FDA draft document offers guidelines – and raises questions

The questions and comments are pouring in over the U.S. Food and Drug Administration’s draft guidance on mobile medical apps, making it obvious that the government’s first attempt to clarify its regulatory authority over this fast-growing field won’t be the last.

While the 30-page draft establishes three categories of devices that would fall under FDA perusal, it leaves out – either specifically or by omission – several other uses. Among them: App sellers (like Apple), telecommunications providers and handset manufacturers, to name a few.

“What we have done is we have taken that approach and formulated policies that were narrowly focused on a very small subset while allowing apps that are out there to foster and continue developing that space,” said Bakul Patel, an FDA policy advisor who helped draft the guidelines, in news reports. “We wanted to make sure that we are consistent in regulating medical devices so nothing has changed. … (If) somebody makes a stethoscope on an iPhone, it doesn’t change the level of oversight we have of a stethoscope.”

Chuck Parker, executive director of the Continua Health Alliance, a 230-member global alliance of healthcare and technology companies working to improve the quality of personal healthcare, said the draft “opens up the market” by giving the industry rules to work with.

“It sort of clears the thoughts out a little bit, and that does help us out,” he said.

“It’s pretty consistent with what I expected them to do,” said Yarmela Pavlovic, an associate with the global law firm of Hogan Lovells. “What’s been happening (in the mobile medical app space) is very, very fast development, and there needed to be an interpretation of existing regulations”

Zachary Bujnoch, a senior industry analyst for telehealth and healthcare with Frost & Sullivan, called the draft document a much-needed entry into a “market full of hype.” He said the regulations will help “vet out the market” and target the thousands of healthcare apps on the market.

“This is going to hinder innovation in the market – there’s no doubt about it,” he said. “But that’s good. It’s a very confused market right now … that needs clarification.”

Pavlovic said she was “surprised by the way they narrowed” the classifications of apps to come under FDA guidance. “There’s definitely things that fall outside the categories that will be discussed,” she said. For example, she said, should product accessories be treated the same as devices?

Both Parker and Bujnoch questioned whether electronic health records should fall under FDA review (electronic and personal health records currently fall outside the FDA’s scope, according to the draft). An issue expected to generate a lot of comment, both said, is the definition of clinical decision support. If a device takes healthcare data and translates that into a clinical decision that can affect one’s healthcare, should it fall under the FDA’s guidelines?

“It depends on where the decision factor comes in,” said Parker. “Who defines the intelligence that gets sent back to the individual?”

The draft – for which the FDA will accept comments through October 19 – has already drawn responses from a wide variety of players in the healthcare community.

“Consumers are ready to use mobile apps, text messaging, and even payment services to make health decisions and communicate with their healthcare providers. A certain level of regulation is needed to ensure that consumers have tools they can trust,” said Jay Emmet, general manager of Seattle-based OpenMarket, which operates a mobile transaction hub offering mobile payments, messaging and other services to a variety of industries. “However, the FDA typically does not administer healthcare management processes or paradigms. That said, working with the FDA to help control personal health information through the mobile system will be critical. mHealth technology has the opportunity to help save millions of dollars in healthcare costs, and offer consumers a secure way to better manage their healthcare – from monitoring nutrition to receiving text alerts for upcoming appointments.”

“As mobile evolves to create a direct communication channel between patients and healthcare providers, pharmacies and medical device manufacturers, it’s also important that mobile programs comply with the appropriate industry rules, such as HIPPA, for managing personal health information and meeting all regulatory requirements.” Emmet added. “With more people adopting mHealth practices, there will be a growing need for an industry standard such as medical or hospital grade messaging to ensure the security of these communications.”

“The FDA has drawn a line in the sand and signaled that mHealth doesn’t get a special pass; the same old rules apply that have always applied,” said Chris Bergstrom, chief strategy and commercial officer for WellDoc, a Baltimore-based developer of chronic disease management tools. “This is not surprising, and clearly there will be a thinning of the herd coming as the FDA intervenes and companies reevaluate which side of the line they fall on.  Primarily, there will be a regulatory distinction between simple wellness apps vs. integrated solutions that diagnose, treat, or mitigate a disease or integrate with other medical devices.”

“WellDoc applauds the FDA for quickly and aggressively tackling this complex area as the explosion of mobile applications has created confusion for both manufacturers and consumers,” Bergstrom added. “The FDA’s actions underscore how serious they are taking mHealth, as this guidance document came out relatively quickly (by FDA standards) and we know for a fact they are actively inspecting mobile medical companies.”

“For any mobile medical application that deals with, or has the potential to deal with, data related to patients, security must be the primary consideration,” said Jeff Tangney, a former Epocrates executive who co-founded Doximity, a San Mateo, Calif.-based startup offering a Linked In-style network for physicians over mobile devices. “Security for mobile apps needs go well beyond the baseline practices around user authentication and data encryption. This class of mobile apps must be designed so that access control is implemented in several layers, and the information used by the app is agnostic to the physical device itself.”

While not applicable outside the United States, the FDA directive did draw the attention of the mHealth Alliance, which pointed out that many developing nations will look to U.S. agencies like the FDA to set the standard for global telemedicine.

“The applications that fall under the purview of the FDA’s Draft Guidance are largely smartphone-specific and mobile applications that either connect to currently regulated medical devices or render the mobile phone into a medical device, while most mHealth initiatives in developing nations are SMS based and untethered to medical devices,” said Jody Ranck, director of thought leadership, policy and advocacy at the mHealth Alliance. “While sophisticated applications are not currently widely used in the areas that the mHealth Alliance focuses on, smartphone applications and peripherals that do perform medical functions will become more important in the next several years.”

The FDA’s draft document can be found http://www.fda.gov/MedicalDevices.