In talking about how these products operate, Dr. Shuren observed that HIT software applications typically do not operate as standalone devices. Instead, they are interconnected with one another into networks of varying degrees of complexity. Sounds kinda like mHealth software.
Dr. Shuren’s bottom line: while HIT software has the potential to improve patient care, given the reported safety issues, federal regulation is needed and FDA is the right agency to provide that oversight.
As to what that oversight should look like, he seemed very open to a range of possible solutions. Dr. Shuren described three different possible regulatory strategies. At the lowest level of oversight, HIT vendors could register with FDA and be required to file reports on adverse events associated with their products. In the middle tier of oversight, on top of that FDA could require compliance with its quality system regulations. These regulations operate similar to ISO standards, but can be more demanding in that they require such things as rigorous design controls. As the highest level of possible oversight, these HIT software products could be subjected to the premarket clearance or approval scheme used for other medical devices. That approval scheme is itself a tiered approach based on risk.
Just before the hearing, anticipating FDA's testimony, Sen. Grassley sent HHS Sec. Sebelius a letter asking her to explain the Department’s approach to assuring the safety of electronic health records, subsidized by the $20 billion investment in the stimulus package. He recited concerns he's heard from the public about HIT products that don't function properly, and hospital administrators and HIT vendors who turn a deaf ear to complaints. Sen. Grassley suggests FDA revisit its responsibilities in regulating HIT products.
In his letter, quoting from a 1997 article in the Journal of the American Medical Informatics Association, Sen. Grassley points out that industry groups developed a consensus approach to regulation 13 years ago. He asks what progress the Department has made in evaluating those recommendations. Those recommendations included FDA regulation of higher-risk HIT products, the adoption of industry codes to allow for self-regulation, and the use of so-called local or regional software oversight committees to provide additional protection. The article suggests these committees would be patterned after institutional review boards which monitor clinical research at hospitals and other such institutions.
Sen. Grassley, that same day, sent a letter to HIMSS, asking for the society’s position on these issues. The Senator also had sent letters earlier to hospitals and others trying to gather information. He would appear to be on an earnest campaign.
What does all that mean for mHealth?
I'll offer seven observations.