Two issues near and dear to the hearts of mHealth enthusiasts – mobile app regulation and privacy and security – took center stage as the 4th Annual mHealth World Congress opened Wednesday afternoon in Boston.

The topics took up the first two of four panel discussions on Wednesday, the first day of the three-day conference. And judging by the level of discussion and number of questions from the audience, it's clear they won’t be going away any time soon.

[See also: Mobile health app market in growth mode]

With the mHealth industry anxiously awaiting the U.S. Food and Drug Administration's final draft of guidelines for mobile medical apps (expected by this fall), the talk at that particular panel discussion focused on what should be regulated and what shouldn't. Bakul Patel, a policy adviser for the FDA's Center for Devices and Radiological Health, pointed out that the market is flooded with apps – many of them harmless, but some of them potentially dangerous and in need of regulation.

"It's not just about cool software or making something useful," he said in a video feed to the conference, held at the Collonade Hotel. "You have to understand the risks … and the intentions."

Taking up the reins for most of the session was Brad Merrill Thompson, general counsel for the mHealth Regulatory Coalition and counsel for the Continua Health Alliance. Thompson, who drafted a response from the coalition to the FDA's guidance document, issued about a year ago, said the FDA is only concerned with a small fraction of mobile medical apps that meet specific uses: They either assist in the development of clinical decisions for health issues, or as accessories that cause an app to be used as a medical device.

Thompson said stakeholders want the FDA to clarify the issue of intended use, which focuses on the difference between wellness and health apps, and much of that discussion focuses on what the developer says the app will do. "It all comes down to how you promote the product," he said.

[See also: Kaiser goes mobile with 9 million strong]

For instance, he pointed out, the FDA stepped in roughly three years ago when the makers of Cheerios began advertising that the cereal helped reduce cholesterol – thus qualifying it as a new drug. That advertising campaign was quickly shelved.

[Q&A: ONC's Wil Yu on how app contests offer more than money.]

Thompson said some apps blur the distinction between health and wellness, moving away from language like "improve" and "monitor" to the more risky "diagnose" claim. An in-house study of 100 mobile health apps found on iTunes, he said, found 8 percent that definitely needed regulation and 56 percent that wouldn't need it – but 36 percent fell into an ambiguous area that might require regulation.

"You're drawing connections between leading mHealth products and leading a healthier life … and you've got to understand that there are lines that can't be crossed," he said.

Another area of concern, Thompson said, is clinical decision support (CDS) software – what he called "the next wave" in electronic health records. He said most EHRs are generally considered passive collection points, but as they develop tools that allow them to analyze data and draw medical conclusions, the FDA will have to step in and look at them.

Patel agreed, saying the FDA is working on a guidance document on CDS systems "that has big implications for the EHR."

For some, FDA regulation isn't such a bad thing. Sridhar Iyengar, co-founder and chief technology officer for AgaMetrix, a developer of diabetes tools, said developers may find it more advantageous to seek FDA approval of their app than try to maneuver around it. That so-called FDA seal of approval, he said, could then be used for marketing purposes and as an advantage over competitors.

Privacy and security issues, next page.