Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views REGULATORY WEAKNESSES A report of the typist for the Regulation Subgroup (i.e. no one has seen or approved this) Draft 07/01/13
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Coordination This is the point at which we need to truly start integrating the work products of the subgroups. We need to look at the safety issues and assess whether they are addressed We need to consider the elements of innovation that need to be protected and describe regulatory features that protect them This is also the point at which we need to make sure we do not duplicate each other’s work.
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Process over the next week Discussion of the Regulations Subgroup over the next week: 1. Are the three regulatory systems – ONC, FCC and FDA – deficient in any way with regard to how HIT is regulated? (July 1, except reporting which will be on July 3) 2. Are there ambiguities in the three regulatory systems that need to be clarified so that HIT vendors and others can proceed more easily to innovate? (July 3) 3. Do any of the three regulatory systems duplicate one another, or any other legal, regulatory or industry requirement? (July 3) 4. Is there a better way to assure that innovation is permitted to bloom, while safety is assured? (July 8)
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Started by Examining the work of the Safety & Innovations Subgroup Safety grid Innovation features Held 5 sessions on— FDA regulation ONC regulation FCC regulation Other federal and state regulation and private efforts
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Questions considered on July 1 For FDA, FCC and ONC, identify regulatory requirements that: 1. Are broader or more onerous than need to be to assure the safety of HIT 2. Fail to be risk-based, for example by either failing to utilizing available mitigation or failing to identify appropriate risk aggravating circumstances. 3. Are insufficient in some specific way to assure the safety of HIT 4. Unnecessarily interfere with some specific needed feature of innovation 5. Miss or omit a sensible opportunity to promote innovation
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views FDA issues where attention needed ItemIssue: A or B Description of challenge Wellness/diseas e borderline A & BFDA needs to explain how to discern disease related claims from wellness, and needs to deregulate low risk disease related claims Accessory issues A & BFDA needs to explain its position on which basic IT elements are regulated when connected to a medical device, and deregulate or down-regulate those that are low risk CDS softwareAFDA needs to explain which forms of clinical decision support software it regulates Software modularization AFDA needs to specify its rules for deciding the regulatory status of software modules either incorporated into a medical device, or accessed by a medical device A = Ambiguous and B = Broken at the written law level
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views FDA issues where attention needed ItemIssue: A or B Description of challenge Labeling issuesAFDA needs to explain how the concept of intended use will be applied to standalone software where the use might evolve over time, perhaps using risk management and postmarket surveillance to manage the risks associated with the evolution in the intended use QS application to standalone software AFDA needs to explain how the quality system requirements and facility registration apply to manufacturing of standalone software Premarket requirements for interoperable devices AFDA needs to adopt a paradigm for reviewing software that is intended to be part of a larger, but unspecified Postmarket requirements for networks A & BResponsibilities for reporting adverse events and conducting corrective actions can be clarified, but also likely need a new approach that reflects shared responsibility across users, producers, and across regulatory agencies A = Ambiguous and B = Broken at the written law level
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views FDA Program Administration Apart from those regulatory issues, the subgroup has also identified an issue with how the agency administers the law. There is presently a weakness in the agency coordination of policymaking with regard to HIT software, and especially including mobile medical apps. This weakness includes: inconsistencies in information shared with individual companies, and unclear guidance more generally, including the lack of a final guidance on mobile medical apps.
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views ONC issues where attention needed ItemIssue: A or B Description of challenge Mandatory elements BONC program does not include capability in law enforcement, nor its programs framed with mandates where necessary Assurance of Safe Configuration ASafety depends on appropriate post-installation configuration. No means to educate or require compliance with documented and evolving best practices Coverage of interoperability issues* *could be inter- agency ONC/FDA/FCC BUnclear and incomplete responsibility. Assumption that ONC does regulate HIT/medical device interface and FDA regulates med device/med device interface. But same med device (e.g. infusion pump) could be installed in either configuration. Which agency would receive report of “pump-server-HIT equipment-wireless infrastructure-EHR” related adverse event? Who is responsible for resolving? A = Ambiguous and B = Broken at the written law level
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views FCC issues where attention needed ItemIssue: A or B Description of challenge Linkage to FDA reporting BFCC and FDA have not merged their reporting processes in a way that allows for transparent analysis (also see gaps slide below) Linkage to FDA review BFCC and FDA do not coordinate their review processes (equipment authorization program and premarket review) to ensure they are consistent Linkage to FDA: Conformity Assessment AIncomplete/missing clinically focused wireless conformity assessment tools that would facilitate safety and co-existence analysis Post-installation Surveillance ASpectrum management and identification, diagnosing, and resolving wireless co-existence/EMC problems that affect HIT and medical device performance (in healthcare facilities and mHealth environments) A = Ambiguous and B = Broken at the written law level
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Bigger Picture Whether collectively the regulatory scheme in totality: 1. Fails to address some particular safety risk 2. Is too costly in relation to the risks it is designed to reduce 3. Is demonstrably too burdensome on innovation, apart from imposing costs We agreed not to get into politics or philosophy but instead stick to evidence driven policy.
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Gaps where attention needed ItemDescription of challenge Reporting of safety issues The need to aggregate data across all three agencies to understand what the data are really telling us A = Ambiguous and B = Broken at the written law level
Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views Next step Wednesday call will be a deep dive into reporting and the prioritization of the ambiguities that need clarification