HIMSS EHRA: Health IT framework needs more 'predictability'

Electronic health records, clinical decision support systems and health IT that focuses on transmission or storage of data should not be subject to traditional device regulation, but new risk-based oversight, according to the executive committee of HIMSS Electronic Health Records Association (EHRA).

That's one of the primary suggestions that EHRA made in a recent letter to U.S. Department of Health &Human Services Secretary Kathleen Sebelius regarding draft recommendations presented by the Food and Drug Administration Safety and Innovation Act (FDASIA) workgroup and approved by ONC's Health IT Policy Committee in September. EHRA also suggested that the new risk-based framework's criteria should be applied to health IT currently regulated to identify opportunities for more effective and appropriate oversight, and that health IT with lower or low risk should not be subject to additional health IT-specific oversight or regulation.

"[W]e urge that any deliberations regarding increased oversight of HIT be conducted in ways that increase predictability and certainty for developers and providers," the executive committee stated.

EHRA agreed with the workgroup that "regulation of health information technology beyond what is currently in place is not appropriate until further analysis of data and the establishment of a risk-based framework have been completed." The association, however, did express concern about the some of the workgroup's recommendations, and suggested, among other things, that:

  • There should be a clear differentiation between most CDS and other applications with high risk, such as computer aided diagnostics
  • A weighted model for HIT risk assessment should be developed
  • Post market surveillance should be nonpunitive
  • The proposed "Class O" device classification isn't warranted

FDASIA requires the HHS secretary to report by January 2014 on a proposed risk-based strategy for developing a regulatory framework for health IT.

HIMSS President and CEO Steve Lieber and chair of the HIMSS board of directors Scott MacLean, in a similar letter to Sebelius, said that health IT products such as electronic health records and clinical decision support systems should be subject to a risk-based oversight framework that weighs factors such as "risk relative to intended use" with the intent to bring about patient safety.

To learn more:
- here's EHRA's comment letter (.pdf)