The long road toward creating a new health-information technology regulatory system passed another milestone at the stroke of midnight July 7, as comments closed for the administration's proposed new framework for overseeing the sector. The comments revealed some surprising positions on the issue, including criticisms from groups that might have been expected to support the regulations.
The U.S. Food and Drug Administration, the Office of the National Coordinator for Health Information Technology, and the Federal Communications Commission have proposed a system that splits health IT functionalities into three categories: low-, medium-, and high-risk, with increasing levels of scrutiny by each. The high-risk category would be overseen by the FDA, and would encompass its typical strategies of pre-market clearance and approval. The middle category, overseen by the ONC, would rely on certification and conformity, structured similarly to its meaningful-use program. The low-risk category would mostly be left on its own. …
That clarity was better served, the letter writers think, in earlier recommendations. Continua Health Alliance, the CDS Coalition and the mHealth Regulatory Coalition—including its leader Bradley Merrill Thompson—served on a workgroup convened by the FDA, ONC and FCC last summer. The workgroup provided recommendations to the three agencies about to regulate the sector.
Thompson believes the approach unveiled by the workgroup is superior to the agencies' plan. It uses criteria such as the identity of the user, as well as the disease or condition treated, to sort functionalities between categories.
Another concern arising from Thompson's groups centered on how the agencies planned to monitor products on the market. For example, what would happen if middle-risk software, which wouldn't fall under FDA supervision in the proposal, introduced unexpected harm?
"FDA does not indicate how they might react [in that situation]," the letter said. "Will these products be monitored? What would push a product from one category to another?"
Indeed, the whole process for monitoring may not work, the comments argued. One letter said, "There do not appear to be compliance or financial incentives to drive involvement [from providers or vendors,] … The agencies are failing to do the very thing industry needs most, which is to make a decision."