Three federal agencies have issued a draft report outlining how they may approach the regulation of any and all health information technology, from billing software and radiation therapy dosing software to mobile apps and interoperability and functionality of electronic health records.
Initially, the agencies aren’t proposing any major changes to current regulation. Instead, they’re seeking more public comment on the report – both in writing and at a public meeting slated for May – before issuing any new policies or regulations, said Dr. Jeffrey E. Shuren, director of the Center for Devices and Radiological Health at the Food and Drug Administration, in a media briefing.
Overall, the approach is, "We are first asking, ‘What is the product intended to do?’ instead of, ‘What is the product’s platform?’ " said Dr. Shuren. "Also, we are asking, ‘What is the risk to patients?’ "
The FDA is one of the three main agencies charged with overseeing health information technology (IT); the others are the U.S. Department of Health & Human Services Office of the National Coordinator for Health Information Technology (ONC), and the Federal Communications Commission (FCC).
"The diverse and rapidly developing industry of health information technology requires a thoughtful, flexible approach," said HHS Secretary Kathleen Sebelius in a statement. "This proposed strategy is designed to promote innovation and provide technology to consumers and health care providers while maintaining patient safety."
Congress required the health IT report as part of the Food and Drug Administration Safety and Innovation Act (FDASIA), which became law in July 2012. It is the amalgamation of input from a 28-stakeholder workgroup that held 30 public meetings, as well as public comment on the recommendations the group issued in September.
Though not the report’s main focus, interoperability of electronic health records (EHRs) will be one focus of health IT policy going forward. The "health IT framework should promote interoperability and electronic information sharing between health IT products and across organizational boundaries," according to the report.
The three-agency framework will complement other efforts at the ONC to encourage more interoperability, Jodi G. Daniel, director of the ONC’s office of planning and policy, said during the briefing. The FDA and the ONC are looking for organizations that will be willing to test the interoperability of EHRs, Dr. Shuren added.
Overall, the agencies are recommending that health IT be separated into three categories for regulatory purposes:
• Administrative health IT, which would include billing and claims processing, practice and inventory management, and scheduling programs, which are believed to pose limited or no risk to patient safety. This category would not require any oversight beyond what’s currently in place.
• Health management health IT, which would include health information and data management; data capture and encounter documentation; electronic access to clinical results; most clinical decision support; medication management (electronic medication administration records); electronic communication and coordination (provider to patient, patient to provider, provider to provider, etc.); provider order entry; knowledge (clinical evidence) management; and, patient identification and matching. The safety risks of these types of tools are thought to be low, compared with the potential benefits.
The ONC is going to be taking a closer look at this type of health IT. To mitigate any potential risk involved with these products, the ONC will promote the use of quality management principles; identify, develop, and adopt standards and best practices; leverage conformity assessment tools; and create an environment of learning and continual improvement.
• Medical device health IT functions, which include computer-aided detection/diagnostic software, radiation treatment planning, and robotic surgical planning and control software. Both the ONC and the FCC have some involvement already in regulation of these products, such as ensuring interoperability between a device and an EHR (ONC), and use of the wireless spectrum (FCC).
The FDA currently regulates many of these products, such as electrocardiography analytical software. The report suggests that the FDA should continue that oversight, but the agency also should work to clarify its policies on the distinction between wellness and disease-related claims, medical device accessories, medical device clinical decision support software, and mobile medical apps.
The three agencies also said that they would develop a Health IT Safety Center, a public-private entity that would convene stakeholders to work on best practices and provide a forum for the exchange of ideas and information focused on patient safety.
The report "is a proposed strategy," said Dr. Shuren, adding that it is "not a final framework."
He said it’s not clear when or if any of the agencies would issue any new regulations, but that the approach would likely evolve with the public’s input.