Home / All CMS Expert Guides / CMS Expert Guide to digital health apps and telem... /
Mexico

Digital health apps and telemedicine in Mexico

Table of contents
  1. Digital Health Apps/Software
    1. 1. How is the software within digital health apps classified in your jurisdiction, and what regulation(s) apply?
    2. 2. Are there any other legal regimes that may govern digital health software? (e.g. data protection/ privacy) If yes, please indicate these.
    3. 3. If your response to Q2 is yes, please state whether it matters if, the users are residents using it within their jurisdiction and/or using it outside their jurisdiction; and/or it is a “B2B” (business to business) rather than “B2C” (business to end consumer) service. In each case, please summarise any implications (if applicable). 
    4. 4. Do any particular features, such as location tracking, or monitoring real-time information, trigger any additional consent requirement, regulatory approval, and/or other restrictions beyond the general ones applicable to Q1/Q2?
    5. 5. In the context of physicians relying on digital health apps (containing software), whether for in-person or via telemedicine consultations, are there circumstances where the physicians’ liability can be limited or transferred to the producer of the software contained in the app, or of the final product/app itself, when a fault or inaccuracy with the software (rather than the physicians’ error) occurs, leading to damage (or injury)? 
    6. 6. Please describe the enforcement mechanism for compliance with regard to the regulations discussed in Q1, Q2, and/or Q4 in your jurisdiction with regard to the software contained in digital health apps. What are the legal consequences for non-compliance?
    7. 7. Are you aware of any future legal developments in your jurisdiction with regard to digital health apps/software?
  2. Telemedicine
    1. 8. How are physicians regulated in your jurisdiction (i.e., who is their Regulator; e.g., the General Medical Council in the UK)?
    2. 9. What laws and/or regulations apply to physicians regarding telemedicine?
    3. 10. Does the law in your jurisdiction regulate under what circumstances physicians can use telemedicine in order to treat patients?
    4. 11. Do the standards of care applicable to physicians change in the context of using telemedicine?
    5. 12. Are there any restrictions on the type of medicine that can be prescribed through telemedicine?
    6. 13. Are telemedicine services reimbursable under the state’s medical insurance / subsidy / coverage? 
    7. 14. Are there specific data protection regulations covering telemedicine (outside the context of using a digital health app) in your jurisdiction? If so, please summarise what they are.
    8. 15. Are you aware of any future legal developments in your jurisdiction with regard to telemedicine?
Mexico
Add jurisdiction
Choose a jurisdiction to compare with

Digital Health Apps/Software

1. How is the software within digital health apps classified in your jurisdiction, and what regulation(s) apply?

A) There are different types of digital health apps, so it depends on the app's purpose and intended use to know what regulations apply.

Suppose the app/software is an intermediary between the physicians and patients, a tool of contact for access of all persons to physicians. This kind of app is not considered a medical device. 

Because communication technologies are considered an instrument that supports health, the technology does not provide a health service per se. Therefore, the General Health Law, its Regulation, and the applicable Mexican Official Standards regulate it as a medical service.

Suppose the app/software has the purpose of using artificial intelligence, algorithms, data analysis, or other tools to generate or assist a medical diagnosis or treatment. In that case, it can be considered a medical device regulated by the General Health Law and the Regulation of Health Supplies.

B) In Mexico, when the software in the form of digital health apps is considered a “product,” it can be attached to i) Civil liability under Federal Civil Code and can be subject to a civil lawsuit if a person suffers a personal or property damage; ii) Commercial liability under Federal Consumer Protection Law; iii) Administrative liability under health laws and regulations mentioned above, and iv) Criminal liability under the Federal Penal Code.

C) Regarding Civil liability, it is only necessary to evaluate if the product or service directly relates to the damage suffered by the person to prove liability. Therefore, exclusion or exemption must be established (e.g., not following the indications of use).

In Mexico there are various legal regimes that govern digital health software, such as the already mentioned Civil Federal Code, Mexican Federal Consumer Protection Law, Data Protection Law, Mexican Code of Commerce, and several Mexican Official Standards.

On December 21, 2015, the Project of Mexican Official Standard PROY-NOM-036-SSA3-2015, for the regulation of remote medical care, was published for public consultation. However, from the consultation with health specialists, determined that the use of technology as a support tool and support for medicine should be seen as an activity integrated to clinical practice and not as an additional activity, therefore it should not be regulated separately from current medical procedures.

3. If your response to Q2 is yes, please state whether it matters if, the users are residents using it within their jurisdiction and/or using it outside their jurisdiction; and/or it is a “B2B” (business to business) rather than “B2C” (business to end consumer) service. In each case, please summarise any implications (if applicable). 

  1. It depends, the Mexican Federal Consumer Protection Law will not be applicable if the user is in another jurisdiction, because the user is not a consumer in Mexican territory. The Data Prtotection Law will be applicable under all circumstances if the company that owns the App/Software is of Mexican nationality. And the Mexican Code of Commerce regulates the e-commerce only in the Mexican territory.
  2. If it is a “B2B” service, the applicable law is the Mexican Code of Commerce, if if it is a “B2C” service the applicable laws are the Federal Consumer Protection Law and the Federal Civil Code.

The Mexican Data Protection regulation requires the user’s express acceptance, which may be made in writing and through handwritten signature or by electronic means.

5. In the context of physicians relying on digital health apps (containing software), whether for in-person or via telemedicine consultations, are there circumstances where the physicians’ liability can be limited or transferred to the producer of the software contained in the app, or of the final product/app itself, when a fault or inaccuracy with the software (rather than the physicians’ error) occurs, leading to damage (or injury)? 

There are mechanisms to limit this liability, such as the drafting of the corresponding Data Privacy Policy, Terms and Conditions and Instructions for Use. 

The mechanism for compliance depends on the type of liability:

  1. Civil liability by a civil lawsuit in case a person suffers a personal or property damage. If the damage is proved the judge can issue a quantifiable sentence as repair of the damage.
  2. Administrative liability is regulated by the General Health Law and the Regulation of Health Supplies, through the health authority’s inspection visit to facilities, media surveillance and public actions filed by patients or consumers. 
    The consequences of non-compliance range from economical penalties, disqualification, suspension of activities, closure of the establishment, seizure of merchandise, and in case of observing the actualization of a crime, filing a complaint with the public prosecutor.
  3. Commercial liability regulated on Mexico's Federal Consumer Protection Law, establish for consumers commercial claims in which Mexican authority can determine an economic penalty and/or the prohibition of commercialization of services.
  4. Data privacy regulations in Mexico establish investigation and verification procedures and the consequences of non-compliance can range from warnings to fines, which can be doubled in the case of repeat offenses, as well as criminal offenses.
  5. Criminal liability begins with an individual's complaint to the prosecutor's office, which investigates the conduct and its consequences to determine the criminal activity and whether criminal prosecution is warranted. Subsequently, if the court determines that the criminal activity is proven, the sentence may be a monetary sanction, confiscation of the instruments, objects or products of the crime, publication of the sentence or even dissolution of the company. 

As stated in Q2, in 2015 there was a project to provide a better regulation to telemedicine or remote medical services. 

Telemedicine

8. How are physicians regulated in your jurisdiction (i.e., who is their Regulator; e.g., the General Medical Council in the UK)?

The Mexican Health Ministry is the Regulator of the physicians in Mexico for general matters. For malpractice disputes the competent authority for physicians is CONAMED (National Medical Arbitration Commission).

9. What laws and/or regulations apply to physicians regarding telemedicine?

The applicable laws to physicians regarding medicine are the General Health Law and its Regulations, also, the applicable Mexican Official Standards for each kind of medical practice (e.g. oncology, cardiology, etc.).

10. Does the law in your jurisdiction regulate under what circumstances physicians can use telemedicine in order to treat patients?

  1. Given that in Mexico there is no specific regulation for telemedicine, the legal requirements are the same as the requirements  for regular medical treatment.
  2. There were no specific changes in the regulation regarding the pandemic.

11. Do the standards of care applicable to physicians change in the context of using telemedicine?

The standards of care do not change in the context of giving telemedicine.

  1. There are no special legal requirements for physicians to give disclaimers or other types of notices to patients. As long as the patient gave his consent before the service/treatment is provided.According to Mexican regulations, there are no telemedicine prescription guidelines, however, there are prescription standards in accordance with article 226 of the General Health Law and the Mexican PHARMACOPEA.
  2. There is no increase in the risk of liability for using telemedicine.

12. Are there any restrictions on the type of medicine that can be prescribed through telemedicine?

No, the regulations for prescribing medicine are the same as if the consultation was in person.

13. Are telemedicine services reimbursable under the state’s medical insurance / subsidy / coverage? 

There is no state medical insurance/subsidy/coverage to telemedicine. However, telemedicine is beginning to be tested in some Mexican local public health services, as  pilot tests for the future.

14. Are there specific data protection regulations covering telemedicine (outside the context of using a digital health app) in your jurisdiction? If so, please summarise what they are.

The data protection regulations for telemedicine are based on what type of data they are handling, in this case it is described as “sensible data”, which requires the users’ express acceptance, which may be made in writing and through handwritten signature or by electronic means

See the answer to Q7.

Authors

Show more Show less
Portrait ofMauricio Gómez Guerrero
Mauricio Gómez Guerrero
Partner
Mexico City