Dedicated to providing the latest
HIPAA compliance news

FDA Issues Guidance for Medical Device Makers to Facilitate Data Sharing with Patients

Share this article on:

The Food and Drug Administration (FDA) has issued new draft guidance for medical device manufacturers offering recommendations to facilitate the sharing of medical device data with patients.

The FDA believes that sharing medical data such as oximetry data, heart electrical activity, and cardiac rhythms with patients will help to empower them to become more engaged in their own healthcare, and will help them to make sound medical decisions.

In the guidance, the FDA explains that while the data recorded by these devices is primarily for physicians and hospitals, device manufacturers should make the data recorded by their devices available to patients. The data included in the FDA’s definition of patient-specific information include, but is not limited to, healthcare provider inputs, device usage/output statistics, incidences of alarms, records of device malfunctions or failures, or any data recorded by the devices.

Device manufacturers have previously suggested that FDA approval would be necessary before they provided medical device data to patients. The FDA has issued the guidance to clear up confusion and explains that it is permissible to share data with the patients who use their devices.

Under the Health Insurance Portability and Accountability Act (HIPAA), patients are permitted to obtain copies of their electronic health data from their healthcare providers. In many cases, the designated data sets provided to patients would include the data recorded by patients’ medical devices. The FDA points out that patients are also permitted to obtain medical device data directly from the manufacturer of the device.

The guidance explains that HIPAA requires privacy protections to be adopted to prevent individually identifiable information from being shared with healthcare providers and other entities without patients’ consent. HIPAA Rules do not prohibit a device manufacturer from sharing recorded data with the affected patient.

While it can be beneficial for patients to receive copies of their own data, device manufacturers have been advised that they should consider the content that is provided as well as context. They should ensure that data are useable and should take steps to avoid the disclosure of unclear information or data that could be misinterpreted. It is also important for device manufacturers to consider that follow up information may also be required by the patient, although this could be provided by the device manufacturer or the patient’s healthcare provider.

Content provided to patients should be comprehensive and include all available data, including the most recent measurements. It may also be appropriate to provide supplementary instructions or references to help the patient understand the data. The FDA points out that any material provided that meets the definition of labeling would be subject to FDA regulation and therefore the relevant requirements and restrictions would apply.

Device manufacturers may need to include relevant context to avoid misinterpretation of data. An example provided is pacemaker data, which may need to be accompanied with information about the circumstances under which electrical impulses are delivered by the device to aid understanding and avoid misinterpretation.

If requested by patients to provide data, the FDA recommends that the device manufacturer advises patients who they should contact for follow up information, be that a contact within the company or the patient’s healthcare provider.

Author: HIPAA Journal

HIPAA Journal provides the most comprehensive coverage of HIPAA news anywhere online, in addition to independent advice about HIPAA compliance and the best practices to adopt to avoid data breaches, HIPAA violations and regulatory fines.

Share This Post On