Looking Ahead to the Use of Mobile Devices and Social Media
Some of the key issues discussed in 2011 with respect to Health IT were mobile devices, data breaches, and patient privacy rights. Experts predict an upswing in mobile and social media usage with respect to healthcare data usage. How will these tools be regulated within the context of the healthcare system and the FDA?
Healthcare reform notwithstanding, the federal government has been slow to adapt. Until this year, FDA operated under a draft “Policy for the Regulation of Computer Products” that was written in 1989. In April, 21 years later, FDA observed apparently without irony that “[s]ince 1989 . . . the use of computer products and software products as medical devices has grown exponentially.”
In 1989, gas cost $1.12 a gallon. Cell phones were only a year old. Nintendo came out with the first Game Boy in 1989. Tim Berners-Lee was still two years away from announcing something he was calling the World Wide Web.
This disconnect between FDA policy and 21st century technology has not been helpful. Manufacturers struggle with outdated requirements and regulators struggle to fit this century’s technology into last century’s rules. It is like regulating hybrid vehicles as if they are Model Ts.
Now FDA is slowly catching up.
Until this year, if you marketed a medical device that managed sophisticated data such as radiographic images or heart rate information, your device would have been subject to stringent FDA requirements. Until this year, you would technically have had to prove to FDA that your data-management system device was safe, and you would have been subject to a variety of specific controls and possibly conditions for approval. Your ability to market your device might have been limited. You might have had to run clinical trials.
In April 2011, the FDA finally relaxed the rules for products designed simply to “transfer, store, convert from one format to another according to preset specifications, or display medical device data.”
FDA calls these types of products Medical Device Data Systems, or MDDS devices. To FDA, an MDDS is a device that moves medical data passively, without any processing, translation, characterization, categorization, or analysis. An example from FDA’s rulemaking is an outpatient product that collects data from a glucose meter for later review by a physician.
FDA’s new rule classifies MDDSs as Class I devices, which means they are exempt from FDA’s most onerous device regulations. The only requirements MDDS manufacturers must comply with now are FDA’s Good Manufacturing Practices (GMP) and its quality control requirements.
The MDDS rule caused a moderate degree of panic when it came out. The rule looked to many as if FDA was moving to regulate previously unregulated products, like your smartphone, your laptop, or your computer monitor. In fact, FDA’s MDDS rule loosens the rules on a category of previously very highly regulated devices. Part of the confusion was because FDA had never enforced the medical device rules against MDDS manufacturers before. And part of the confusion was because the definition of an MDDS is not easy to follow.
If your device does not qualify as an MDDS, that means one of two things. Some data-management devices that do not qualify as MDDS devices remain Class III or Class II devices, subject to FDA’s closest regulatory scrutiny. These include devices that generate medical device data, modify medical device data, change how medical data is displayed, diagnose conditions, or monitor patients. A blood pressure monitor that can send an alarm to a nurse’s station, for example, is not an MDDS, but it is still a regulated medical product.
Other data-management devices do not qualify as MDDS devices because they are not medical devices in the first place. A medical device is an “instrument, apparatus . . . [or] machine . . . including a component part, or accessory” that is designed to diagnosis, cure, mitigate, treat, or prevent disease. This means that laptops, desktops, most off-the-shelf software or hardware, thumb drives, all-purpose cameras, telephones, iPhones, iPads, Blackberrys, pagers, generic teleconferencing systems, etc., are not covered by the MDDS rule. Indeed, such products are, generally speaking, not regulated by FDA at all.