Has the U.S. Food and Drug Administration (FDA) opened the door to deregulation of certain software medical devices? Its recently issued Health IT Report seems to indicate so, and FDA is seeking comments on the report. Now is the time to weigh in on what FDA ultimately should do.
Federal law enacted by Congress in 2012 mandated that the FDA, in collaboration with the Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC), develop and post on their websites “a report that contains a proposed strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health information technology, including mobile medical applications, that promotes innovation, protects patient safety, and avoids regulatory duplication.” The report was issued on April 3, 2014, which was somewhat after the statutory deadline.
The proposed strategy and recommendations identify three categories of health IT functionality: 1) administrative health IT functions, 2) health management health IT functions, and 3) medical device health IT functions. According to the report, each health IT functionality category presents different public health risk levels, driving different corresponding risk controls and measures. For instance, the proposed strategy and recommendations for the health management health IT framework focuses on four priority areas: 1) promote the use of quality management principles; 2) identify, develop and adopt standards and best practices; 3) leverage conformity assessment tools; and 4) create an environment of learning and continued improvement. In addition to implementing actions to address these four priorities, the report proposes to establish a public-private Health IT Safety Center. The proposed framework favors this approach for these types of products as opposed to a formal regulatory/legal framework.
According to the report, certain lower risk clinical decision support (CDS) products can fall under the category of health management health IT functionality, even though they meet the statutory definition of a medical “device.” FDA does not intend to focus its regulatory oversight on such products under the proposed strategy and recommendations.
The report gives the following examples of CDS product functionalities that fall within this catagory: evidence-based clinician order sets tailored for a particular condition, disease, or clinician preference; drug-drug interactions and drug-allergy contraindication alerts to avert adverse drug events; most drug dosing calculations; drug formulary guidelines; reminders for preventative care (e.g., mammography, colonoscopy, immunizations, etc.); facilitation of access to treatment guidelines and other reference materials that could provide information relevant to particular patients; calculation of prediction rules and severity of illness assessments (e.g., APACHE score, AHRO Pneumonia Severity Index, Charlson Index); duplicate testing alerts; and suggestions for possible diagnoses based on patient-specific information retrieved from a patient’s electronic health record. Traditionally, products with some of these functions have been actively regulated by FDA as medical devices.
Elaborating on CDS products, the report states that they provide health care providers and patients with knowledge and patient-specific information, intelligently filtered or presented at appropriate times, to enhance health care. According to the report, because the risks of CDS are generally low compared to the potential benefits, FDA does not intend to focus its oversight on most CDS products. Instead, FDA intends to focus its oversight on a limited set of CDS products that pose higher risks to patients. The report gives the following examples of higher risk CDS functionalities: computer-aided detection/diagnostic software; remote display or notification of real-time alarms (physiological, technical, advisory) from bedside monitors; radiation treatment planning; robotic surgical planning and control; and electrocardiography analytical software.
The Health IT Report only puts forth a proposal. It does not necessarily represent where the FDA regulatory framework ultimately will end up. For interested parties with a stake in how various health management health IT products are (or are not) ultimately regulated, now is the time to act and to start influencing the process and decision-making. With ONC and FCC, FDA is holding a public workshop on the proposed strategy and recommendations May 13-15, 2014, at the National Institute of Standards and Technology in Gaithersburg, Maryland. FDA has also asked that comments on the proposed strategy and recommendations be submitted by July 7, 2014.