In 2012 The Wall Street Journal published a story that quoted a big medical device company spokesperson explaining that they couldn't provide patients the medical device data gathered by implanted devices inside their own bodies because regulators wouldn't allow it.
Data liberation advocate Hugo Campos has been one of the most outspoken people working to change the way medical device makers approach patient access to medical device data. In 2013 he first publicly drew the attention of Medtronic's CEO thanks to a high-profile exchange on Twitter. And last year he was among a group of patients that successfully won a multi-year exemption to laws protecting this kind of medical device data under copyright law.
The conversation around patient access to medical device data has had a few twists and turns in the past four years but it wasn't until this week that the FDA offered up a draft guidance document designed to help medical device makers better understand how the agency thinks about patient access.
"Although not generally required under the Federal Food, Drug, and Cosmetic Act (FD&C Act), manufacturers may share patient-specific information (recorded, stored, processed, retrieved, and/or derived from a legally marketed medical device, consistent with the intended use of that medical device) with patients at the patient’s request, without obtaining additional premarket review before doing so," the FDA writes in its draft guidance document.
The FDA explains that while patients can often access their device data through their providers, patients may also contact a device manufacturer directly to "request access to their patient-specific information".
"[HIPAA] and the associated HIPAA Privacy Rule... mandated the adoption of federal privacy protections for individually identifiable health information. These protections are intended to prevent manufacturers from sharing this information with covered entities (e.g., health plans, healthcare providers that electronically transmit health information) without the patient’s consent," the FDA writes. "However, these protections are not intended to prevent a device manufacturer from sharing patient-specific information with the affected patient."
While the FDA's guidance document encourages device makers to share data with patients, it also suggests these companies take into consideration the best way to share this information "to ensure it is useable by patients and to avoid the disclosure of confusing or unclear information that could be misinterpreted," the document reads.
"These considerations relate to the content of information provided, the context in which patient information from medical devices should be understood, and the need for access to additional, follow-up information from the manufacturer or a healthcare provider."