Publication date: April 04, 2025
Adherence Day has been established by the International Society of Hypertension. “Adherence” is an English-language term used in medicine and refers to the extent to which a patient’s behavior (in terms of taking medications, following a diet, and making lifestyle changes) is consistent with medical recommendations (sensu largo), as well as to the appropriate dose and time of taking medications (sensu stricto). The opposite of adherence to therapeutic recommendations is referred to as “non- adherence” or “non- compliance”. The latter is a very negative and undesirable phenomenon in society, not only because of its health effects, but also because it generates huge costs for healthcare systems around the world. Scientific studies show that in the case of chronic diseases, many patients stop taking their medications on their own after 6-12 months or take them unsystematically, which negatively affects the entire treatment process (in the case of people with hypertension, about 58% stop following the doctor’s recommendations after a year, which leads to a deterioration in the quality and shortening of life, and the risk of death due to cardiovascular diseases increases by 30%). Moreover, it is estimated that each year in Europe, improper use of medications costs about 125 billion euros, and in Poland six billion zlotys. These amounts include, among others, hospitalizations that could have been avoided and repeated sick leave. Against this background, concepts of creating software and applications for mobile devices that would improve patients’ systematic compliance with medical recommendations and make it easier for doctors to monitor patients’ progress in the implemented therapy are increasingly appearing in the scientific and technological discourse.
This article will discuss legal aspects related to the functioning of such applications in common circulation, and will also present the latest proposal for a Polish medical/health application and its detailed description.
Medical application in the light of European Union law and case law
Currently, the legal act that strictly regulates the status of medical applications is Regulation (EU) 2017/745 of the European Parliament and of the Council of 5 April 2017 on medical devices, amending Directive 2001/83/EC, Regulation (EC) No. 178/2002 and Regulation (EC) No. 1223/2009 and repealing Council Directives 90/385/EEC and 93/42/EEC (abbreviated as MDR – Medical Devices Regulation). Previously, these issues were regulated by Council Directive 93/42/EEC of 14 June 1993 concerning medical devices (abbreviated as MDD – Medical Devices Directive). The cited legal acts provided for and still provide for two categories of software: software that works independently (this category includes, for example, artificial intelligence solutions supporting diagnostics or some mobile applications in the field of health / fitness) and software installed in medical equipment used for its proper functioning.
Article 2(1) of the Regulation defines a medical device as:
“an instrument, apparatus, device, software, implant, reagent, material or other article intended by the manufacturer to be used, singly or in combination, in human beings for one or more of the following specific medical purposes: diagnosing, preventing, monitoring, predicting, prognosing, treating or alleviating disease; diagnosing, monitoring, treating, alleviating or compensating for an injury or disability; investigating, replacing or modifying the anatomy or a physiological or pathological process or condition; providing information by in vitro examination of samples taken from the human body, including those from organ, blood and tissue donors, and which does not achieve its principal intended action by pharmacological, immunological or metabolic means in or on the human body, but which may be assisted in its function by such means”.
However, the definition contained in the Regulation, as well as in many other legal acts at EU level, is imprecise and very broad. In practice, entrepreneurs have often wondered whether a given product can or must be classified as a medical device. One of such practical doubts was resolved at the level of the Court of Justice of the European Union (case C-329/16 – Syndicat national de l’industrie des technologies médicales ( Snitem )). The French organization of medical device manufacturers SNITEM and Philips France challenged the provision of a French decree that introduced a requirement for certification of any software that assists doctors in prescribing medicines to patients. They considered that the national regulation was contrary to EU law, since the MDD prohibited Member States from introducing restrictions on the marketing and use of products bearing the CE marking referred to in Article 17, which indicates that they were subject to a conformity assessment in accordance with the provisions of Article 11. The Council of State decided to refer a question for a preliminary ruling to the CJEU, which stated that in order to qualify a given software as a medical device, it must meet two cumulative conditions: the intended purpose and the effect caused. The intended purpose premise states that the medical device must be intended by the manufacturer for use in humans, in particular for the purpose of: diagnosing, preventing, monitoring, treating or alleviating diseases, and diagnosing, monitoring, treating, alleviating or rehabilitating in the event of injury or disability. The manufacturer therefore decides on the intended purpose of the product. In turn, when interpreting the premise of the effect caused, the Court concluded that although the provision states (Article 2, paragraph 2 of the MDD) that the main intended action “in or on the human body” cannot be achieved solely by pharmacological, immunological or metabolic means, it does not require that such a device act directly in or on the human body. The EU legislator intended to focus, for the purposes of qualifying software as a medical device, on the purpose of its use and not on the form that the effect it may have on the human body. In addition, the CJEU found that denying the status of a medical device to a product that does not have a direct impact on the human body would in practice mean excluding from the scope of application of MDD software that is specifically intended by the manufacturer for use for at least one of the medical purposes listed in the definition of a medical device. Adding such a requirement would consequently risk depriving Article 1(2)(a) of that directive of part of its effectiveness (effet utile). Moreover, the Court referred to the legal framework for medical devices and found that a medical device is software which is intended by its manufacturer to achieve, in relation to its use, one of the purposes listed in Article 1(2)(a) of the MDD and is intended to create or modify medical information, in particular by means of calculation, quantification or comparison of recorded data with specific references, in order to provide information relating to a specific patient. At the same time, the legal framework excludes from the definition of a medical device software which does not perform any operations on the data or whose operation is limited to storage, archiving, lossless compression or, finally, simple retrieval, in other words, in the latter case, software equipped with digital library functions and enabling information from metadata to be retrieved without changing or interpreting it.
Polish regulations and certification process
In Poland, every manufacturer of medical devices, if they want to sell or introduce their products to the European market, must undergo an MDR audit and obtain a certificate. There are several classes of medical devices, which are described in detail in the Act of 7 April 2022 on medical devices (Journal of Laws of 2024, item 1620; amended: Journal of Laws of 2024, item 1222). Currently, it is not easy to introduce a product that is a medical device to the market. In the case of products dedicated to medical professionals, due to their knowledge and education, this group of users is familiar with the markings and knows what documents should be expected from the manufacturer of the product to be sure that the quality of the product is at an appropriately high level and does not pose a threat to patients. The above applies to both hardware and software products, the software must meet certain conditions to be recognized as a medical device. Since 2023, the Polish Ministry of Health has been conducting the application certification process. The process involves awarding the title of “MZ Certified Application” and including certified applications in the Health Application Portfolio (PAZ). The title of “MZ Certified Application” will be available to an application whose software has been classified as a medical device. In the case of health applications that do not perform diagnostic or therapeutic processes, the status of a medical device will not be required.
Currently, the Health Application Portfolio includes two software programs, the specializations of which are primary healthcare and allergology. Detailed information on the certification process can be found in the regulations available on the website of the Ministry of Health, while the purpose of the process itself is to enable efficient verification of information security, substantive credibility and usability of the application, awarding the title of “MZ Certified Application” and making it available within the Health Application Portfolio. The entity that owns the software must report the product using the designated path to the Ministry of Health (using the online form available in the dedicated system).
The submitted application will be assessed against the criteria of formal assessment, expert substantive assessment, patient substantive assessment and information security assessment, which are described in detail in the Certification Process Regulations. A designated team at the Ministry of Health will formally assess the application within a maximum of five working days of receiving the application.
If formal deficiencies are found, the Applicant will be notified of the necessary additions. The Applicant has two working days to provide the indicated information. Formal additions can only be provided once. After receiving the additions, the Ministry of Health team has 2 working days to assess the application. The Ministry of Health team will forward information about the application to the coordinator(s) of the organizations representing experts in a given field and organizations representing patients in the system. This information will include a shortened extract from the application, including: the name of the application, the name of the submitting entity, a description of the application, which were provided in the application form. This information will be used by the designated organizations to select experts who will assess the application if it is verified positively during the formal and information security assessment. This also gives the experts the opportunity to review the applications and decide whether they can undertake the assessment – due to issues of substance and impartiality. In the event of a negative assessment or a lack of the indicated supplements, the process is terminated. After positive formal verification, the application will be assessed by the e-Health Centre in terms of information security. The deadline for the assessment is ten business days. In the event of a negative assessment, the process is terminated.
After obtaining a positive formal assessment by the Ministry of Health and information security of the e-Health Centre, the application is reviewed by substantive experts from the given field of medicine to which the application relates. Immediately after the formal and information security assessment with a positive result, the Ministry of Health Team passes information in the system about the positively verified application to the coordinator/coordinators of the organization representing experts in the given field. The coordinator/coordinators of the organization provide feedback with the contact details of the selected experts within a business day. By accepting a given application for assessment, the experts confirm that they remain impartial towards the solution and its owners. Experts, with the help of the coordinator, immediately set up individual accounts in the system, and the system administrator grants them access to the application and the assessment form. The material is forwarded for assessment to a total of three experts. The experts are to complete the assessment within no more than ten business days.
After obtaining a positive formal assessment from the Ministry of Health and information security of the e-Health Center, the application is simultaneously reviewed by representatives of patient organizations from the field to which the given application relates. Immediately after the formal and information security assessment with a positive result, the Ministry of Health Team passes on information about the positively verified application to the coordinator/coordinators of organizations representing patients in the given field.
The coordinator/coordinators of the organization provide feedback with the contact details of the experts within a business day. By accepting a given application for assessment, the experts confirm that they are impartial towards the solution and its owners. Experts, with the help of the coordinator, immediately set up individual accounts in the system, and the system administrator grants them access to the application and the assessment form. The material is forwarded for assessment to a total of two experts. The experts are to complete the assessment within no more than ten business days. In the absence of a unanimous assessment, the Ministry of Health Team informs the coordinator of the organization about the need to conduct an assessment by another representative of the organization, whose vote will be decisive. The selection of the third expert and the submission of the assessment result should not exceed five business days. In the event of obtaining at least two positive or conditionally positive assessments from representatives of expert organizations and at least two positive or conditionally positive assessments from representatives of patient organizations, the application is forwarded for further processing. In the event of obtaining at least two negative assessments from representatives of expert organizations and at least two negative assessments from representatives of patient organizations – the process is completed. In a situation where the application meets the expectations of one group and does not meet the expectations of the other, the application may be directed for corrections/consultation with the author.
Depending on the level of complexity, the conditions for making corrections will be individually agreed with the author. At the stage of conducting agreements with the author of the application, the owner of the application receives collective comments/opinions collected during the earlier stages of the process from all experts and entities.
The author of the software responds to them within three business days, with particular attention paid to whether the implementation of the comments is possible. In a situation where it is possible to implement changes, it undertakes to implement them before placing them in the Health Application Wallet. The time and conditions of implementation are determined individually. After their implementation, verification of the amendments is determined individually. After confirming that all conditions have been met and the application agreement is signed, the Ministry of Health Certificate is granted and the application is placed in the Health Application Wallet for twenty-four months.
For the entire period of holding the title and placing in the Health Application Wallet, the application may not contain advertisements or other promotional content, and the application owner must make the necessary software updates. In addition, every twelve months from the date of placing in the Health Application Wallet, the application is subject to a mandatory review. In the context of personal data protection, the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) apply, and the controller of personal data processed in the process of assessing and submitting the application is the Minister of Health.
Polish Health App
As an example, scientists and specialists from the Medical University of Wrocław have created an innovative application called LekRaport, which aims to support pharmacists in their daily work and increase patient safety by improving adherence. This tool will also be a valuable source of data for scientists who intend to evaluate and improve the functioning of comprehensive pharmaceutical care in Poland. The LekRaport application is intuitive and easy to use, and its creation is the result of the implementation of a scientific project entitled “Analysis of cognitive pharmaceutical services, including drug review, conducted on the basis of an original research tool”. It is emphasized that the goal of the creators of LekRaport is to develop and improve cooperation between pharmacists and patients, which successfully functions in many countries. The LekRaport application allows for conducting interviews, analyzing drugs used and registering adverse reactions – it is available to pharmacists without any profit for the university, the fee covers only the maintenance of the system. Data collected thanks to the application will allow for the assessment of trends and needs of both pharmacists and patients, which will enable the Medical University of Wrocław to support the development of broadly understood pharmaceutical care as a specialist cognitive service that involves observing the patient, their health condition and advising on preventive issues. The application enables conducting structured interviews with patients and collecting data on their health, lifestyle, medications and health products, including supplements, in one place. It also allows for recording information on adherence to pharmaceutical recommendations and data on vaccinations or tests performed in the pharmacy. Each interview is structured, which helps pharmacists identify drug problems efficiently. A summary of the visit, including recommendations for taking medications, can be printed, so that the patient has constant access to it and can share it with their doctor.
The application also allows you to register, describe and redirect information about adverse reactions to the threat monitoring system run by the Office for Registration of Medicinal Products, Medical Devices and Biocidal Products. This is particularly important because in Poland the intensity of reporting adverse reactions is much lower compared to other European countries, such as France, Spain, Italy, Germany or Great Britain.
Currently, there are good legal conditions for the operation of such applications, as the entry into force of the Act of 10 December 2020 on the profession of pharmacist (Journal of Laws of 2024, item 676; amended: Journal of Laws of 2024, item 1897) in April 2021 expanded the rights of this professional group, which creates opportunities for more effective use of their potential and offering additional services to patients. Pharmacists have gained the ability to perform vaccinations and tests, such as diagnostics of basic vital parameters or BMI. In addition, the pharmacist can ask the patient about the reasons for non-adherence, such as forgetfulness, intentional skipping of doses due to feeling better or poor tolerance of the drug. Thanks to this, the pharmacist can counteract these problems by informing the patient about the consequences or proposing solutions to facilitate correct medication administration. The LekRaport software was presented and distinguished in May 2024 during the European Federation of Pharmaceutical Sciences (EUFEPS) meeting in Hungary and is currently a very successful application on the market.
Summary
Today’s times are very much forcing the technological market to introduce new solutions in the field of healthcare. Technological progress cannot bypass legal regulations, which are very numerous both at the national and international level (especially in the European Union), but at the same time show that in some places they are very general or imprecise, so they must be an effective response to such a dynamically changing world. If technological progress goes hand in hand with good legislative practice, then medical applications will be a very useful tool for patients, doctors and pharmacists, because they will allow us to monitor our health more effectively, and will also be a valuable source of knowledge for doctors and scientists and will significantly reduce the negative social and economic phenomenon of “non- adherence”.