As a general rule, health information technology should not be subject to premarket regulation by the Food and Drug Administration. But there should be exceptions for high-risk products and situations.

This is according to the final recommendations for a risk-based regulatory framework for health IT adopted by the Health IT Policy Committee, a group of industry stakeholders convened to advise federal officials on a nationwide health IT infrastructure. The recommendations are now under consideration by the FDA, the Office of the National Coordinator for Health IT and the Federal Trade Commission, which are expected to release a proposed framework in January 2014 for public comment.

"Literature suggests that HIT, in the aggregate, clearly improves patient safety; and there are a lot of studies that support the benefits," said Dr. David Bates, chair of the Food and Drug Administration Safety Innovation Act (FDASIA) workgroup, which drafted the proposed regulations for the Health IT Policy Committee, in his Sept. 4 presentation to the committee. "However, the literature also includes many anecdotes that show HIT can create patient safety risks."

These anecdotes served as a backdrop to the list of exceptions the workgroup spelled out for when premarket regulations should be put in place for certain health IT systems. They included:

  • Software that serves as a medical device accessory, as defined by the FDA.
  • Systems with high-risk clinical decision support capabilities, such as computer-assisted diagnostics, as defined by the FDA.
  • Software deployed in high-risk use cases in which intended use of the software increases aggregate risks.

Using these guidelines, Bates said systems that would most likely be subject to regulation include electronic health record systems, decision support tools, health data exchange software and visualization tools for anatomic, tissue images, medical imaging and waveforms. Robotic patient care assistants and templating software tools for digital imaging and surgical planning could also be subject to federal oversight, he said.

Systems that would likely not be subject to regulation include claims software, practice management systems and general purpose communications tools, according to the proposed recommendations.

Other recommendations made in the report included requiring health IT vendors to list products that represent some level of risk if a "nonburdensome approach can be identified to do so." The report also called for better post-market surveillance of health IT including self-reporting from users and vendors, and testing to ensure safety-related decision support tools are in place.

The report also called on the FDA to expedite the publishing of guidance for health IT software and mobile app developers.

Since the FDA published its first draft of medical mobile app guidance in 2011, there have been numerous calls for it to finalize that document. Medical mobile app developers want guidelines that will help them determine which products may face lengthy and costly regulatory approval from the FDA.

It appeared the FDA was nearing the completion of those guidelines in June. But a coalition of 129 medical societies and companies sent a letter to the Department of Health and Human Services, the FDA, ONC and the FCC asking that the publication of all federal guidance documents pertaining to health IT be put on hold until after the FDASIA completed its work.

Many in the industry criticized the request for delay, claiming it was stifling innovation as app developers put their plans on hold while they waited for FDA guidance. Among those opposed to a delay was Bradley Merrill Thompson, a Washington D.C.-based attorney with the law firm Epstein Becker Green, and a member of the FDASIA workgroup. He published an Aug. 27 blog post on the industry news site MobiHealthNews.com in which he wrote the mobile medical app guidance was "being held hostage purely for political reasons."

"Given the content of the FDA guidance, why on earth should the agency wait to publish it until after the FDASIA process is completed?" Thompson wrote. "The two topics bear almost no relationship. In this working group, we have never even discussed the need for FDA to change its approach to the MMA guidance."