A weight management app helps consumers to systematically collect weight information, food consumption information and exercise information.  Weight can be entered manually, or a consumer can link a wireless scale to the app so that weight is automatically collected when using the scale.  Food consumption is entered manually, and the tool estimates calories consumed based on the consumer’s input. Exercise information may be entered manually or collected automatically through integration with a smart watch. A walking app collects data based on how far someone walks, using GPS technology. A consumer can view a history of walks taken and summary statistics related to distance walked and estimated calories burned. App developer is not a HIPAA-covered (see reference below) entity (CE) such as a healthcare provider, nor is the app sponsored by a CE (such as a hospital or physician).

A diabetes management app allows a consumer to collect blood sugar readings through a Bluetooth-enabled glucometer. A healthcare provider offers the app to enable the patient’s blood sugar to be captured through devices, rather than relying on manual entry by the patient, and to electronically transmit the readings to the patient’s physician, rather than using paper or FAX. Activity data are collected through an activity tracker, and a consumer can open the app to record meals and snacks to enable estimates of caloric consumption.

For some apps, especially those like Use Case C, there are several potential threats and vulnerabilities which should be assessed and mitigated, where necessary, by mHealth developers (see 3.2.2 Product Risk Assessment and Mitigation). The primary goals of cMHAFF are to provide a standard against which a mobile app’s foundational characteristics -- including but not limited to security, privacy, data access, data export, and transparency/disclosure of conditions -- can be assessed. The framework is based on the lifecycle of an app, as experienced by an individual consumer, from first deciding to download an app, to determining what happens with consumer data after the app has been deleted from a smartphone. It is important to note that the Framework does not speak directly to the specific health or clinical functionality of an app but can be extended to do so through the use of profiles (with constraints and/or extensions) developed on top of cMHAFF.

This category is about the assessment of usability during the product development cycle, for the intended use by a target audience. Certain accessibility requirements (usability for users with specific disabilities) are recommended, but the list is not exhaustive. Other disabilities not mentioned (e.g., cognitive/learning disabilities) should be considered under the umbrella of conformance criterion #1.

This category is about disclosure of the level of customer support available. The specific mechanisms for support (e.g., phone, chat, email, FAQ, online help) are not prescribed by cMHAFF.