FDA weighs policing electronic patient record
FDA weighs policing electronic patient record
New regs could outlaw your records software
The software program that runs your electronic patient record and billing system could soon become illegal. The U.S. Food and Drug Administration (FDA) is mulling whether to create regulatory standards for patient information software, a move that would impose a federal approval process on all computerized medical record programs and financial systems currently in use at hospitals.
All software that is not part of a medical device but runs systems that contain patient-related information would be affected, such as electronic medical records, and potentially, electronic clinical pathways. The standards also would extend to claims processing programs and applications that enable physicians to prescribe, order, or implement services that affect treatment and outcomes.
Facilities that are not in compliance would have to alter their existing programs to comply with the proposed standards or replace them with federally approved commercial software, even if a provider’s existing system is similar or identical, says Carla Smith, executive director of the Center for Healthcare Information Management (CHIM) in Ann Arbor, MI. Providers also may have to submit to regular quality assurance audits and periodic reviews conducted by the FDA.
Although the regulations would primarily target commercially developed software, some worry that the regulations also might affect software developed within hospitals to meet their own information needs. Because hundreds of hospitals have developed such in-house programs, FDA officials suggest there may be a need for oversight.
Currently, however, the FDA exempts from regulation any software developed within a physician practice, says Ed Larsen, a Chicago-based consultant to CHIM. "That software wasn’t prepared for interstate commerce and the other things that authorize the FDA to investigate," says Larsen. "In other words, the FDA doesn’t regulate what doctors do with medical devices. By extension, a hospital is probably in that category. So it’s unlikely, unless the hospital was part of a commercial chain or was trying to sell the software or was trying to provide it beyond its own institution, that it would be regulated."
For its part, the FDA has not yet decided whether to exempt hospital-developed software, says Harvey Rudolph, deputy director of the office of science and technology at the FDA and a key player in developing the new regulations. "One of the cuts we’re going to have to make is, Can we extend this to hospitals? That decision hasn’t been made yet, but that’s what we would like to do."
Is software a medical device?
The FDA broached the subject of regulating stand-alone software in meetings with vendors last September, and is continuing talks to determine whether to draft new oversight regulations or place the programs under the existing Safe Medical Devices Act of 1990.
In fact, the agency is weighing whether to identify software as a medical device. Current law applies only to "embedded" or "accessory" software. Embedded software is contained within a medical device, such as a pacemaker. Accessory software is designed to work with a traditional medical device. "The easiest example [of accessory software] is radiation therapy planning software that actually sets the radiation therapy machine to deliver the right dose based on computer algorithms," says Larsen.
Stand-alone software, on the other hand, may not be associated with any traditional medical device. It may serve what Smith calls a "library function," merely storing clinical data for retrieval later. "The computer doesn’t change the data or make recommendations. It just shows you the information that you typed in," says Smith.
"The question is, should that be regulated, and if so, how?" says Larsen. "It would seem as though financial software, for example, clearly has nothing to do with treatment and diagnosis, but more and more it uses clinical information and so forth."
Software that supports electronic clinical pathways represents another potentially difficult issue. Harv Mayerowicz, president of Chicago-based Client Server, a company that specializes in electronic pathway programs, says such software should be exempt, as long as the pathway itself was developed by hospital staff.
Pathways may avoid regulation
"Now, if the [software] product is prescriptive, then it probably should be regulated by the FDA," says Mayerowicz. "If we sell an algorithm or something that tells the user what kind of care to provide based on the software’s internal intelligence, that clearly is an issue for the FDA. But if the software fulfills only a monitoring or a library function, then to that degree, it really shouldn’t be regulated."
"It really would be difficult to regulate something that has become so integrated into clinical and non-clinical areas of an operation," says Jeff Mason, RN, MBA, administrator of BayCare Surgery Center in Green Bay, WI. Mason questions why federal officials want to regulate the electronic patient record today when paper records have been around for years and were just as prone to consumer protection concerns.
Providers generally tie peripheral systems to a core software program. The peripherals perform a variety of tasks, from inventory control to patient scheduling and prescription ordering, Mason adds.
Rudolph agrees that it can be difficult to say where the clinical function ends and the facility’s operational concerns begin. "Nevertheless, it’s important to draw a bright line between what is and what isn’t a medical device," he says. "And for those things that do fit the definition of a medical device, we have to determine what level of regulation is appropriate for them."
Hospitals may have a difficult time trying to comply with regulations, especially if some vendors have gone out of business, says Warren L. Chandler, senior vice president and chief information officer with Baptist St. Vincent’s Health System in Jacksonville, FL. Hospitals may also incur costs in paying for consulting advice and extra staffing for internal regulatory affairs departments. (See related story on hospital administration costs, p. 84.)
The worst-case scenario is that the FDA will regulate patient information software as stringently as it currently regulates blood bank software, says Smith. In the 1980s, some tainted blood was accidentally released from blood banks, partly because of errors in blood bank software packages. Justifiably concerned, the FDA stepped in. The subsequent regulation, however, "basically stopped the industry in its tracks," says Larsen. "Now, more than half of the companies [that make blood bank software] are out of business because they can’t handle all the regulations and all the hoops they have to jump through to get a product approved."
Waiting for FDA decision
It’s still unclear what effect FDA regulations will have on hospitals that use electronic medical records and patient information software, says Smith. "If the agency chooses to exclude library functions and in-house developed systems, the impact could be fairly minimal. If they do choose to regulate those systems and functions, however, it could be extremely significant, both for the software industry and for hospitals," says Smith.
The agency has not yet released its final position, although FDA senior staff are currently considering a draft proposal compiled by Rudolph. "Hopefully, we’ll be able to get them to cut on the overall plan fairly soon, and then we can do some decision making," says Rudolph. "I think we may be able to say something within the next few months."
Subscribe Now for Access
You have reached your article limit for the month. We hope you found our articles both enjoyable and insightful. For information on new subscriptions, product trials, alternative billing arrangements or group and site discounts please call 800-688-2421. We look forward to having you as a long-term member of the Relias Media community.