As
Those lines are increasingly murky. FDA put out guidance earlier this year meant to set a boundary between digital tech not subject to its oversight, and the products that regulators want to review. FDA billed the document as an act of “de-regulation” because agency staff asserted whole categories of products that they didn’t seek to actively supervise. But the stuff FDA excluded was pedestrian. The scheme they reserved for the vast rest of the digital health tools wasn’t well articulated.
It means that those developing apps will have to come into FDA before they get too far, to see how the agency will treat them. More than likely, FDA will give its usual advice that most of the complex questions will be “review issues” that the agency will consider later. This "we’ll know when we see it" approach to regulation leaves innovators in perpetual limbo. It’s a formula for scaring away digital entrepreneurs, who can easily plumb their programming skills in other areas of commerce.
As I noted in the Wall Street Journal, therein lies the rub as FDA applies its usual prerequisite for pre-market review to oversee a diverse and fast moving field like digital and mobile health tech. Most of these products pose very low risk to consumers. They’re meant to help people track and interpret their own health information. In that respect, they often do little more than help consumers organize information that they could glean for themselves – albeit far less reliably – using the Internet. But since many of the more sophisticated offerings help people diagnose their own illness, FDA says they meet the definition of being a medical device. That makes them subject to a regulatory scheme that was crafted more than 40 years ago, before these technologies were ever imagined.
What’s happening in the consumer health tech mirrors what unfolded in the market for electronic health medical records. If EMRs aim to do much more than collect, store and report health data, FDA has said it will regulate any interpretive tools as a medical device subject to the agency’s oversight. So the big EMR providers made a deliberate decision not to build clinical support tools into their products – cognizant that this would cross a line that FDA had drawn. The EMR providers deliberately dumbed down these platforms. A health record can report to the doctor that a patient’s heart enzymes were elevated, but couldn’t interpret when these results meant that the patient was more likely to be having a coronary infarction than an episode of heart failure. While third-party developers create these sorts of diagnostic tools, the adoption of obvious capabilities is far slower than it should be.
In many cases, the third parties developing these applications needed FDA’s permission to market the products by filing 510K applications – a process first designed for surgical instruments, not medical apps. When the programmers want to update their software, they must ask FDA for permission to incorporate any meaningful improvements – a process that can take a year or longer to complete.
One of the biggest problems is integrating the apps into different EMRs, and making sure they can reliably sit on top of the bigger software packages. It’s a problem that wouldn’t exist if these capabilities could be built right into the EMR software.
When it comes to consumer health tech, a similar scenario is unfolding. The big product developers like Apple, and those who own the major software environments like
FDA has set forth a number of criteria that can make a medical app or other mobile health tech subject to its oversight. The squishiest of these criteria, and the one that ropes in a lot of the new digital tech, is the FDA’s assertion that it will seek to regulate certain products that store or analyze patient-specific medical data. Under FDA’s blurry definition, a mobile app can also include “a web-based software application that is tailored to a mobile platform but is executed on a server.”
FDA has said it doesn’t intend to regulate “general wellness” apps and mobile tech, like fitness and calorie trackers. But if these platforms make disease-specific claims, FDA wants to review them. When does an app cross that line? Any time it does something smart. Envision a nutrition app that counts your calories and tracks how your diet might raise or lower your risk for diabetes, or cause blood sugar surges. Or an app that helps correlate your symptoms with a list of probable causes.
Nobody is arguing that such products shouldn’t be subject to some oversight. The question is whether FDA should be the nexus for that regulation. By law and institutional culture, FDA seeks to apply a single tool to its approach to regulation – the requirement for pre-market approval. The agency is accustomed to compelling innovators to submit evidence to FDA and seek permission for marketing.
This long and costly process may be a necessary compromise when it comes to certain complex products. But it’s an approach wholly mismatched to mobile apps and other digital health. Yet FDA doesn’t have much discretion to fashion a different framework. Even where it has flexibility, it rarely uses it, even when a product merits a lighter touch. FDA is accustomed to making developers submit data for FDA’s review. It has one principal tool in its regulatory armamentarium. Pre-market review forms the cornerstone of the agency’s activities.
But digital health tools, like mobile apps that help consumers interpret information that’s already readily accessible, pose low risk. They also have attributes that aren’t easily embraced by FDA’s pre-market process. They are often low cost products that can’t be developed profitably if they are subjected to costly review. And FDA can’t accommodate their rapid updates. While faulty information from a digital health tool can influence people to make bad decisions, the risks are far lower than those posed by the usual products FDA subjects to pre-market review.
A better scheme would subject the riskiest of these digital tools to the same sort of regulatory scheme that the government eventually fashioned for EMRs. Early on, as EMRs started to gain wider use, FDA suggested that all of these software platforms met the definition of a medical device, even when they merely collected and reported data. FDA said the platforms should be subject to its oversight.
By that time, adoption of EMRs was a political priority. Officials bristled at the prospect that FDA oversight could slow innovation and uptake. So a separate office was set up in the Department of Health and Human Services to apply a distinct regulatory scheme to EMRs. It relied mostly on a requirement that the EMR packages certify to standards for usability and reliability, coupled to post-market monitoring to make sure that EMRs weren’t instigating medical mistakes.
A similar framework can be fashioned for medical apps and other consumer digital health tools. This is especially true when it comes to products that merely correlate consumer health data with clinical information that’s readily accessible. Regulatory pathways should distinguish between digital tools that are trying to function like an existing medical device, versus those that are performing patient-specific analyses and provide patient-specific information based on data that can be accessed already, albeit far less efficiently. For the latter, we can take a page from the setup with EMRs, where the feds certify standards and an independent nonprofit ensures that software platforms meet those requirements.
The requirement for pre-market approval was always a regulatory hurdle that was historically reserved for the riskiest stuff. Most consumer products are subject to post market scrutiny, and requirements that goods meet federal specifications for safety and reliability. Think about this. Pre-market federal review and approval has largely been fashioned for only a handful of products -- drugs and risky medical devices, pesticides, and aircraft engines. Do mobile medical apps really fit this category? The vast majority of consumer products we buy are subject to a much lighter regulatory touch that doesn’t require pre-market government approval.
FDA is trying to bill its various efforts to regulate this space as de-regulatory only because the agency has conceded the most pedestrian products as beyond the scope of its regulatory interests. But FDA isn’t making the right distinctions. There’s a big difference between apps that help you manage your medical information and draw clues from your own bodies, and those that seek to actively doctor you. In its regulatory grab, FDA is pretending not to know the difference, so when it comes to your mobile phones, you won’t be as smart about health as you should be.
You can follow Dr. Scott Gottlieb on
