Risk Assessments: Patient Safety and Innovation Innovation Discussion 02 July 2013.

Risk Assessments:Patient Safety and Innovation

Innovation Discussion02 July 2013

FDASIA Group • Charter

– The Food and Drug Administration Safety and Innovation Act (FDASIA) directed the HHS Secretary, acting through the Commissioner of the U.S. Food and Drug Administration (FDA), and in consultation with ONC and the Chairman of the FCC, to develop a report that contains a proposed strategy and recommendations on • an appropriate, risk-based regulatory framework for health IT, including medical mobile

applications, • that promotes innovation, • protects patient safety, • and avoids regulatory duplication.

– The FDA, FCC, and the HHS Office of the National Coordinator for Health IT (ONC) will review and consider the recommendations provided by the Health IT Policy Committee, based on input from the workgroup, as the three agencies write the report.

• Goal: recommended regulatory framework for regulation of HIT

Work Product Approaches

• Exam Results from Current Regulation – Experiences with current regulation– Impact on innovation

• Innovation Requirements – General requirements– Specific requirements - stratified by source of innovation

• Thoughts on new framework for innovation

IOM Report

• Government’s Role (IOM Report)

– “The government in some cases is the only body able to • provide policy guidance and direction to complement,

bolster, and support private-sector efforts and • to correct misaligned market forces.”

Shepherding Role versus Defining or Leadership Role

Question

What has been the impact of current regulatory approaches

on innovation?

Regulatory Approaches

• Medical Device regulation• Certification regulation

Nature of Innovation RiskGeneral Attributes / Requirements

IOM Report, Appendix DStringency Innovation

Flexibility Innovation – Defined as the number of implementation paths to meet compliance.

.Information Innovation

– Defined as if a regulation promotes more or less complete information in the market.

Measurement Innovation Goal AttainmentSpecificity

Medical Device versus HIT

Physical Device• Physical• Long development /

enhancement cycles• Fixed functionality• Task oriented

– Measured against the task

• Environment of operation relatively defined and static

• Contributing suppliers more controlled and measureable

Software• Virtual• Constant change

– Major releases, minor releases updates of currently running software

– Network connectivity: security, privacy, upgradeability

– Customization and configuration expectation– What does Pre-Marketing Approval mean when

distributing monthly updates?

• Configurable by design• Tools to extend the products function• Can be process oriented vs single task

– Measured against practice impact, not individual tasks

• Environment (hardware, other software on hardware) more open

• Contributing suppliers layered with many contributions not specifically designed for healthcare – e.g., PC or phone operating system

Medical Device Regulation

Pros• Process control, not

outcomes – standard: – consistent

manufacturing process that can be applied to software

• Confidence in resulting product

Cons• Clarity

– Who is subject to regulation?– Implementation barriers –

knowledge & overly prescriptive

• Geared to physical devices – Turnaround time– Configuration and extension– “Class Up” effect on software

working with device

• Issue: – start small without regulation,

but then applying regulation after the fact

Certification Regulation

• Motivation: defined product– Government is funding a capital improvement to

healthcare practice (link to Meaningful Use)– Therefore, obligation to promote good products– Therefore, defined “Best Practice”

• Effect on Innovation:– Assumption of known Best Practice where not known– Specification of Best Practice and certifying specific test

behaviors limits innovation– Working to the test – “Compliance Innovation”

Certification RegulationRole of Measurement

• Policy– Intent, vision, goal– Outcomes orientation

• Measurement – test cases– Specific imagined implementation

“Not everything that can be counted counts, and not everything that counts can be counted.” – Einstein or Cameron

“You can only manage what you measure.” ~Deming

Certification RegulationOther Impacts to Innovation

• Endorsement and empowerment of private certification regimens: SureScripts– Another certification involving “Best Practice”– Little option to avoid this certification even though not specifically

mandated by regulation– “Best Practice” defined in less transparent, less responsive system; i.e.,

private entity

• Constant reporting of “changes” to software with unclear consequence of triggering re-certification– Uncertainty increase causes innovation decrease – every incentive NOT

to change– Does not fit with constant updates of software

Comparison of Approaches

Medical Device Regulation• Process control• Pre-marketing approval – in some cases• Impact

– Can be positive when combining software from different sources – increased trust

– Lack of clarity (flipside of Regulatory Discretion) yields policy uncertainty

– Entry impedance • Clarity on requirements & process – purpose

of AAMI report• Late entry into process with existing product

– Continued overhead: heavy process versus agile development

– If fully applied to HIT and local implementation, devastating to market – Blood Bank example

– Regulatory avoidance: dis-qualify for regulatory inclusion – taxonomy discussion

Certification Regulation• Product definition• “Best Practice” feature definitions• Pre-use approval• Impact

– Reduced flexibility (defined features), reduced innovation

– Empowered added private regulation– Non-productive work to test –

“Compliance Innovation”– Less market neutral – favors existing

software with defined features– Regulatory avoidance: control each

features and test script

Lessons Learned• Certification regimens should be avoided

– They narrow creativity and innovation by either design or measurement to a specific or narrowed list of solutions

– They channel energy into working to the test – compliance innovation– They channel the discussion to definitional terms rather than meeting the market needs

• Transparency of results to replace certification

– Instead of a certification process to differentiate the market, use transparency– Transparency in the marketplace is more efficient and richer in content

• Certification just reveals that the system passed the certification test and all vendors will – at that point, there is no differentiation

– Having a transparent, “learning system” would provide a continuous spectrum of solutions and their results; i.e., rather than knowing that all the vendors have med reconciliation (the end result of a certification system), it could be discovered which vendor does it better.

• National goals should be encouraged – JCAHO, Meaningful Use

– They meet the “flexibility” test (Appendix D – IOM Report)– Set problem agenda, not product agenda– They do change and, if well set, correct the market and create markets– Where the market goes, vendors will follow

Questions

What are the specific innovation requirements?

Stratified by level of innovation or opportunity for innovation

Nature of Innovation RiskGeneral Attributes / Requirements

IOM Report, Appendix DStringency Innovation

Flexibility Innovation – Defined as the number of implementation paths to meet compliance.

.Information Innovation

– Defined as if a regulation promotes more or less complete information in the market.

Measurement Innovation Goal AttainmentSpecificity

Sources of Innovation / RiskFull Spectrum of the SocioTechnical System

• Developed software – vendor and local• Software setup / customization / extensions• Integration with medical processes –

sociotechnical system• Communication devices• Combining technologies– Predictable (e.g., HL7 interfaces)– Non-predictable (e.g., end user combination of

available technologies – software and hardware)

Questions

• What are the innovation requirements?– Stratified by level of innovation or opportunity for

innovation• Vended software• Local creation of software• Local configuration of software• Local extension of software – using provided tools• Local combination of technologies

– Communication devices– Interoperability: HL7 interface, service calls, database sharing,

Vended Software• Innovation requirements

– Policy clarity• In / out of regulatory focus• Re-certification / re-authorization rules

– Consistent international regulatory framework– Interoperability Standards – mixed effect

• Increased innovation opportunity for small-scale product to plug into existing market; “development ecosystem”

• Defined endpoint decreases innovation• Limited governmental direction; facilitate market driven standards

– Eliminate / minimize defined features / certification• Process controls can enhance innovation – trust method

– Goals – set problems-to-solve agenda for innovation– Provide pathway to become compliant with – Transparency between suppliers and with consumers– Accept relative risk

• Shift some process control to post-distribution• Framework of non-punitive disclosure of issues

• Accountability model– Consistent national and international standards– Transparency of process, artifacts, and results

Locally Developed Software• Innovation requirements

– Policy clarity• In / out of regulatory focus• Re-certification / re-authorization rules

– Interoperability Standards – mixed effect• Increased innovation opportunity for small-scale product to plug into existing market; “development ecosystem”• Defined endpoint decreases innovation• Limited governmental direction; facilitate market driven standards

– Eliminate / minimize defined features / certification• Process controls can enhance innovation – trust method

– Goals – set problems-to-solve agenda for innovation rather than feature agenda– Provide pathway to become compliant with existing software (i.e., software developed before regulatory focus)– Transparency into supplied software (locally developed software most often leverages pieces of software intended or not for

medical use)– Accept relative risk

• Shift some process control to post-distribution• Framework of non-punitive disclosure of issues

– Local process controls– Turnaround time: lightweight process adaptable to different level of development effort and scope– Iterative development / implementation cycles

• Controlled pilots with real patient data and informed users

• Accountability model– National process controls – administered locally & available for audit– Local, continuous oversight– Surveillance: feedback loop of results– Local control , governance , and accountability for pilot use

Locally Configured Software• Innovation requirements

– Transparency into supplier process and results– Open communication of issues– Adequate training and documentation of supplied software– Local process controls: review, testing, implementation, and surveillance– None to little federal oversight: inheritance of supplier oversight

• Accountability model– Integration with local medical processes– Testing of configuration– Surveillance of results– Reporting of local results

Locally Extended Software• Innovation requirements

– Transparency into supplier process and results– Open communication of issues– Adequate training and documentation of supplied software– Local process controls: review, testing, implementation, and surveillance– Accept relative risk

• Framework of non-punitive disclosure of issues– Turnaround time: lightweight process adaptable to different level of development effort and scope– Iterative development / implementation cycles

• Controlled pilots with real patient data and informed users– Local process controls– None to little federal oversight: inheritance of supplier oversight

• Accountability model– Integration with local medical processes– Testing of extended software– Surveillance of results– Reporting of local results– Local control , governance , and accountability for pilot use

Local Combination of Technologies• Innovation requirements– Local process controls

• Accountability model– Expectations of suppliers

Summary

• Define process not product• National and international standards for quality

process – measureable and transparent• National interoperability standards lower the entry

cost• Encourage configuration and extension to support

process and solve problems• Transparency of product and results• Ability to experiment• Local control, local accountability

Biggest picture(Regulatory Group)

Looking at the three agencies together, is there a better way to regulate HIT?

Assumptions

• Everyone is interest in patient safety.• We need innovation to solve problems in

healthcare.– IT tools have a central role in solving cost and

quality issues.• We need to encourage more, not less,

participation in this innovation and this sector.

IOM Report

• To encourage innovation and shared learning environments, the committee adopted the following general principles for government oversight:– Focus on shared learning,– Maximize transparency,– Be nonpunitive,– Identify appropriate levels of accountability, and– Minimize burden.

Learning Environment Requirements

• Increase Information in the Marketplace– Pre- and Post marketing information– Common reporting format– Providers and vendor contribution– Open access

• Environment– Non-punative

Comparison

Current Regulation• Defined solution• Slow response to innovation

and problems• Opaque results• Discourages participation

Learning Environment• Multiple solutions• Continuous innovation• Continuous measurement

of results• Encourages participation