By: Bakul Patel
Health information technology (IT) offers many benefits to the American people and health care providers. Health IT products, technologies and services can prevent medical errors, improve efficiency and health care quality, reduce costs and increase consumer engagement. They also can help with identification of, and quick response to, public health threats, and further health research. But while health IT benefits are far-reaching, technology can bring risks to patients if not designed, developed, implemented, or maintained properly.
I’m glad to share that FDA, along with the Office of the National Coordinator for Health Information Technology (ONC), and the Federal Communications Commission (FCC), has recently released a report outlining our proposed framework for health IT. This report fulfills the Food and Drug Administration Safety and Innovation Act of 2012 (FDASIA) requirement that we develop a proposed strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health IT that promotes innovation, protects patient safety and avoids regulatory duplication.
We’ve developed a proposed framework that fulfills this requirement and would allow Americans to reap the benefits of health IT. This is a growing field with many benefits. For example, electronic health records allow providers to access accurate patient data. And computer-aided detection software can analyze an electrocardiogram (EKG) signal and help determine if a person is having a heart attack, helping providers give timely treatment.
In health IT, the best approach is a risk-based approach. We believe risk assessment should primarily focus on the function of the health IT product, not its platform. So we’ve identified three categories of health IT. The first is administrative and relates to functions such as billing and scheduling. This area has minimal risks for patient safety and does not require additional oversight.
The second relates to health management functions, including provider order entry, electronic communication and patient identification. In this category, we’ve identified four priority areas that can be scaled and applied throughout the health IT product lifecycle:
- Promote the use of quality management principles;
- Identify, develop, and adopt standards and best practices;
- Leverage conformity assessment tools; and
- Create an environment of learning and continual improvement.
Since safety risks for products in the health management category are sufficiently low, even if a technology in this category meets the definition of a medical device, FDA does not intend to focus oversight on it. Rather, FDA intends to focus our attention on the third category, which relates to medical device functions, such as computer-aided detection software and radiation treatment software. Such products are already FDA’s focus because they generally pose greater risk to patients than the products in the other two categories.
We’re not recommending that new areas of FDA oversight are needed.
Along with ONC and FCC, we will continue to develop this framework through public engagement, especially in fostering the further development of a quality-focused culture for health IT. We do not believe that regulation should be, or needs to be, the first approach used to reach this outcome. The agencies are holding a three day public workshop on May 13, 14, and 15 at the National Institute of Standards and Technology to discuss the framework and its components. We encourage consumers, providers, and health care organizations to register for the workshop and to submit comments. Health IT has brought, and continues to bring, many benefits and we are looking forward to engaging with you on this important topic.
Bakul Patel is senior policy advisor in FDA’s Center for Devices and Radiological Health.
For more information please visit these Web links:
Public Workshop – Proposed Risk-Based Regulatory Framework and Strategy for Health Information Technology, May 13-15, 2014