The reason for us is unclear is because the published rules for this Challenge contradict each other. The app is required to capture Personal Healthcare Information ("PHI") but forbidden to capture Personally Identifiable Information ("PII").
It is certainly possible to create a mobile or web app that just provides information, but doesn't interact with users - but what's the point? There are zillions of those already.
It seems from the Challenge description that SAMHSA's goal is to encourage us to create something that actively engages people in recovery through MAT - which requires back end servers that need some sort of contact mechanism (even for things as basic as password retrieval, or when they get a new phone).
Thank you for your questions, Drew and Jonathan. The published rules do not contradict each other. They state:
(v) Applications must not collect or store personally identifiable information (PII) or protected health information (PHI) as defined in 45 CFR 160.103.
(vi) Applications must not collect or require input of end user email addresses within the Application.
Yes, SAMHSA is encouraging developers to create something that actively engages individuals in recovery who are receiving MAT, but are not requiring back-end servers that need some sort of contact mechanism.
Thank you for your participation in the challenge.