The health information technology industry is gearing up for a fight against federal safety regulations according to a new report from The Boston Globe. In the coming months, the Obama administration plans to release recommendations regarding the regulation of health care information technology systems At issue is whether the systems should be considered medical devices and, therefore, regulated by the Food and Drug Administration just as a cardiac stent or a pacemaker is regulated. See our past coverage of health information technology issues here.
On one hand, supporters of FDA regulation say digital-records systems sometimes contribute to prescribing errors and other patient mix-ups that can have dangerous, even fatal, consequences. Bad or missing data in a patient's computer record, for example, can lead to catastrophic medication errors. However, the health-care industry, including many top hospitals and manufacturers of the systems that manage digital records, wants looser regulation. The industry says that submitting to FDA safety reviews would slow the pace of innovation and make software upgrades difficult.
As reported, before the administration releases its recommendations, the digital-records industry and a group of sympathetic lawmakers in Congress are launching a pre-emptive strike, pushing legislation that would strip the FDA of its authority to regulate the software systems.
"Right now, the FDA has the authority to regulate all of health IT. They say they exercise discretion to pick and choose which technologies they regulate," said Dan Haley, vice president for government and regulatory affairs for athenahealth, a health-information business based in Watertown, Mass., that is among companies leading the charge.
"From our perspective, that is just not a tenable state of affairs."
Sen. Angus King, I-Maine, recently introduced legislation with Sen. Deb Fischer, R-Neb., that would take away the FDA's oversight of health and clinical software. A House bill, supported by Rep. Niki Tsongas, D-Mass., also is pending.
The Preventing Regulatory Overreach To Enhance Care Technology (PROTECT) Act of 2014 seeks to develop a more specific regulatory framework for health IT that promotes innovation and job creation while protecting patient safety, say the bill's sponsors.
Specifically, the proposed law sets its sights on Food and Drug Administration, which under current law can use its definition of a medical device to impose broad regulatory authority over a wide array of "low-risk health IT" such as electronic health records, scheduling software and wellness apps. The PROTECT Act seeks to bring clarity to FDA's regulatory process, ensuring that it focuses on products that pose a legitimate risk to human health.
The legislation also would prevent health-care software companies from being subject to the 2.3 percent tax charged to medical-device companies as part of federal health-care reform. That tax went into effect last year but does not apply to digital medical records.
Supporters of the legislation include Partners HealthCare, the parent company of Harvard teaching hospitals and affiliated medical groups, which is spending $1 billion to upgrade its digital health-records systems.
"Federal overregulation is one of the key challenges holding back entrepreneurs and job creators in Nebraska and across the country," said Fischer. "While economic growth remains sluggish, it's critical we prevent these costly and time-consuming bureaucratic hurdles from hurting one of the fastest growing sectors of our economy – technology. The PROTECT Act increases regulatory efficiency over health IT to promote innovation, expand consumer access to information, and improve patient safety. Current law is in desperate need of a make-over, and I'm pleased to work with Senator King on this commonsense solution."
"Not only is Health IT one of the most innovative and rapidly growing fields of technology in the country, but it's also fundamentally transforming the way we think about health care," said King. "As these technologies develop, it's critical to implement a clear, risk-based framework that would protect patient health and ensure that FDA rules are appropriately targeted to support and not stifle innovation. The PROTECT Act would provide important regulatory clarity that will safeguard patient safety, make the health care sector more efficient, and allow businesses across Maine and the nation to continue developing groundbreaking ideas. Having a well-defined, risk-based framework will serve to promote the continued success of health IT, and I'm pleased to join Senator Fischer in introducing this bill."
U.S. Senator Marco Rubio (R-Fla.) is an original cosponsor of the legislation. The PROTECT Act is supported by IBM, Verizon, athenahealth, Software & Information Industry Association, Newborn Coalition, and McKesson.
Similar legislation addressing health software, the SOFTWARE Act (H.R. 3303), was introduced in the House of Representatives by Rep. Marsha Blackburn (R-Tenn.) in October. Blackburn released the following statement applauding the introduction of Fischer and King's legislation:
"I am pleased that Senators Fischer and King are joining our bipartisan House effort to address this issue head on and promote the innovation of these low-risk health technologies," said Blackburn. "It is imperative that we work to encourage the continued development of new technologies to improve healthcare and create new jobs without added regulatory burdens that would place disincentives on private sector innovation."
In 2013, physicians and hospitals in the United States spent $36.2 million on health-care information technology, including digital medical records. That was a 9 percent increase from 2011, according to Gartner, an information-technology research and advisory company based in Stamford, Conn.
As pointed out in The Boston Globe story, critics say that increased public investment in the evolving medical-records frontier should come with more accountability. And little is known about how frequently patients are harmed because of errors relating to these systems. Companies typically require hospitals to sign clauses that prevent them from sharing information when something goes wrong, according to a federal study. Some incidents are voluntarily reported to the FDA, but most criticism is based on anecdotes: doctors putting in orders for the wrong patients; computer screens displaying the wrong dates for medical tests, resulting in mistreatment; missing vital signs on a patient with kidney failure, ending in death.
A 2011 report, written by the nonprofit Institute of Medicine and commissioned by the government, warned that poorly designed digital records could create hazards.
"Because the private sector has not taken substantive action on its own," the report said, the Department of Health and Human Services should monitor safety and publicly report each year the progress being made. And unless the industry improves its record of safety monitoring and reporting, the Obama administration should direct the FDA to regulate digital medical records.
Dr. Richard I. Cook, a professor of health-care system safety at the Royal Institute of Technology in Stockholm and a co-writer of the report, criticized his committee's recommendations as not going far enough.
"The recommendations were very tame, very mild, but even those were too much for the manufacturers," Cook said. "So now we're in a situation where they are trying to set themselves aside and essentially fall outside of FDA regulation, to allow the software to be made more quickly, more profitably."
Ross Koppel, a sociologist at the University of Pennsylvania who examines the effect of health-care information technology on medication errors, criticized the legislation being proposed as "an attempt to allow vendors to be irresponsible and bear no consequences."
The digital health records are not always easy to use and can require doctors to toggle between computer screens to find basic information, such as patient allergies and medications, Koppel said.
The industry asserts that excessive regulation of software changes, for instance, could hinder the continuous updates that are required to fix bugs.
"That would essentially kill the way we do business and kill our ability to continually improve our product for doctors and patients," said athenahealth's Haley.
Scott MacLean, deputy chief information officer at Partners HealthCare in Boston, said the increased reliance on electronic medical records warrants scrutiny for errors, but the industry — not the FDA — is best positioned to police itself.
"The last thing I would want to do is roll something out that our clinicians would not trust," MacLean said.
He agreed there should be some oversight, just not to the same degree as there is of medical devices traditionally regulated by the FDA.
As board chairman of the Healthcare Information and Management Systems Society, the industry's trade association and lobbying arm, MacLean co-wrote a letter to Health and Human Services Secretary Kathleen Sebelius in November in an effort to influence the agency's pending guidelines.
"It's a somewhat adversarial environment, having to respond to FDA guidance all the time," said Joe Ganley, director of state government affairs at McKesson Corp., a San Francisco health-technology company.