonstrate that their products are safe and effective, and that they adhere to certain performance and quality standards. Products that pose a higher risk to users, such as those that involve the use of artificial intelligence or machine learning algorithms, may require more rigorous regulatory oversight.
- User-centered regulation: Regulatory frameworks should be user-centered and should take into account the needs and preferences of users. Digital mental health solutions should be designed with user input, and regulatory frameworks should ensure that users are provided with clear and understandable information about the risks and benefits of these solutions. In addition, users should be provided with mechanisms to give feedback and raise concerns about the use of these solutions.
- Interoperability and data portability: Regulatory frameworks should promote interoperability and data portability, which can facilitate the integration of different digital mental health solutions and improve the continuity of care. In addition, users should be able to access and control their personal data, and should be able to easily transfer their data between different providers and platforms.
- Oversight and monitoring: Regulatory frameworks should include mechanisms for oversight and monitoring of digital mental health solutions, to ensure that they continue to meet safety, effectiveness, and quality standards over time. This could include post-market surveillance requirements, as well as the establishment of reporting mechanisms for adverse events or other concerns.
The regulation of digital mental health solutions is an urgent and complex challenge that requires the development of evidence-based, user-centered, and risk-based regulatory frameworks. While there are existing regulatory frameworks at the global and national levels that can serve as a starting point, the unique characteristics of digital mental health solutions require the development of specific regulatory principles and mechanisms that are responsive to these solutions.
In the African context, there are several recommendations that can be made to promote the regulation of digital mental health solutions:
- Promote stakeholder engagement: The development of regulatory frameworks for digital mental health solutions should involve the active participation of all relevant stakeholders, including health professionals, mental health advocates, and technology developers. This can help to ensure that regulatory frameworks are responsive to the needs and preferences of the African community.
- Develop risk-based regulatory frameworks: Regulatory frameworks for digital mental health solutions in Africa should be risk-based, taking into account the potential harms and benefits of these solutions. This can help to ensure that regulatory oversight is commensurate with the level of risk posed by different types of solutions.
- Encourage innovation: Regulatory frameworks should encourage innovation in digital mental health solutions, while also ensuring that these solutions meet high standards for safety, effectiveness, and ethical practice.
- Address infrastructure and resource constraints: In order to support the development and regulation of digital mental health solutions, African countries must address infrastructure and resource constraints, such as limited access to broadband internet and health care infrastructure.
By implementing effective regulatory frameworks, African countries can ensure that digital mental health solutions are safe, effective, and ethical, and that they contribute to the improvement of mental health outcomes for all users.
 World Health Organization. (2020). Digital Health. https://www.who.int/health-topics/digital-health#tab=tab_1 accessed 14 February 2023.
 U.S. Food and Drug Administration. (2019). Digital Health. https://www.fda.gov/medical-devices/digital-health accessed 14 February 2023.
 European Union. (2016). General Data Protection Regulation. https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016R0679&from=EN accessed 14 February 2023.
About the Author:
Abasiodiong Udoakpan is a Data Protection Advisor, Researcher, and a Human Rights Lawyer with an LL.M in International Human Rights. His research blueprint centers on the intersection of International Law, Human Rights and Global Health & Policy with further interests in Mental Health, Climate Change, Food & Drugs.
Powered by WPeMatico