Digital Healthcare 2025

Context: Digital Healthcare Usage

Digital healthcare encompasses a wide array of technologies and applications designed to improve healthcare services, facilitate the integration and exchange of health information, enhance treatment, promote health and prevent the development of diseases. Currently, the main categories of digital healthcare are:

• telehealth and telemedicine;
• health information technology;
• digital/personalised medicine; and
• preventative and wellness technologies.

Telehealth and telemedicine

This involves remote patient monitoring, mobile health applications such as apps that control insulin pumps, and wearable devices such as smartwatches. These tools aim to improve healthcare services by enabling remote consultations, real-time data collection, and AI-driven diagnostics to improve diagnosis, treatment and monitoring of patients.

Health information technology

This includes electronic patient records, and facilitates the integration and exchange of health information, ensuring that healthcare providers have access to complete sets of data from everywhere, particularly in urgent situations.

Digital and personalised medicine

This is powered by AI, and offers health recommendations and treatments tailored to individual patients, improving treatment outcomes.

Preventative and wellness technologies (lifestyle tools)

This includes apps promoting health-sustaining behaviours, focusing on promoting health and preventing diseases.

These various forms of digital healthcare differ in their operators, purposes and classifications within legal and regulatory frameworks. For instance, telehealth, telemedicine and personalised medicine generally focus on diagnosis, treatment and monitoring, health information technology tools enable smooth operation and interconnection, and lifestyle tools aim to promote general well-being. Furthermore, different tools and applications fall under different categories depending on their intended use (eg, lifestyle versus medical app), which might trigger certain regulatory requirements such as certifications (eg, the CE mark for medical apps available on the EU market).

The use and application of digital healthcare is prevalent globally, although it varies from country to country. Telemedicine has become particularly prominent, especially during the COVID-19 pandemic. The integration of AI and machine learning is rapidly advancing, with a focus on improving diagnostic accuracy and patient outcomes. Some countries are very advanced in integrating digital technology into healthcare settings, while others have more fragmented systems that are not yet mainstreamed or interconnected with each other. The different jurisdictions therefore have varying regulatory regimes on digital technology.

Digital healthcare brings numerous benefits, including enhanced accessibility, efficiency and patient outcomes by enabling remote consultations, real-time data collection and AI-driven diagnostics, while also improving interoperability and data sharing among healthcare providers.

The benefits of digital healthcare to patient care can be broadly divided into two groups: individual treatment improvement and the overall “greater good” for patient treatment and research.

The experience of patients is generally improved with better access to healthcare (reduced need for in-person visits), having greater control over their health data, and smoother transition and access to health data from any location. Healthcare professionals benefit from enhanced clinical decision-making, improved diagnostic accuracy, streamlined workflows and more efficient patient care – eg, by everyone, everywhere benefiting from complete sets of data, particularly in urgent situations.

The overall benefit for all is facilitating access to health data for researchers and innovators to improve treatment and to research and develop strategies against diseases.

While there are initial investment costs in technology and infrastructure, digital healthcare has the potential to reduce long-term healthcare costs significantly through improved efficiency, early disease detection, remote monitoring and telemedicine.

Legal Framework

There is no universal regulatory definition of digital healthcare, and in most instances no binding definitions exist within national frameworks. However, practically speaking, digital healthcare is broadly understood as an umbrella term encompassing various digital technologies used to improve health. The World Health Organization (WHO) defines digital health as “the field of knowledge and practice associated with the development and use of digital technologies to improve health”. Similarly, the European Commission defines digital health as “a set of tools and services that use information and communication technologies (ICTs) to support and improve all stages of healthcare, from prevention and diagnosis to treatment, monitoring and management of health conditions”. The new European Health Data Space (EHDS) Regulation provides certain definitions related to personal electronic health data.

The regulatory framework for digital healthcare has, for the most part, been developed separately by each country and often lags behind technical progress. Broadly, liability regimes applicable to digital healthcare are more developed (largely as these are general product liability regimes) than bespoke regulatory regimes that address specific digital healthcare issues. For example, within the EU, the framework is only partially harmonised, with regulations such as the In Vitro Diagnostic Medical Devices Regulation (EU) 2017/746 (IVDR) and the Medical Device Regulation (EU) 2017/745 (MDR) providing some level of consistency in respect of the regulatory framework. Key regulatory frameworks generally include requirements for healthcare providers, cost coverage by health insurers, data protection laws, and health data and technology rules, such as HIPAA and HITECH in the United States.

Policymakers and lawmakers strive to stay up to date with technological developments and to set up working groups for specific topics. Business lobby groups also play a significant role in influencing the development of new guidelines, regulations and liability laws. The regulatory (and liability) framework is critical in supporting or hindering digital innovation hubs and the role of domestic enterprises in the global market. The basis for the development of new guidelines or regulatory laws often starts with regulatory sandboxes and pilot projects.

In addition to the usual purpose of ensuring safety and regulatory compliance, adherence to technical standards in the field of digital health particularly addresses unique issues of interoperability that are increasingly prevalent (with the use of connected devices being on the rise). On the other hand, the rapid technological developments in digital health may not yet be captured by existing technical standards. Instead, they provide the opportunity to set new ones.

Issue-specific legal framework

Software as a Medical Device (SaMD) is regulated in several jurisdictions, under frameworks such as the EU’s MDR and IVDR, Australia’s Therapeutic Goods Act, the US FDA’s guidelines and South Korea’s Digital Medical Products Act (DMPA), all of which establish specific requirements for the classification, approval and monitoring of SaMD, fitting alongside broader digital healthcare regulations to ensure safety, efficacy and compliance.

Self-care, wellness and fitness IT products

These include IoT and wearables, and have seen rapid growth; they are intended to encourage and monitor health and wellbeing. Nonetheless, there is usually no applicable specific regulatory framework, and manufacturers will generally seek to produce products that do not fall under the classification of medical devices. However, the distinction between wellness/healthcare products and medical devices can be very difficult to discern and fluid in nature, potentially triggering conformity assessment and label requirements (eg, CE marking) for products ostensibly intended to be wellness/healthcare products.

Cybersecurity and data protection

These issues are critical to digital healthcare due to the high sensitivity of collected data (health data in particular). Data protections laws all over the world address related risks for individuals by demanding high protection standards. The approach varies by legislation. Comprehensive models, as the General Data Protection Regulation (GDPR) in Europe, provide data protection rules for all personal data, with a particularly high level of protection for health data. Sectoral approaches, such as in the USA, provide sector-specific data protection. This includes, for example, HIPAA and particular cybersecurity regulatory frameworks being introduced in several jurisdictions (eg, the NIS2 Directive and Cyber Resilience Act in the EU).

Artificial intelligence (AI) and machine learning (ML)

The EU’s new AI Act is the first-ever standalone governance of AI from a regulatory perpsective. However, the EU AI Liability Act was withdrawn in February 2025, as the member states were unable to agree on a sufficient common basis. In other jurisdictions, such as Switzerland, legislators have not yet managed to develop a regulatory framework, or have only a partially enacted relevant regulatory framework (eg, South Korea’s AI Act, and China’s regulations on AI-assisted diagnosis technology and Al-assisted treatment technology).

Telehealth

Despite the increased use of telehealth following the COVID-19 pandemic, some jurisdictions lack specific telemedicine legislation. They instead rely on general healthcare rules. Others, like the USA and India, have implemented specific telehealth regulations.

Overall, in dealing with the topic generally and in respect of the discrete issues that arise with digital healthcare, the regulatory framework for digital healthcare is seen as lagging behind technological advancements, with gaps in regulation and enforcement. Existing liability laws, in particular, may need to be amended to take into account the new types of products and services emerging in digital healthcare contexts. Usually, marketing authorisations by US and ROW authorities provide for the safety and conformity of the product. However, considering the number and variety of digital health technologies, no similar comprehensive regulatory framework has been developed yet, leading to regulatory gaps and uncertainties.

Regulatory Oversight

The oversight of digital healthcare typically falls under the remit of the usual healthcare regulatory agencies (such as the FDA in the USA, and the FAMHP in Belgium), being responsible for oversight and providing regulatory advice.

In some cases, non-healthcare regulatory agencies may also be involved in digital healthcare oversight. For example, the Competition and Consumer Protection Commission (CCPC) in Ireland is responsible for consumer protection, including digital healthcare applications.

The enforcement of laws and regulations in digital healthcare varies by jurisdiction and can range from educating infringing parties and issuing warning letters to pre-market assessments, routine monitoring and the imposition of penalties (even criminal penalties). Data protection violations are particularly liable to stricter enforcement.

The current regulatory frameworks are evolving but still face challenges in fully addressing the risks posed by digital technologies in healthcare. For instance, in Australia, the Therapeutic Goods Administration (TGA) has made strides with recent amendments to the Medical Device Regulations, yet cybersecurity and data privacy remain critical issues needing further regulatory attention. In the USA, while the FDA and other agencies have established guidelines and enforcement mechanisms, the rapid pace of technological advancement often outstrips regulatory updates. In Switzerland, the decentralised approach and lack of a coherent data management environment highlight the necessity for a more integrated and robust regulatory framework to effectively manage the complexities of digital healthcare technologies. Proposed reforms in the USA, for example, may address telehealth fraud and over-utilisation by practitioners following the expanded use of telemedicine services.

Liability

Digital healthcare poses several legal risks, including privacy and security challenges, interoperability issues, and the increased involvement and reliance on third parties, which can lead to intended or unintended responsibility gaps. Legal issues also arise from the lack of comprehensive and harmonised pre-market regulatory frameworks, resulting in inconsistent enforcement and gaps in protection. The rapid pace of technological advancements often outstrips existing regulations, creating challenges in ensuring that new digital health solutions comply with current legal standards and adequately protect patient safety and privacy. Companies not specialised in healthcare but tapping into healthcare services/products may face significant regulatory challenges.

Fragmented and inconsistent regulatory landscapes, which complicate the enforcement of standards and protections across different jurisdictions, might be very unclear to, for example, manufacturers of digital healthcare applications. Additionally, the lack of specific regulations for emerging technologies, such as AI and machine learning in healthcare, further complicates enforcement efforts, as authorities struggle to apply existing frameworks to new and complex digital health solutions. If the digital health product leads to damage to consumers, typically the “enforcement” will be imposed by affected consumers’ or competitors’ claims via litigation. There is often great complexity in determining responsibility among multiple stakeholders, such as healthcare providers, technology developers and manufacturers. This can complicate contractual and statutory obligations and make determination of resultant liability more difficult.

Liability frameworks for digital healthcare are generally based on general liability regimes, including contractual claims, tort, common law principles, and strict product liability. In the EU, the Product Liability Directive (PLD) harmonises liability across the member states and falls under the Representative Actions Directive (RAD) regime currently being brought into effect across the EU.  This means that product liability claims can be brought on behalf of consumers in some form of class action system. Some of the jurisdictions (eg, Germany) enabled “class actions” aimed at redress for the first time, with the implementation of the RAD in October 2023. This might increase the exposure of manufactures of digital health products in the EU member states significantly, as the RAD further provides for the possibility of cross-border claims.

To mitigate against legal exposures, companies can:

• adhere to industry standards (where available);
• obtain necessary regulatory approvals;
• document testing against standards;
• enable proper quality surveillance systems;
• implement robust compliance systems; and
• include contractual safeguards such as indemnity clauses, warranties and clear allocation of responsibilities.

Emerging Legal Issues and Reform

Recent developments in digital healthcare technology include a continued focus on:

• AI and ML;
• virtual and augmented reality;
• automation of administrative processes;
• data interoperability and standardisation; and
• the Internet of Medical Things (IoMT).

These advancements are transforming the healthcare landscape, offering new opportunities for improving patient care and operational efficiency.

Several jurisdictions are undertaking reforms to address the evolving digital healthcare landscape. On the EU level, the revised PLD aims to keep pace with new stakeholders and product types, overcoming the “black box” effect for consumers. In Switzerland, the “DigiSanté” initiative aims to advance digitalisation within the healthcare sector.

These reforms and initiatives reflect the ongoing efforts to create a more integrated and robust regulatory framework that can effectively manage the complexities of digital healthcare technologies.

In conclusion, digital healthcare offers significant benefits in terms of accessibility, efficiency and patient outcomes. However, the regulatory framework must evolve to keep pace with technological advancements, address legal risks, and ensure the safety and privacy of patients. In the face of continuing digital progress, regardless of the regulatory framework (or its introduction), stakeholders will face uncertainties and will need to closely monitor the changing regulatory landscape. Moreover, even with existing and further developed liability regimes, the complexity of legal issues arising in the context of digital healthcare means liability determination for these products is particularly complex.