FDA offers guidance in support of sharing device data with patients
June 24, 2016
by Thomas Dworetzky, Contributing Reporter
The trend toward self-management by patients of their own health care has now pushed the FDA to offer guidance to makers of medical devices that collect, store and disseminate data – especially relevant given the rapid move toward wearable or implantable medical devices.
“FDA believes that providing patients with access to accurate, usable information about their health care when they request it (including the medical products they use and patient-specific information these products generate) will empower patients to be more engaged with their health care providers in making sound medical decisions,” the agency said in its draft guidance.
The position taken by the agency is “very patient friendly,” Patricia Wagner, a Washington-based attorney with Epstein Becker & Green P.C., told Bloomberg BNA.
But it does present some tricky challenges for manufacturers, she stressed. These include the need to determine when it is okay to provide patients with data, made more complex because there are numerous variations in interpretations of the key health privacy law, the Health Insurance Portability and Accountability Act (HIPAA).
Despite privacy concerns, this latest agency guidance fits the trend toward increased patient involvement. “Today, many medical devices have the ability to store data and transfer it to medical records, so this seems like a natural progression in providing patient access,” Chris Lavanchy, with the patient safety organization ECRI Institute told Bloomberg BNA.
Because the data is readily available, patients, “especially younger ones who have grown up with access to their medical records, will welcome having access to device data so that they can play a bigger role in making decisions about their health care,” he advised.
But a key issue device makers need to consider: what specific data is covered by this sharing guidance?
The FDA stated that it is referring to “any information unique to an individual patient or unique to that patient’s treatment or diagnosis that, consistent with the intended use of a medical device, may be recorded, stored, processed, retrieved, and/or derived from that medical device.”
Such shareable information would include data on such things as usage, alarms, or physiological outputs. The latter would include, for example, logs entered by patients or caregivers, pulse oximetry data, heart electrical activity, and rhythms, such as those monitored by a pacemaker.
But the FDA is not referring to diagnostic assessment, or specifically, “any interpretations of data aside from those interpretations of data normally reported by the device to the patient or the patient’s health care provider.”
In addition, the agency advised that this information may be shared “with patients at the patient’s request, without obtaining additional pre-market review before doing so.”
One part of the guidance, however, raised some concern. The FDA document stated that HIPAA's protections “are intended to prevent manufacturers from sharing this information with covered entities (e.g., health plans, health care providers that electronically transmit health information) without the patient’s consent.”
This appeared to be problematic to attorney Wagner. For one thing, the information “from a medical device is accessible by the patient’s health care provider and patients can contact their health care provider to obtain such information,” the guidance stated, in seeming contradiction of its own consent guidance.
For another, HIPAA was not intended to keep patient device data from providers, according to the attorney. It is “just wrong” and “doesn't make sense,” she told Bloomberg.
That questionable information aside, Wagner told the news service that the FDA guidance seemed “very much aligned” with HIPAA.
“One thing HIPAA provides is a right of access to medical records. This is very much following in line with that standard,” she noted.
But a free flow of data needs context in order to avoid confusing or alarming patients. The FDA also stressed that manufacturers should “ensure that the information provided is interpretable and useful to the patient, and to prevent the disclosure of confusing or unclear information that could be misinterpreted” by adding context to make the data clearer to a lay audience.
“The manufacturer may choose to provide supplementary instructions, materials or references to aid patient understanding,” it advised, noting, “for example, if a patient requests a history of his own blood pressure measurements from a device, the data should include all available data up through the most recent measurement.”
In another example, the agency suggested, “if information is being provided regarding the activity of a pacemaker, information regarding the circumstances under which an electrical impulse is delivered by the device may provide helpful context.”
A final caveat about sharing data information for manufacturers: confirm that the person requesting information is the patient, advised Wagner.
“FDA believes that providing patients with access to accurate, usable information about their health care when they request it (including the medical products they use and patient-specific information these products generate) will empower patients to be more engaged with their health care providers in making sound medical decisions,” the agency said in its draft guidance.
The position taken by the agency is “very patient friendly,” Patricia Wagner, a Washington-based attorney with Epstein Becker & Green P.C., told Bloomberg BNA.
But it does present some tricky challenges for manufacturers, she stressed. These include the need to determine when it is okay to provide patients with data, made more complex because there are numerous variations in interpretations of the key health privacy law, the Health Insurance Portability and Accountability Act (HIPAA).
Despite privacy concerns, this latest agency guidance fits the trend toward increased patient involvement. “Today, many medical devices have the ability to store data and transfer it to medical records, so this seems like a natural progression in providing patient access,” Chris Lavanchy, with the patient safety organization ECRI Institute told Bloomberg BNA.
Because the data is readily available, patients, “especially younger ones who have grown up with access to their medical records, will welcome having access to device data so that they can play a bigger role in making decisions about their health care,” he advised.
But a key issue device makers need to consider: what specific data is covered by this sharing guidance?
The FDA stated that it is referring to “any information unique to an individual patient or unique to that patient’s treatment or diagnosis that, consistent with the intended use of a medical device, may be recorded, stored, processed, retrieved, and/or derived from that medical device.”
Such shareable information would include data on such things as usage, alarms, or physiological outputs. The latter would include, for example, logs entered by patients or caregivers, pulse oximetry data, heart electrical activity, and rhythms, such as those monitored by a pacemaker.
But the FDA is not referring to diagnostic assessment, or specifically, “any interpretations of data aside from those interpretations of data normally reported by the device to the patient or the patient’s health care provider.”
In addition, the agency advised that this information may be shared “with patients at the patient’s request, without obtaining additional pre-market review before doing so.”
One part of the guidance, however, raised some concern. The FDA document stated that HIPAA's protections “are intended to prevent manufacturers from sharing this information with covered entities (e.g., health plans, health care providers that electronically transmit health information) without the patient’s consent.”
This appeared to be problematic to attorney Wagner. For one thing, the information “from a medical device is accessible by the patient’s health care provider and patients can contact their health care provider to obtain such information,” the guidance stated, in seeming contradiction of its own consent guidance.
For another, HIPAA was not intended to keep patient device data from providers, according to the attorney. It is “just wrong” and “doesn't make sense,” she told Bloomberg.
That questionable information aside, Wagner told the news service that the FDA guidance seemed “very much aligned” with HIPAA.
“One thing HIPAA provides is a right of access to medical records. This is very much following in line with that standard,” she noted.
But a free flow of data needs context in order to avoid confusing or alarming patients. The FDA also stressed that manufacturers should “ensure that the information provided is interpretable and useful to the patient, and to prevent the disclosure of confusing or unclear information that could be misinterpreted” by adding context to make the data clearer to a lay audience.
“The manufacturer may choose to provide supplementary instructions, materials or references to aid patient understanding,” it advised, noting, “for example, if a patient requests a history of his own blood pressure measurements from a device, the data should include all available data up through the most recent measurement.”
In another example, the agency suggested, “if information is being provided regarding the activity of a pacemaker, information regarding the circumstances under which an electrical impulse is delivered by the device may provide helpful context.”
A final caveat about sharing data information for manufacturers: confirm that the person requesting information is the patient, advised Wagner.