A medical app is software on a phone or tablet that functions as a medical device: it diagnoses conditions, guides treatment decisions, or transforms your phone into a tool like a heart monitor. That distinction matters because it separates medical apps from the thousands of general wellness apps in app stores. A fitness tracker that counts your steps is not a medical app. An app that analyzes your heart rhythm and flags atrial fibrillation is.
What Makes an App “Medical”
The FDA defines mobile medical apps as software that either acts as an accessory to a regulated medical device or turns a mobile platform into a regulated medical device itself. The key test is whether the app meets the legal definition of a “device” under federal law, meaning it’s intended to diagnose, treat, cure, or prevent a disease or condition.
In practice, this covers apps that analyze medical images, calculate drug doses based on patient-specific data, connect to blood glucose monitors or ECG sensors, or use your phone’s camera and microphone to measure clinical values. If the app’s output directly influences a medical decision, it’s likely a medical device in the eyes of regulators, even though it lives on the same phone as your social media and weather apps.
Where Wellness Apps End and Medical Apps Begin
The line between a health app and a medical app isn’t always obvious to users, but regulators draw it based on risk. The FDA intentionally leaves lower-risk apps alone, choosing not to regulate software that helps you self-manage a condition without offering specific treatment recommendations or that automates simple tasks for healthcare providers.
Apps the FDA does not actively regulate include:
- Medication reminders that track your prescriptions and send alerts
- Symptom checkers that provide a list of possible conditions and suggest when to see a doctor
- Vital sign trackers that let you log and trend blood pressure or weight over time
- Behavioral health tools that help people with psychiatric conditions practice coping skills
- Lifestyle coaching apps that guide prediabetic patients toward better eating and exercise habits
- Safety alert apps that warn asthma patients about environmental triggers using GPS, or flag drug interactions
- Emergency communication apps that let you send an alert to first responders or initiate a nurse call
These apps may handle health information, but they don’t make clinical decisions. The moment an app starts interpreting data and recommending a specific diagnosis or treatment, it crosses into regulated territory.
How Medical Apps Are Classified by Risk
Not all medical apps carry the same stakes. An international framework used by regulators worldwide sorts them into four risk categories (I through IV) based on two factors: how serious the health condition is, and how much weight a clinician would place on the app’s output.
An app that informs a doctor’s management of a non-serious condition sits at Level I, the lowest risk. An app that directly drives a diagnosis for a life-threatening condition lands at Level IV. Most of the regulatory scrutiny, including requirements for premarket review and clinical evidence, concentrates on the higher-risk categories where errors could lead to death or serious disability.
This risk-based system means a dermatology app that flags suspicious moles for further evaluation faces lighter oversight than an app that reads cardiac imaging to detect a heart attack in progress. Both are medical apps, but they carry very different consequences if they get it wrong.
AI-Powered Medical Apps
Artificial intelligence has rapidly reshaped the medical app landscape. As of early 2026, the FDA has authorized over 1,400 AI-enabled medical devices. The vast majority serve radiology, helping clinicians read X-rays, CT scans, and MRIs faster and more accurately. Other common specialties include cardiovascular medicine, pathology, gastroenterology, and neurology.
These AI tools typically work alongside a physician rather than replacing one. An AI app might scan a chest X-ray and highlight areas that look suspicious for lung nodules, but a radiologist still makes the final call. The technology is advancing quickly, though, and the gap between “decision support” and “autonomous diagnosis” continues to narrow.
The Problem With Unregulated Health Apps
App stores apply minimal quality control to health-related apps. There is no requirement that an app be evidence-based, clinically tested, or even accurate before it reaches your phone. This creates real risks. Systematic reviews of substance use reduction apps, for example, consistently find that most fail to use proven treatment approaches. Many make bold claims about their effectiveness and use scientific-sounding language to appear more credible than they are.
The safety failures go beyond just being unhelpful. Unregulated apps have been found to provide inaccurate health information, respond inappropriately to crisis situations, and normalize unsafe behaviors. Generative AI has accelerated the problem by making it cheap and fast to build health apps that look polished but have never been tested against real clinical outcomes. Huge populations of users are left vulnerable to misinformation that can actively hinder treatment and recovery.
Among healthcare providers, the picture is similarly informal. Clinicians tend to choose medical apps based on colleague recommendations rather than rigorous evaluation. The clinical app market is growing faster than the evidence base supporting it.
How Your Data Is Protected
Medical apps that handle personal health information are expected to follow specific security practices, though the requirements depend on whether the app qualifies as a covered entity under federal health privacy law. The Federal Trade Commission recommends that all health app developers encrypt data both when it’s stored on your device and when it’s transmitted, use multi-factor authentication, and collect only the minimum data necessary for the app to function.
On the administrative side, developers should designate someone responsible for data security, train their engineers in secure coding, and conduct security testing throughout the app’s life cycle. They’re also expected to delete your data once there’s no legitimate business reason to keep it and to set privacy-protective defaults so you’re protected from the moment you install the app.
In reality, compliance varies widely. Free health apps often monetize user data through advertising or third-party sharing. Before entering sensitive health information into any app, it’s worth checking the privacy policy for specifics on who can access your data and whether it’s sold or shared.
How to Tell If an App Is Legitimate
If an app claims to diagnose a condition, recommend treatments, or connect to a medical device, look for evidence that it has been reviewed by a regulatory body like the FDA. Cleared or authorized apps will typically mention their regulatory status on their website or in the app store listing. You can also search the FDA’s device database directly.
For apps that fall outside FDA oversight, such as wellness trackers or symptom diaries, quality signals include published clinical studies, transparent development teams with medical credentials, clear privacy policies, and regular updates. An app that claims clinical benefits but offers no evidence, no named medical advisors, and no regulatory clearance deserves skepticism, regardless of how many downloads it has or how professional its interface looks.