Initial health IT framework proposal: A mixed bag

The proposed strategy and recommendations for a health IT risk-based framework are being viewed both postively and negatively for the mHealth industry, getting kudos for its international collaboration aspect and 'light touch' regarding Food and Drug Administration oversight.

But the framework is also being criticized for lacking specifics on regulating standalone software and determining where mobile apps fit into the FDA's definition of medical devices.

That's early industry feedback on a 34-page draft report issued by the Department of Health & Human Services (HHS) late last week. The report was developed by the FDA, the Office of the National Coordinator for Health IT (ONC) and the Federal Communications Commission (FCC).

The report's proposed strategy identifies three categories of health IT: administrative health IT functions; health management health IT functions and medical device health IT functions. Risk and corresponding controls, the report's authors said, should focus on the functionality of health information technology, as opposed to the platforms on which that functionality lives.

"The proposed document seems to be a bit of a mixed bag. It identifies some of the important factors that should be used in classifying software, but does so in an incredibly complex manner that is difficult to apply," Bradley Merrill Thompson (pictured right), counsel for the mHealth Regulatory Coalition and general counsel for the Clinical Decision Support Coalition, told FierceMobileHealthcare. He noted his observations are not official remarks reflecting the coalition's feedback.

"At a high level, I think the agency did an excellent job of following the recommendations of the working group," he said.

In an announcement on the report, HHS Secretary Kathleen Sebelius stated "This proposed strategy is designed to promote innovation and provide technology to consumers and health care providers while maintaining patient safety."

But Thompson believes greater clarification and specifics are needed. He feels encouraged that the draft proposes discretionary enforcement of apps but said it doesn't tackle a top industry concern--the scope of what should be regulated.

"It is really not tackling the most controversial issue here: which is the scope of what standalone software regulators should regulate," he said, adding the draft also does not clearly identify what constitutes a software as a medical device.

"Unfortunately it's just a structured, high -evel definition--it's not guidance like FDA provided for mobile medical apps, in which it spent 20-some pages explaining the nuances of which apps qualify as a medical device and which do not. The International Medical Device Regulators Forum [within the FDA] simply did not take on that challenge," he said, noting the propose guidance document also "completely omits, as a factor to be considered, the degree of dependency of the user on the software."

The FDA has set a 60-day public comment timeframe until and plans to hold a public meeting to gather feedback as well.

"We can now start in earnest a discussion of next steps," Thompson said.

For more information:
- read the report

Related Articles:
MRC to Congress: Don't pass legislation, wait for FDASIA report
Senate bill undermines FDA regulatory role
Debate on mobile app regulatory oversight heats up
SOFTWARE Act gets mixed response from industry
Final FDA guidance provides clarification and confusion