The HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

FDA Must do More to Improve Medical Device Interoperability, says CHIME

Posted By on May 5, 2016

In January, the Food and Drug Administration (FDA) released draft guidance for manufacturers to help with the development of interoperable medical devices. Late last month, The College of Healthcare Information Management Executives (CHIME) submitted comments to the FDA on the proposed guidanceDesign Considerations and Premarket Submission Recommendations for Interoperable Medical Devices.

In a letter sent to Food and Drug Administration (FDA) Commissioner Robert M. Califf, MD, CHIME expressed concern that the draft guidance represents a set of suggested principles, yet what CHIME members require is assurance that medical devices are interoperable. At present, manufacturers are claiming their devices are interoperable, when the reality is that they are not.

CHIME explained that medical devices are being purchased from manufacturers who claim that the devices are interoperable, yet once the devices have been purchased, clinicians discover that the data generated by the devices cannot be loaded to their EHR systems directly without the use of third party software.

That software must also be purchased, adding to the overall cost and adding unnecessary complexity. According to the letter, this is “a barrier to providing clinicians with the information they need at the point of care.” The cost of middleware must be found from somewhere, which comes at the expense of other patient care investments.

Get The FREE
HIPAA Compliance Checklist

Immediate Delivery of Checklist Link To Your Email Address

Please Enter Correct Email Address

Your Privacy Respected

HIPAA Journal Privacy Policy

There is also a lack of transparency around the standards used by medical device manufacturers which is having a negative impact on interoperability and data flow. According to the CHIME, “transparency is necessary in order to achieve a more secure healthcare ecosystem.” Currently, EHR vendors must ensure certain standards are met in order for their EHRs to be certified. CHIME recommends the same transparency should exist for medical devices.

CHIME has called for the development of a set of interoperability standards for medical devices, rather than suggested principles. CHIME has recommended that the FDA partners with the Office of the National Coordinator (ONC), medical device manufacturers, healthcare providers, and other healthcare stakeholders to develop these standards. Once the interoperability standards have been finalized, CHIME recommends that those standards must be adopted in order for a medical device to receive FDA approval.

At present, device manufacturers are not adhering to a common set of standards because they are not required to. Devices do not submit data in a common format, which can lead not only to problems sending data to EHRs, but errors due to the lack of interoperability can have detrimental effect on patients. According to the letter, this could potentially lead to patient harm or even death.

CHIME has also recommended the FDA work with the ONC to develop “a more robust definition of interoperability.” At present, the FDA defines interoperability as “The ability of two or more products, technologies or systems to exchange information and to use the information that has been exchanged.” However, CHIME does not believe that the definition is sufficient. “We firmly believe there is a need for standardized and structured exchange of information that allows for the harmonization of data sets between medical devices, medical applications, and healthcare provider systems.”

CHIME also claims that medical devices are being sold to healthcare providers that lack even basic security measures such as authentication controls. Many include hardcoded default passwords that cannot be changed. CHIME also wants the FDA to address encryption for data transfer to improve device security. CHIME has also requested that the FDA require device manufacturers to conduct an annual risk assessment on their devices.

CHIME members support the FDA’s efforts to improve the interoperability of medical devices, but unless barriers are removed and new standards are adopted, the problem is only likely to get worse as more devices are used across the healthcare system.

CHIME says that the current challenges with device interoperability could even be classed as data blocking.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered in The HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has 10 years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics. Steve shapes the editorial policy of The HIPAA Journal, ensuring its comprehensive coverage of critical topics. Steve Alder is considered an authority in the healthcare industry on HIPAA. The HIPAA Journal has evolved into the leading independent authority on HIPAA under Steve’s editorial leadership. Steve manages a team of writers and is responsible for the factual and legal accuracy of all content published on The HIPAA Journal. Steve holds a Bachelor’s of Science degree from the University of Liverpool. You can connect with Steve via LinkedIn or email via stevealder(at)hipaajournal.com

x

Is Your Organization HIPAA Compliant?

Find Out With Our Free HIPAA Compliance Checklist

Get Free Checklist