The Direct-to-Consumer Revolution in Digital Healthcare: Regulatory and Operational Challenges

At my last doctor’s appointment, I learned how to use my smartwatch to perform an electrocardiogram (ECG) to test for atrial fibrillation. Naturally, I found myself checking my ECG multiple times a day, curious about the fluctuations in my heart rate. Did I have cause for concern? Fortunately, my watch consistently reported no evidence of atrial fibrillation, while also issuing a clear disclaimer that it could not detect signs of a heart attack.

This experience highlights a revolutionary shift in the health industry: the rise of direct-to-consumer (DTC) digital health products. Life science companies are no longer developing medical technology solely for healthcare providers. Instead, they are increasingly focused on creating, marketing, and selling products directly to patients as consumers. The traditional healthcare model is evolving—patients now expect to play a more active role in their own care, empowered by technology. As one author notes: “What was once a system anchored in hospitals and clinics has evolved into an on-demand, digitized ecosystem where consumers expect the same level of convenience from healthcare as they do from food delivery or e-commerce platforms.” 

The DTC trend in digital health promises to eliminate inefficiencies, improve access, reduce costs, and, above all, personalize medicine for patients. However, selling digital health devices directly to consumers introduces new regulatory and operational challenges. Can life science companies deliver innovative DTC digital health tools that meet consumer expectations without compromising quality of care?

What is Digital Health?

The FDA’s Digital Health Center of Excellence broadly categorizes digital health into five areas:

• Mobile health: Smart devices, smart clothing, chronic condition management & tracking, and health research.
• Health information technology: Simulation software for research, drug discovery support software, and analysis of data from medical devices.
• Wearable devices: Glucose monitors, blood pressure monitors, and ECGs.
• Telehealth and telemedicine: Remote appointments that complement or replace traditional in-patient care.
• Personalized medicine: Services focused on exercise, diet, and emotional or physical wellbeing.

In the era of the Internet of Things, and with the advent of Artificial Intelligence (AI) and Machine Learning (ML), many digital health products now use computing platforms, connectivity, software, and sensors for diagnosis and treatment. Companies deploy technology-driven solutions for conditions such as sleep apnea, insomnia, asthma, chronic obstructive pulmonary disease (COPD), diabetes, tobacco cessation, end-stage renal disease, medication refills, genomics-based decision-making, body fat composition, and weight loss.  Some digital devices are intended for use as medical products, while others may serve as components, companion diagnostics, adjuncts to other medical products, or tools for assessing safety and effectiveness.

Regulation of Digital Health Devices

Recognizing the complexity of new digital health devices, the FDA has created a Mobile Health App Interactive Tool to help companies determine which U.S. federal laws and regulations apply to each product. The tool highlights products subject to the Food, Drug, and Cosmetic Act (FD&C Act), which regulates the safety and effectiveness of medical devices. The FD&C Act applies to any digital health product meeting the definition of a medical device under Section 201(h): devices or components “intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease.” This includes glucose monitors, ECGs, and other diagnostic or treatment devices.

Other laws and regulations may also apply, such as state and federal privacy and security laws. For example, the Federal Trade Commission (FTC) Act prohibits unfair or deceptive acts or practices and applies to healthcare apps that collect personal information and may pose privacy or security risks. The FTC enforces the Health Breach Notification Rule, which requires notification to customers, the FTC, and, in some cases, the media if there is a breach of unsecured, individually identifiable health information. The FTC has also taken enforcement actions against app providers making deceptive product claims unsupported by medical evidence. 

New rules are under consideration at the state, federal, and international levels to address the integration of AI/ML into digital health products. For example, the Healthy Technology Act of 2025 (H.R. 238), introduced in January 2025, would amend the FD&C Act to allow AI/ML tools to qualify as “practitioners” eligible to prescribe drugs if approved, cleared, or authorized by the FDA, provided state law allows it. While the bill aims to reduce errors, improve safety, enhance efficiency, and alleviate physician burnout by automating routine tasks, critics raise concerns about the erosion of human clinical judgment, data privacy risks, liability for AI/ML errors, and the potential for bias or fraud.

Operational Concerns

Life science companies developing DTC products face new operational challenges. Their customer base has expanded from a relatively narrow group of medical businesses to thousands of consumers worldwide. This shift requires new advertising and distribution expertise, as well as an understanding of complex laws and regulations that apply when selling across jurisdictional boundaries.

A major operational challenge in selling DTC digital diagnostic tests is product integration. Companies must ensure that test results performed by patients at home can be integrated into healthcare records, enabling both patient and provider to participate in healthcare decisions. Digital health tools must communicate with healthcare record systems in real time, avoiding the siloing of DTC care from a patient’s broader medical history. Achieving this integration is challenging due to disparate medical record systems and must be done with respect for patient privacy.

Digital test products sold without health record integration present another challenge: companies must explain to lay consumers how to interpret results. For example, consumers who misinterpret glucose monitor results could jeopardize their health.

Ultimately, life science companies must balance consumer expectations for instant, understandable results with the need to accurately and efficiently integrate test results into comprehensive medical records, while maintaining privacy and security protections for sensitive personal data.

The Path Forward

Digital medical devices sold directly to consumers are here to stay, driven by their potential to improve healthcare outcomes and accessibility, and by consumer demand for convenience, affordability, and empowerment. As life science companies continue to harness AI/ML to develop more sophisticated digital healthcare devices, they must address the emerging challenges posed by these technologies.

One challenge not discussed above is the evolving liability risk associated with selling digital medical devices directly to consumers. In a subsequent post, we will explore the need for life science companies entering the DTC arena to implement appropriate risk management safeguards, including insurance, to minimize risk should devices malfunction or results not meet consumer expectations.

The journey toward seamless, secure, and effective direct-to-consumer digital health is ongoing, and its success will depend on a collective commitment to continuous improvement, risk awareness, transparency, and patient-centered care.

Authored by Derek Dow, Berkley Life Sciences, VP, Life Sciences Digital Health Leader