Yesterday, the FDA released draft guidance on the management of cybersecurity in medical devices submitted to the agency for premarket review. Noting that cybersecurity threats to the healthcare sector have increased in number and severity, the FDA offered new recommendations for device design, labeling, and documentation that medical device manufacturers will need to consider during premarket submission processes.

The guidance comes shortly after the FDA’s launch of its Medical Device Cybersecurity Playbook, which provides a framework for healthcare delivery organizations to use in preparing for and responding to cybersecurity threats against patient medical devices.

Given rapid changes in technology and increasing innovation in the digital health market, the guidance intends to decrease the risk of cyberattacks that could render medical devices inoperable and potentially harm patients. Comments on the draft guidance are due on March 18, 2019. Continue Reading FDA Issues New Guidance for the Management of Cybersecurity in Medical Devices

On October 3rd, the United States Senate passed a bipartisan opioids package with a sweeping vote of 98 to 1, after the U.S. House of Representatives passed the final version of the bill with a vote of 393 to 8. One of its components, the “Fighting the Opioid Epidemic with Sunshine Act,” expands the scope of reporting requirements under the Physician Payment Sunshine Act (known as the “Sunshine Act”), which will have immense implications for the pharmaceutical and medical device and supply industries.

Enacted at section 6002 of the Affordable Care Act in 2010 to increase transparency around the financial relationships between health care providers and drug manufacturers, the Sunshine Act requires “applicable group purchasing organizations” and “applicable manufacturers,” including pharmaceutical and medical device or supply companies with operations in the United States, to track and report payments and transfers of value that they make to “covered recipients,” currently defined to include physicians and teaching hospitals. These transfers of value include items such as consulting fees, honoraria for speaking events, and research grants.

The opioids legislation package expands the definition of “covered recipients” to include other types of health care professionals: physician assistants, nurse practitioners, clinical nurse specialists, registered nurse anesthetists, and certified nurse midwives. The new legislation additionally sunsets a prohibition in the Sunshine Act that prevents the inclusion of the National Provider Identifier on the CMS Open Payments website.

Given the Administration’s focus on the opioid crisis, identified as a “national emergency,” the expansion of the Sunshine Act reflects the reality that prescriptions of opioids and other drugs to individuals may come from health professionals who are not physicians. State “sunshine laws” that imposed reporting requirements on payments to these professionals have existed for a number of years, but the changes passed in the opioids package would make this standard the baseline for reporting covered payments nationwide. By the time these changes would be effective on January 1, 2022, applicable group purchasing organizations and manufacturers will need to update their Sunshine Act compliance and monitoring activities to account for the greatly enlarged scope of individual health care professionals to whom they may be providing direct or indirect transfers of value.

The expansion of the Sunshine Act’s covered recipient definition was introduced in the Senate version of the opioids package, and remained in the overall legislation despite vigorous opposition. To become law, the bill requires the signature of President Trump.

On April 17, 2018, the Food and Drug Administration (FDA) released its Medical Device Safety Action Plan which outlines FDA’s intended steps to address medical device safety while preserving enough space for innovation in the market.

The FDA’s plan is the latest effort by the FDA on medical device safety, including a recent budget request seeking $70 million to create a Center of Excellence on Digital Health that would, among other things, craft new regulations for third-party certification for developing medical devices. This comes as FDA is pushing guidance and innovative approaches for oversight of digital health (see our blog).

According to FDA Commissioner Scott Gottlieb’s announcement, the FDA’s plan organized into five points that seek to balance patients’ timely access to devices and safety and effectiveness. Continue Reading FDA’s Medical Device Safety Action Plan

The Food and Drug Administration (FDA) has announced several new initiatives that reflect its ongoing commitment to maintain patient safety, while also championing the need and opportunity for health care innovation.

During opening day of Health Datapalooza, FDA Commissioner Scott Gottlieb highlighted the critical import of novel digital health tools in achieving patient-centered care, and outlined how the agency is committed to moving the ball forward in health care innovation through the following initiatives: Continue Reading FDA Advances Flexibility-Based Framework for Digital Health and AI

Despite the Trump Administration’s declaration of a state of emergency on October 26, 2017, the federal response to the opioid crisis largely languished on the back burner—much to the chagrin of states in the trenches of the opioid epidemic. However, based on the flurry of activity over the past several weeks, the federal government response now seems to be gathering substantive momentum, with various agencies and government actors launching attacks on all fronts—administrative, legislative, and enforcement alike. The federal government’s recent efforts present opportunities for health care organizations, life sciences companies, and health tech companies to get involved at the ground level to help influence opioid policy and provide needed products, services, and support to reduce the incidence of opioid abuse and address the health care needs of patients.

Continue Reading The Freight Train Gathers Steam: An Update on the Federal Response to the Opioid Crisis

The FDA is focusing on safety and effectiveness of interconnected medical devices with the issuance of final guidance on medical device interoperability, released last week. As the FDA notes, medical devices are becoming increasingly connected to one another and to other technologies, and it is critical to address their ability to exchange and use information safely and effectively.

For device manufacturers, this guidance provides clarity on how the FDA is thinking about interoperability and patient safety in the premarket submission process and provides considerations for manufacturers in the development and design of interoperability medical devices. It demonstrates the FDA’s focus on the safety and effectiveness of devices as implemented in an interconnected environment and the expectations of FDA on manufactures to anticipate and design for anticipated uses and reasonably foreseeable misuses. Manufactures should consider this guidance in the design, development, and on-going monitoring of connected medical devices.

This guidance may be helpful for other audiences as well:

  • Care providers that frequently interact with medical devices in the course of patient care
  • Hospital IT teams who make device purchasing decisions
  • Vendors of health technologies that frequently exchange data with medical devices

Continue Reading Interoperability by Design: FDA Issues New Final Guidance for Connected Medical Devices

On October 28, 2015, the U.S. Copyright Office of the Library of Congress (the “Office”) issued a Final Rule containing several exemptions to the Digital Millennium Copyright Act that expanded access to medical device computer programs and the patient data they generate.  The Digital Millennium Copyright Act allows intellectual property holders to install “technological protection measures” (TPMs) in their software which blocks unauthorized inspection of data to protect copyright.  Under the Act, the Library of Congress grants exemptions to TPMs every three years.

In the Final Rule, the Office included an exemption for researchers investigating computer programs on devices and machines for good faith security research. The Office found that legitimate security research has been hindered by TPMs that limit access.  Covered devices include medical devices used for patient implantation or corresponding personal monitoring systems, as long as they are not used by patients or for patient care.  The research exemption begins 12 months after the regulation’s effective date, meaning it starts on October 28, 2016.  Additionally, the Office created an exemption for patients who seek to passively access information that is already being generated by their own medical devices or personal monitoring systems.  Unlike the research exemption, the patient monitoring exemption takes effect immediately, and it is limited to patients themselves, as opposed to researchers or other parties.

Continue Reading U.S. Copyright Office Authorizes New Access to Medical Device Programs and Data under Digital Millennium Copyright Act

The Food and Drug Administration’s (FDA) March 2015 approval of Zarxio, the first biosimilar product licensed under the Biologics Price Competition and Innovation Act of 2009 (BPIA) is expected to usher in a new wave of faster approvals, greater choice, and lower costs for the biologics market. Along with these exciting opportunities, however, come a host of new questions and uncertainties for manufacturers, health care providers, and payers for health care services. We explore these and other issues in a new article recently published in Bloomberg BNA Pharmaceutical Law and Industry Report, available here.

 

In late 2014, Congress passed the Sunscreen Innovation Act (SIA) to speed the approval of innovative new sunscreen ingredients and formulations, many of which have long been available in Europe, Asia, and Latin America. While the SIA requires FDA to take concrete steps to more quickly review submissions regarding OTC sunscreen ingredients, the SIA does not promise a quick cure-all to speed these formulations to market. And FDA’s first tentative steps toward implementing the new law demonstrate that it is still far from clear whether the SIA’s actual impact will measure up to Congress’s goals. Until FDA publishes guidance on review criteria—which it is required to issue by November 26, 2016—and a few ingredients utilize the new timelines and guidelines, it is unclear how many ingredients will actually be approved through this “improved” review process.

Please read the full alert here.

On December 23, 2014, FDA Commissioner Margaret A. Hamburg announced that the agency favors supplanting the outright ban on blood donations from men who have sex with men (MSM) with a new policy that would prohibit donations from men who have engaged in homosexual activity in the previous 12 months. This shift for MSM would comport with the mandatory deferral period for other men and women at higher risk for HIV. It would also align with other countries’ policies including Australia, Japan, and the U.K.

“Over the past several years, in collaboration with other government agencies, the FDA has carefully examined and considered the available scientific evidence relevant to its blood donor deferral policy for men who have sex with men,” Hamburg said in her statement. The FDA also cited the recommendation of the U.S. Department of Health and Human Services Advisory Committee on Blood and Tissue Safety and Availability, an independent expert advisory panel. But when, exactly, this policy shift will take effect remains uncertain. According to the FDA’s announcement, the agency “intends to issue a draft guidance recommending this proposed change in policy in 2015, which will also include an opportunity for public comment.”

As noted in an earlier post, gay rights advocates, the American Red Cross, and other groups have long condemned the indefinite ban—enacted during the emergence of the AIDS epidemic—as discriminatory. They also have argued that it is medically and scientifically unjustified. Yet they are far from satisfied with the result of their advocacy efforts to change the ban. According to Gay Men’s Health Crisis, a prominent nonprofit dedicated to HIV/AIDS prevention, care, and advocacy, “This new policy does not require heterosexual blood donors to be celibate for one year. Some may believe this is a step forward, but in reality, requiring celibacy for a year is a de facto lifetime ban.”