1. The Success Checklist: What mHealth Investors and Entrepreneurs Should Know
8/11/2014 11:45:24 AM
The Success Checklist: What mHealth Investors and Entrepreneurs Should Know
health, healthcare,investors,FTC,HIT,HIPAA
App Developer Magazine

The Success Checklist: What mHealth Investors and Entrepreneurs Should Know

Monday, August 11, 2014

Lisa Clark Lisa Clark
C. Mitchell Goldman C. Mitchell Goldman

A healthcare start-up developer has an intriguing concept for an app or a software solution. It may be an app tied to a sensor that is designed to transmit a diabetic’s blood glucose levels to her physician, or an app that has a proprietary algorithm that analyzes a heart patient’s water retention to predict congestive heart failure.

The developer has partners who may have backgrounds in IT, healthcare or finance, and who perceive an opportunity to resolve an issue in the emerging health care IT environment. The team has taken important first steps towards bringing the product to market. There is a website, an executive summary, and polished materials that describe the benefits of the app/software.  
The team has brought on a specialist, such as an electrical engineer, a research physician, or a data analyst, who is contributing time in return for equity. The developer and his partners have invested their own money, and have raised some money from family and friends, but are looking for significant funding. They know they need to be prepared for discussions with investors, and seek guidance on the business and legal issues that will likely arise.

As lawyers with business and health care backgrounds, we see many entrepreneurs looking for advice on next steps. Here are some of the questions we always ask:

1. What Is Your Business Plan?

The business planning exercise is essential to raising the necessary funding to start and grow the business. Many entrepreneurs focus primarily on the financial projections and pro formas and tend to miss some of the key execution issues. Some of these issues include the revenue model (discussed later here), the experience of the founder and the management team, the unique selling proposition or disruptive advantage with respect to the competition, the macro trends that will drive the business for the long term and the proposed exit strategy.

Most investors will tell entrepreneurs that they invest in founders and management teams, not businesses. While many investors will spend time on the financial projections and the assumptions, they will always be judging the track record of the founder and members of the management team to determine whether they can execute the business plan.

The business' competitive advantages should be clear and should anticipate the reactions of competitors to new entrants. If you are claiming that the technology is “disruptive”, it is essential that the business plan demonstrate why competitors will be at a disadvantage. This may be due to the business' patents or other intellectual property, or a unique algorithm or business method.

The business plan should identify the macro trends driving this new business - for example, downward pressure on Medicare and other insurance payments, driving health care providers to reduce operating expenses and improve efficiencies in care delivery.  Digital health apps can reduce the number of people delivering care or reduce the use of health care services by anticipating a bad medical event like a heart attack.  Macro trends like health care provider consolidation or the emphasis on population health are all current trends to consider that are driving health care innovation.

The business plan must take into account the regulatory environment. Many entrepreneurs minimize the business disruptions that can result from noncompliance with the regulations.  Entrepreneurs should be aware that a smart investor would never back an app that does not meet regulatory standards, and could be investigated or even shut down.

In situations where a mobile medical app qualifies as a “device” under the Food and Drug Administration (FDA) but is not properly cleared or approved by the FDA, the effect can be devastating. For instance, uChek is an mHealth app that is intended to be used with reagent strips to conduct urine analyses via a mobile device. In May 2013, the FDA issued a notice letter to uChek requesting that the company explain why it is not regulated by the FDA within 30 days. Based on the press reports, uChek initially dismissed the FDA’s request for more information, but the agency did not change its position. Ultimately uChek was forced to raise funds to resolve its FDA regulatory issues – an expenditure that it did anticipate. 

In addition to FDA issues, the Health Information Portability and Accountability Act (“HIPAA”) requires compliance in many instances where personal health data is shared. The HIPAA issues may be complicated where, for instance, the software permits a provider to collect and distribute health information on patients to a data analyst, another provider, or a payor, and this third-party then analyzes the information and sends it to other parties, such as a payor or a behind-the-scenes health coach. 

The Federal Trade Commission (FTC) is another government division that is concerned about HIT and mobile apps from the consumer perspective.  he FTC expects that websites contain certain consumer notice information, such as terms and conditions and privacy policies that comply with law. The FTC has also shut down an app provider that claimed to treat acne through the light from the device with no supporting evidence.

Finally, the business plan must address the company's exit strategy. Are the founders expecting to keep the company forever and grow the business? If not, what is the expected exit? Is there a sale to a strategic partner in 3, 5 or 7 years? What level of earnings before interest, depreciation, taxes and amortization (EBITDA) will be required to achieve the exit? Every investor, both existing and potential, will want to know the answer to these questions and the business plan must address them.

2. How Will You Get Paid?

It is amazing how little attention is often given to the business model and to how revenue will be generated by the company. App developers design business models that they usually take from other commercial experiences. For example, some digital health models replicate gaming industry models, including the “freemium” model where the app is put on the web for free (using advertising to generate revenue), develops a following and offers an enhanced (often ad-free) version for a fee. However, patients and providers have not embraced this model.

Most large-scale health care IT systems are sold using a multi-year licensing agreement to generate recurring revenue. Errors are made where digital apps are diagnostic or therapeutic and the founders are expecting to be paid by health insurers “because the app saves money”. However it is often the case that no attention is paid to obtaining a CPT billing code for the app. Health insurers do not make it easy to qualify to be paid for a new digital service. Every app developer should know how to qualify for health insurance reimbursement early on in the development process. This could be the biggest barrier to successful execution.  

An easy route to consider is the need for a beta test with a hospital or large physician group before seeking reimbursement. The beta test, in addition to learning the implementation hiccups, might generate the company’s first customer. Armed with a beta test demonstrating improved care or a cost reduction, health insurers may be more amenable to paying for the new app. Consideration should also be given to companies that self fund their health insurance. In these situations, large groups of employees at businesses that determine what is covered may be the shortest path to generating a beta test site.

Another consideration that usually raises serious concerns is how the product will be marketed. With apps that are reimbursed by health insurers, there are strict prohibitions against offering incentives to physicians, hospitals and other providers to use a specific product. These activities may implicate the state and federal health care fraud and abuse laws.

There are specific laws, known as the Stark Law and the Anti-kickback Statute that prohibit referrals by physicians for certain items and services that are reimbursable under Medicare or Medicaid. For example, rewarding a physician with a gift or dinner or a paid vacation for their increased use of an app is strictly prohibited. Structuring the company with physicians or other providers as shareholders or developers of the app could also implicate the fraud and abuse laws. Traditional marketing methods need to be carefully screened for fraud and abuse compliance.

Take the example of an orthopedist who has developed and owns an app through an entity she formed. Through the app, a Medicare patient who is recovering from an infection reports to the physician daily on how he or she is feeling. The physician may use an e-prescribing function of the app to prescribe lab services. The physician instructs the patient that if he uses a particular lab, the cost of the app services may be reduced, or the physician may offer the patient a gift card. The physician’s son happens to have an ownership interest in the lab, so that the physician may financially benefit from the referral. This arrangement most likely would violate the law (although it may be possible to re-structure the arrangement so it fits within the law). 

State laws governing the practice of medicine and physician licensure may also apply to some of the traditional and innovative marketing strategies. Each approach needs to be screened to assure that none of these strategies triggers a federal or state law violation.

3. Do You Have Insurance?

Insurance is one of those items that is often forgotten in the projections and may be a significant expense for those digital applications that are either diagnostic or therapeutic in nature. These device companies should seek products liability insurance to coverage to protect the company in the event of a device malfunction resulting in a bad patient outcome.

For example, if a device could predict when a heart attack would occur and the device failed and the patient died from a heart attack, it possible that a patient could bring a lawsuit against the app developer. If a device that is transmitting patient data that a physician relies upon and the physician makes a wrong patient care decision or misses a diagnosis resulting in harm to the patient, the company could be a defendant in a lawsuit. The health care industry is very litigious with large jury verdicts in a small number of cases, but insurance coverage is essential to protect the long term financial integrity of the business.


Every start-up developer with a mobile health app or software solution must proceed with eyes-wide-open with respect to the aforementioned business and legal issues. None of these issues will answer themselves and, without careful consideration, they could impede the developer’s ability to get funding and enter the marketplace. On the other hand, the company that has addressed these issues as part of the business plan and product design has a significant advantage over its competitors. Developers who do their homework now will reap the benefits later.  

This content is made possible by a guest author, or sponsor; it is not written by and does not necessarily reflect the views of App Developer Magazine's editorial staff.

Subscribe to App Developer Magazine

Become a subscriber of App Developer Magazine for just $5.99 a month and take advantage of all these perks.


  • - Exclusive content from leaders in the industry
  • - Q&A articles from industry leaders
  • - Tips and tricks from the most successful developers weekly
  • - Monthly issues, including all 90+ back-issues since 2012
  • - Event discounts and early-bird signups
  • - Gain insight from top achievers in the app store
  • - Learn what tools to use, what SDK's to use, and more

    Subscribe here