Hackers Outsmart Pacemakers, Fitbits: Worried Yet?

Two US senators want to give health IT software developers an easier path to consumers by turning the Food and Drug Administration's guidelines into a statute and moving oversight of these apps over to the National Institute of Standards and Technology (NIST).

The move would protect jobs, cut regulatory burdens, and allow the FDA to focus its limited resources on technologies and devices that need the department's scrutiny, the lawmakers say.

Under the Preventing Regulatory Overreach To Enhance Care Technology (PROTECT) Act of 2014, the FDA would no longer oversee "low risk health-IT" solutions such as electronic health records, scheduling software, and fitness apps, according to sponsors Sen. Angus King (I-Maine) and Sen. Deb Fischer (R-Neb.). The act also would eliminate a 2.3% medical device tax from EHRs, scheduling software, and wellness apps. The healthcare app market will reach $26 billion by 2017 and the mobile app market accounts for almost 500,000 jobs, the senators said.

[Is ObamaCare good for IT? Read 3 Ways Affordable Care Act Can Empower Health IT. ] 

"Not only is Health IT one of the most innovative and rapidly growing fields of technology in the country, but it's also fundamentally transforming the way we think about health care," said King in a statement. "As these technologies develop, it's critical to implement a clear, risk-based framework that would protect patient health and ensure that FDA rules are appropriately targeted to support and not stifle innovation. The PROTECT Act would provide important regulatory clarity that will safeguard patient safety, make the health care sector more efficient, and allow businesses across Maine and the nation to continue developing groundbreaking ideas."

The FDA regulates vaccines, drugs, and medical devices. In this age of mobile apps, 3D printing, and Internet of Things (IoT), the term "medical devices" has undergone a transformation and that goes to the heart of the PROTECT Act of 2014 -- and its October 2013 predecessor in the House of Representatives, the SOFTWARE Act.

{survey 38}

In its final guidance on these apps, the FDA decided it would focus only on two types of apps. One is apps that "are intended to be used as an accessory to a regulated medical device," such as an app that lets a medical professional make a diagnosis by reviewing a medical image on a smartphone or tablet. The other is apps that "transform a mobile device into a regulated medical device," such as an app that turns a smartphone into an electrocardiography (ECG) machine. Each review takes about 60 days, wrote Christy Foreman, director, Office of Device Evaluation at the FDA's Center for Devices and Radiological Health, in a blog. Over the past decade, the center has reviewed about 100 health IT apps, she said.

That number will climb, argue PROTECT Act sponsors and supporters. Decreasing regulation -- and turning over what's left to a government organization well versed in working with software developers -- will streamline the process, allowing more ISVs and vendors to participate, hire more employees, pay more taxes, and extend the capabilities of this market, advocates say.

"Federal overregulation is one of the key challenges holding back entrepreneurs and job creators in Nebraska and across the country," said Fischer. "While economic growth remains sluggish, it's critical we prevent these costly and time-consuming bureaucratic hurdles from hurting one of the fastest growing sectors of our economy -- technology. The PROTECT Act increases regulatory efficiency over health IT to promote innovation, expand consumer access to information, and improve patient safety."

To date, IBM, AthenaHealth, the Software & Information Industry Association, the Newborn Coalition, and McKesson have voiced approval for the act.

"The current regulatory framework was largely developed before the rise of today's sophisticated information technologies, and it focuses on traditional discrete devices manufactured at a single site and physically shipped to distributors and users," said SIIA President Ken Wasch, in a blog. "With the rise of networked ecosystems and sophisticated software, this paradigm does not encourage today's innovations, let alone tomorrow's. Further, clarity is needed to encourage innovation and enables life-saving technologies to be brought to market in a timely manner."

He continued, "Fortunately, patient safety and product innovation are not mutually exclusive. SIIA supports the PROTECT Act because it takes necessary steps to establish a regulatory framework that provides for innovation without compromising safety. If enacted, the PROTECT Act will enable IT products and services to revolutionize health outcomes and lower costs for patients and providers."

Sen. Marco Rubio (R-Fla.) is an original co-sponsor of the act.

Biosense Technologies' uChek was one of the earliest health IT apps to fall under the FDA's scrutiny -- and fail. The Indian developer created a urinalysis app and "portable lab" that analyzes a user's urine for health problems such as diabetes. Biosense launched an Indiegogo campaign to raise funds and recruit users who will share their health data to meet the FDA's requirements.

Medical data breaches seem to show up on the 6 o'clock news almost every week. If you think it wouldn't happen to you -- or the financial impact will be minor -- think again. Download the Healthcare Data Breaches Cost More Than You Think report today. (Free registration required.)