The primary goals of cMHAFF are to provide a standard against which a mobile app’s foundational characteristics -- including but not limited to security, privacy, data access, data export, and transparency/disclosure of conditions -- can be assessed. The framework is based on the lifecycle of an app, as experienced by an individual consumer, from first deciding to download an app, to determining what happens with consumer data after the app has been deleted from a smartphone. It is important to note that the Framework does not speak directly to the specific health or clinical functionality of an app but can be extended to do so through the use of profiles (with constraints and/or extensions) developed on top of cMHAFF.

A walking app collects data based on how far someone walks, using GPS technology. A consumer can view a history of walks taken and summary statistics related to distance walked and estimated calories burned. App developer is not a HIPAA-covered (see reference below) entity (CE) such as a healthcare provider, nor is the app sponsored by a CE (such as a hospital or physician).

For some apps, especially those like Use Case C, there are several potential threats and vulnerabilities which should be assessed and mitigated, where necessary, by mHealth developers (see 3.2.2 Product Risk Assessment and Mitigation). The primary goals of cMHAFF are to provide a standard against which a mobile app’s foundational characteristics -- including but not limited to security, privacy, data access, data export, and transparency/disclosure of conditions -- can be assessed. The framework is based on the lifecycle of an app, as experienced by an individual consumer, from first deciding to download an app, to determining what happens with consumer data after the app has been deleted from a smartphone. It is important to note that the Framework does not speak directly to the specific health or clinical functionality of an app but can be extended to do so through the use of profiles (with constraints and/or extensions) developed on top of cMHAFF.

The Consumer Mobile Health Application Functional Framework is an HL7 Standard for Trial Use (STU). The primary goals of the Consumer Mobile Health Functional Framework (cMHAFF) are to provide a standard against which a mobile app’s foundational characteristics -- including but not limited to security, privacy, data access, data export, and transparency/disclosure of conditions -- can be assessed.