FDA Signals Change in Health IT Compliance Direction

By: Ellyn McMullin, Research Associate

Jeffrey Shuren, M.D., J.D., Director, Center for Devices & Radiological Health spoke at the public workshop “Proposed Risk-Based Regulatory Framework and Strategy for Health Information Technology.”  Dr. Shuren provided an overview of the Health IT Report released in April jointly by the Food and Drug Administration (FDA), the Office of the National Coordinator for Health Information Technology (ONC) and the Federal Communications Commission (FCC).

Jeff-ShurenAccording to Dr. Shuren, the goal of the report is to “have a health IT environment that promotes innovation, that protects patient safety, ultimately to achieve improved health and quality of life for patients and consumers. “ Health IT (HIT) encompasses an array of technologies to store, share, and analyze health information .
The report proposes a fairly limited, narrowly tailored approach to HIT compliance that relies primarily on ONC coordinated activities and leverages private sector capabilities and experience. No new regulation is included.

To get a better handle on the vast amount of data, various functions were organized into three categories of risk.

  • Minimal to no risk – Administrative functions like claims processing and billing
  • Medium risk – Health management/health IT such as medication management, order entry
  • High risk – Medical device functions like EKG software for detecting arrhythmias (the kinds of functions that FDA has traditionally regulated)

Dr. Shuren points out that “there are places where we were actively regulating that we are now saying, given changes in the environment, … we actually would stop actively regulating, moving forward.”

The framework that has been recommended in the Health IT Report applies primarily to the third category. The proposed framework has four strategic priority areas:

  • Promote the use of quality management principles
    • These can help identify, prevent, track and monitor hazard and reduce risks
  • Identify, develop and adopt standards and best practices
    • Work with stakeholders identifying what principles should be adopted
  • Leverage conformity assessment tools
    • Use a market based approach to product testing, certification and accreditation
  • Create an environment of learning and continual improvement
    • Initiate non-punitive reporting and analysis of reports to encourage feedback

“We think if this is done right, this may be fostered through a market-based approach rather than necessarily having in place regulatory requirements for getting there” commented Dr. Shuren. “The challenge we face today is there is lots of underreporting and sometimes not recognition that, if a problem arises, it may not be from the health IT product itself, but maybe how it was implemented, how it was maintained, how it was used,” he goes on to say.

According to the report, FDA is proposing the creation of a Health IT Safety Center, led by ONC, to help get this structure up and running. Dr. Shuren foresees this as a forum for sharing ideas, best practices and standards which will facilitate the steps necessary for setting up this learning environment. His vision is to have the Health IT ecosystem working collaboratively together as well as cooperation between government agencies.

Scroll to Top
Share via
Copy link