Is BloodPressureDB a DiGA?
When the Federal Ministry of Health issued a press release on July 10, 2019 (https://www.bundesgesundheitsministerium.de/presse/pressemitteilungen/2019/3-quartal/dvg-kabinett.html), it stated the goal that "diaries for diabetics or apps for people with high blood pressure" could be prescribed by doctors:
Excerpt from the BMG press release of July 10, 2019, underlined by us
In practice, however, this went completely wrong. First of all, simple diary apps are not medical products at all. More is needed for that, which is not a bad thing. The idea that the doctor receives well-documented and processed data via a DiGA that he can use for patient treatment is indeed sensible.
Suddenly, however, the BfArM made it clear that a DiGA must only address the patient. If the purpose is to collect data for the doctor, it is no longer a DiGA. This has turned the great benefit that such apps can have into a problem. Corresponding functions should not be the purpose of the application.
However, patients using an app demonstrably have their blood pressure adjusted faster and better. There are already studies with various apps supporting this. And we can also easily prove this with existing data. However, in most cases, it is not the app that lowers the blood pressure, but ultimately the doctor, by prescribing medications. And thus, it is difficult to prove the benefit of the app without a doctor. More on that later.
Because we are not at the end yet. The legislator has deliberately introduced the so-called "patient-relevant structural and procedural improvements" as evidence points. This means that an app that helps the patient manage their illness can be approved as a DiGA.
But here, too, there was quickly disillusionment. Because, of course, a study is required for proof. Unfortunately, there are hardly any validated measurement instruments for the relevant endpoints of such a study that the responsible Federal Institute for Drugs and Medical Devices (BfArM) accepts. These measurement instruments are usually questionnaires. They must be validated for Germany. This means that taking an English questionnaire and simply translating it is not enough; it must be tested in its own study. Meanwhile, the BfArM has also allowed translation under certain conditions in a webinar, but then mentioned slightly different conditions in a consultation. However, none of the statements are binding. In summary, it is possible, but with an unclear outcome as to whether a study would ultimately be accepted or if all the effort was in vain.
However, that is not enough anyway. We were made very clear that while the patient-relevant structural and procedural improvements are nice, a blood pressure app must, of course, prove the lowering of blood pressure. And here we are again at the problem that this blood pressure reduction must occur without a doctor.
In practice, a randomized study is conducted, where one part receives the app and the other does not. A blinding, as is usually customary, is unfortunately not possible, because the patient notices whether they are using an app or not. However, the BfArM likes to point out in its presentations that there is a high placebo effect, especially with blood pressure. Ultimately, this can only be solved by conducting a study with a very, very large number of patients. Care must also be taken that the effect does not come from the fact that the doctor has better data. Then the effect would be with the doctor and not with the app, making approval as a DiGA impossible. The costs for this quickly reach the high six to seven-figure range.
Ongoing costs are added for new requirements regarding data protection and security (ISO 27001, BSI TR-03161, data protection certificate, ...), requirements for interoperability with unclear specifications, further requirements every few months, and costs for a study. Whether this would lead to approval is uncertain. If the BfArM does not want it, it will always find a small detail that does not fit. Unfortunately, there is no legal certainty.
And in the balance between usability and data security, the Federal Office for Information Security (BSI) unfortunately does not grant the user any competence. Screenshots are prohibited, and many other restrictions are currently ruining the fun for older users.
A DiGA should only be usable on the latest smartphones; older ones might not meet the highest security requirements with their fingerprint sensors. As compensation, the password must be re-entered every 30 minutes. We hope your phone does not turn off the screen while the blood pressure monitor is measuring. Because even then, a new authentication - the technical term for logging in - is required. Please always with 2 factors. The so-called two-factor authentication is mandatory, even though only a few of the affected users know what it is.
Please do not get us wrong; we find high standards for the security of your data, especially considering the many problems in this area, extremely desirable. However, in practice, it already looks like those who fall victim to data theft do not adhere to existing guidelines. This rarely happens intentionally. Mistakes happen, unfortunately. Imposing additional requirements instead of demanding compliance with existing ones is not helpful. Continuously imposing new requirements here robs time for the actual work and, in our opinion, leads to more problems rather than fewer.
The BfArM is also creative in coming up with new nonsense. For example, a DiGA must delete all data after the prescription ends. This means that if the patient does not have a follow-up prescription immediately, all stored data is simply gone. The patient can export the data and import it later. This is data protection as envisioned by a federal office.
Push notifications are also not always allowed for DiGAs. They would go through the servers of Apple and Google. American providers are sometimes excluded from data processing. There is always an agreement with the USA that allows data processing, which is then prohibited again through legal action. This game has been going on for several years now. This is fundamentally a good idea, but for those who do not want any data with Apple and Google, there is simply not much left in the world of smartphones. In practice, data protection experts argue about whether push notifications are not allowed at all or may not contain health data. However, the DiGA itself already reveals that it has something to do with health. If I use a blood pressure app on a Google Android smartphone, Google knows that. But if a push notification is then displayed in this app via Googles servers, is that suddenly a problem?
Conclusion
The BloodPressureDB app was created from daily practice, where our founder built it according to his own requirements to keep a close eye on his blood pressure. Thanks to the interest of other users and their donations, a proper company could develop from this. Since the app can also be used relatively unrestricted for free, it is not a particularly profitable company, but it is enough to pay the employees and really help about 200,000 high blood pressure patients a year.
Even if the approval as a DiGA were to succeed, the prescriptions would have to cover the costs again. If the same standards are set for a diary app as for a cancer medication, it drives the price unnecessarily to absurd heights. Suddenly, we are at a DiGA that costs 250-300 euros for 3 months, where previously 50 euros for the year sufficed. It is clear that the health insurance companies protest here. And yet, the bankruptcies of DiGA providers show that the costs would have to be even higher.
Update from January 3, 2024: The first DiGA for high blood pressure actually costs 593.81 euros for 90 days. That is a proud 2408.23 euros per year, making the app more than 48 times as expensive as BloodPressureDB.
So we have inexpensive applications that many patients voluntarily use at their own expense and with numerous proofs of benefit, once put through the mills of the healthcare system, and out come DiGAs that cost more than ten to twenty times up to fifty times and have some predetermined limitations in functionality and usability.
This is not good for blood pressure. In light of this, we are currently not pursuing the inclusion as a DiGA, despite the enormous effort we have put into this project so far.
By Horst Klier.
This article is medically reviewed. Last updated by Sabine Croci (06/2024).
Information on the website and within the app cannot replace a consultation with a doctor, but can certainly complement it.
Information on the website and within the app cannot replace a consultation with a doctor, but can certainly complement it.
Our offering meets the afgis transparency criteria. The afgis logo stands for high-quality health information on the internet.
Related Articles:
- 4 Tips for Choosing the Right Blood Pressure App
- Blood Pressure Apps and Digital
- Experience Report Aktiia
- Is BloodPressureDB a DiGA?
- Medical Benefits of BloodPressureDB
- Telemedicine
- The 5 Best Apps for the Heart
- 4 Tips for Choosing the Right Blood Pressure App
- Blood Pressure Apps and Digital
- The 5 Best Apps for the Heart