Today I learned from a story in the February 25, 2014 issue of the FierceMobileHealthcare newsletter that a bill has been put forward in the US Senate which would remove the FDA's regulatory authority over, among other things, mobile medical apps. They write, "Sens. Deb Fischer (R-Neb.) and Angus King (I-Maine) introduced the PROTECT Act of 2014 in the Senate on Feb. 10 in a legislative effort to amend the Federal Food, Drug and Cosmetic Act and to ensure that clinical and health software would not be subject to regulation." The article goes on to say that the sponsors of the bill believe that the regulatory authority over mobile medical apps should rest with the National Institute of Standards and Technology, which they describe as "the federal agency with oversight responsibility for technical standards used by clinical software...".
In opposition to this act the newsletter cites a coalition of 12 health organizations which include, the American Medical Women's Association, the Jacobs Institute of Women's Health, National Consumers League, National Physicians Alliance, National Research Center for Women & Families and the National Women's Health Network, which signed a letter to Sen. Tom Harken (D-Iowa), chairman of the Senate Committee on Health, Education, Labor and Pensions (HELP), expressing their concern.
At first blush this issue appeared to me to be simple 'turf war' where developers of mhealth apps were trying to escape the regulation of the FDA possibly to avoid the bureaucratic red tape of having even "pill reminder" apps pass a rigorous, time consuming and expensive regulatory process. The devil, as they say, is in the details. I decided to compare the arguments with the Act and see what was what.
An excerpt of the Act follows:
(2) the President and the Congress should work together to develop and enact legislation that establishes a risk-based regulatory framework for such clinical software and health software that reduces regulatory burdens, fosters innovation, and, most importantly, improves patient safety;
(3) The National Institute of Standards and Technology should be the Federal agency that has oversight over technical standards used by clinical software; and
(4) The National Institute of Standards and Technology, in collaboration with the Federal Communications Commission, the National Patient Safety Foundation, and the Office of the National Coordinator for Health Information Technology, should work on next steps, beyond current oversight efforts, regarding health information technology, such as collaborating with nongovernmental entities to develop certification processes and to promote best practice standards.
It seems rather innocuous at first. Why shouldn't NIST (National Institute of Standards and Technology) have sway over the technical standards used by clinical software? With technology changing at an ever quickening pace they might be best suited to proscribe what are the best practices especially in the areas of patient data security and integrity.
The FierceMobileHealthcare newsletter goes on to quote a portion of the letter from the Patient, Consumer and Public Health Coalition to Sen. Harkin:
"We are extremely concerned that this bill will deregulate a broad swath of medical devices that rely on software and will create opportunities for rampant 'gaming' to avoid regulation," asserts the letter. "For example, MRIs and CT scanners, or heart monitoring devices, might no longer be regulated by the FDA. This would put the health of millions of Americans at risk."
These appear to be legitimate concerns, and, whether or not the FDA is directly involved with the regulatory process, it appears to me that a regulatory entity needs to oversee the process for the public good. Can the National Patient Safety Foundation, and the Office of the National Coordinator for Health Information Technology perform that role adequately? I don't know. But the concern appears to be to be overblown given the letter of the act, excerpts of which follow:
(3) The terms 'clinical software' and 'health software' do not include software—
(A) that is intended to interpret patient-specific device data and directly diagnose a patient or user without the intervention of a health care provider;
(B) that conducts analysis of radiological or imaging data in order to provide patient-specific diagnostic and treatment advice to a health care provider;
(C) whose primary purpose is integral to the function of a drug or device; or
(D) that is a component of a device.
If the concern is truly whether MRIs or CT Scanners would be exempt under this revision—section 3 A & B clearly say no. Likewise, the software of heart monitors will stay within the purview of the FDA.
But, sometimes, the most broad-reaching arguments mask the true nature of the problem at hand. Recently I tended a local breakfast seminar discussing mhealth applications and FDA regulations. The take-away was that there is, as yet, no clear line defining what would be within the purview of the FDA and what would not. As an example even applications which did little more than warn you when:
1) a test you had administered on yourself and
2) where you had entered the results of that test into a device yourself and
3) the device then alerted you that the results you entered were out of normal bounds- Even when you had set the value for those "normal bounds" yourself
that device might be subject to FDA approval because it 'sounded an alert'.
While it may be true that the FDA has discretion over whether such devices will require approval, it is this uncertainty which may dampen development of more apps in the mHealth arena. More important than eliminating the FDA from the process would be a clear delineation of where mHealth apps may roam without government intervention.
As the mHealth marketplace grows, patients will benefit from more timely, if not continuous, information about their health empowering them to change their habits and lifestyle in real time. This can't help but improve wellness. If you could see what that first bite of cheese cake was doing to your blood sugar would you finish the slice? If you could see how each minute on the track lowered your blood sugar would you go the extra mile? To achieve this we need apps that are proven to work, connecting to devices that are compliant, transferring data that is secure. And perhaps we also need a little less protection from ourselves.