FDA – piloting a path for digital innovation
Earlier this year the US Food and Drug Administration (FDA) heralded the forthcoming launch of its pre-certification pilot program for new digital health software which it hopes will help revolutionise the regulation of digital healthcare solutions in the US and allow innovations to safely reach the global market in a timely way, to the benefit of end users.
"We need to modernise our regulatory framework so that it matches the kind of innovation we’re being asked to evaluate, and helps foster beneficial technology while ensuring that consumers have access to high-quality, safe and effective digital health devices,” said FDA Commissioner Scott Gottlieb, M.D.
Warming to this user-centric theme, in a July FDA blog post, Gottlieb wrote: "This new program embraces the principle that digital health technologies can have significant benefits to patients’ lives and to our healthcare system by facilitating prevention, treatment and diagnosis; and by helping consumers manage chronic conditions outside of traditional healthcare settings.”
In September, the FDA named the nine participants in the pilot scheme (after fielding interest from over 100 companies). The FDA arrived at the final nine after considering “company size, demonstrated record of quality and organisational excellence, clinical focus area and the risk profile of the product”. The selection process identified companies representing different perspectives and unique approaches to digital health technology development.
“The number of applicants speaks to the significant impact this approach could have on facilitating timely advancement of software that has the potential to benefit health,” says Bakul Patel, associate director for digital health in the FDA’s Centre for Devices and Radiological Health.
The firms that made the cut are Apple, Fitbit, Johnson & Johnson, Roche, Samsung, Alphabet’s Verily, Phosphorous, Tidepool and Pear Therapeutics.
Back in 2015, Apple CEO Tim Cook bemoaned the FDA process, saying that its cycles were too long and hindered innovation and development. Apple has been keen to make further headway in the healthcare space using its Healthkit developer framework so, in May, when Cook was spotted wearing an Apple Watch glucose monitor it hinted at what we may see the company release via the pilot programme.
Fitbit recently teamed up with Dexcom – a manufacturer of continuous glucose monitoring (CGM) systems for diabetes management. Johnson & Johnson has a longstanding presence in this arena with products like OneTouch, Lifescan and Animas. Roche (like J & J) offers a variety of diagnostic tools but its involvement is significant given the Accu-Chek developments and recent acquisition of the mySugr platform for diabetes data. The South Korean electronics giant Samsung has become active in healthcare too, notably partnering with Medtronic to develop next-gen smartwatch connectivity. Verily (formerly Google Life Sciences) is Google’s health spin-off currently working on a smart lens program for ocular devices to correct age-related farsightedness. Phosphorous is focused on the better understanding of the human genome to bridge the gap between DNA and good health.
Howard Look, founder of the non-profit open-data start-up Tidepool, comments: “This is the FDA acknowledging the old guidance for how software technology is regulated wasn’t working, and couldn’t keep up with the pace of innovation we’ve been seeing in Silicon Valley and the consumer world.”
- Health by stealth: How drones are saving lives
- November’s edition of Healthcare Global magazine is now live!
- Royal Adelaide Hospital: A benchmark in healthcare
“We commend the FDA’s Digital Health Innovation Action Plan initiative and the speed with which they are moving towards building a regulatory pathway to bring these important products to patients,” says Corey McCann, President and CEO at Pear Therapeutics, which completes the list of nine participants. Pear Therapeutics is a leader in prescription digital therapeutics which integrate clinically-validated software applications with previously approved pharmaceuticals and treatments to provide better outcomes for patients and smarter engagement/tracking tools for clinicians. Pear’s lead product, reSET®, is an FDA-cleared, 12-week interval prescription therapeutic for Substance Use Disorder, designed to be used alongside standard outpatient treatment.
Dr Marisa Miraldo is an Associate Professor in Health Economics at Imperial College Business School, and expert in public policy with experience working with the Department of Health. “Lengthy regulatory procedures feed significantly into this delay, generating substantial hurdles for adoption and diffusion of innovation,” she explains. “These hurdles are more significant in the context of digital health innovation (versus pharmaceutical) because, with rare exceptions, there are currently no established system level pathways and processes to adopt and embed at scale these innovations in practice. This discourages innovation in general, but evermore in areas such as digital health in which product life-cycle tends to be increasingly shorter when compared to therapeutic innovation,” she explains.
Dr Miraldo believes, from the regulator perspective, the commitment to post-market data collection shared by the innovator can potentially allow real time monitoring of the safety and even value added by these innovations, which is key for streamlining regulatory processes while safeguarding the public interest.
While the healthcare industry appears to be embracing the pathway to market opportunities the Pre-Cert programme could offer, there are institutions keen to offer words of advice and caution. In its open letter to the FDA, the Medical Imaging and Technology Alliance (MITA) – the leading organisation and collective voice of medical imaging equipment, radiopharmaceutical manufacturers, innovators and product developers, representing companies whose sales make up more than 90% of the global market for advanced imaging technologies - commended the FDA for taking proactive steps for the regulatory review of software products. MITA hoped the FDA would “use the pilot to explore the use of external conformity assessment bodies (e.g. IECEE) for software development and change controls using relevant existing international standards”.
Despite concerns voiced about the FDA program by some institutions such as MITA, Dr Miraldo is certain we’ll see a positive impact. “It will enable a dialogue between regulators and innovators enabling them to direct their strategies to key areas of value, minimising risk and maximising their chances of raising funding,” she argues, believing payers should also be included in this dialogue to formally incentivise innovation, not only on digital health but in pharma as a whole.
Creators of SaMD (Software as a Medical Device) products like the Canada-based Macadamian – a user experience design and software development company focused on the development of healthcare solutions – is excited about the potential less regulatory oversight will bring for smaller and more nimble companies, like theirs, to compete in the same space as larger corporations.
“With the advent of more complex solutions, like our My Diabetes Coach which leverages machine learning and artificial intelligence, the software and the medical device are merging,” says Macadamian’s Internet of Things (IoT) Director Timon LeDain. “The FDA has implemented the pre-certification pilot program to balance risk management with the agile development process. Software has shown itself to be capable of looking at a medical image and providing a diagnosis that matches or exceeds what experts could achieve.”
Macadamian has also worked with the likes of Transcendent Technologies on projects such as the forthcoming Lifepod – an Amazon Alexa-powered virtual caregiver and digital health assistant – and specialise in creating connected healthcare solutions. LeDain observes innovations can take years to reach the market, affecting manufacture, marketing and sale, with the increased cost ultimately transferred to the consumer. He thus applauds the opportunity to improve patient outcomes with the reduced regulatory burdens of the FDA program while driving down the costs of delivering healthcare.
“The pros outweigh the cons and demonstrate the FDA is aware of its impact on healthcare innovation and is looking at ‘out of the box’ approaches to address this,” he says. “Some might argue the pendulum could swing too far towards the deregulated space with potential adverse health events as a result, but I don’t see this outweighing the benefits. There’s already proof unregulated products like the Apple Watch and Owlet Care’s baby monitor have saved countless lives by providing consumers with information they previously never had access to.”
Getting ready for cloud data-driven healthcare
As healthcare continues to recognise the value of data and digital transformation, many organisations are relying on the cloud to make their future-forward and data-centric thinking a reality. In fact, the global healthcare cloud computing market was valued at approximately $18 billion and is expected to generate around $61 billion USD by 2025.
At the forefront of these changes is the rapid adoption of cloud-based, or software-as-a-service (SaaS), applications. These apps can be used to handle patient interactions, track prescriptions, care, billing and more, and the insights derived from this important data can vastly improve operations, procurement and courses of treatment. However, before healthcare organisations can begin to dream about a true data-driven future, they have to deal with a data-driven dilemma: compliance.
Meeting regulation requirements
It’s no secret that healthcare is a highly regulated industry when it comes to data and privacy – and rightfully so. Patient records contain extremely sensitive data that, if changed or erased, could cost someone their life. This is why healthcare systems rely on legacy technologies, like Cerner and Epic EHRs, to manage patient information – the industry knows the vendors put an emphasis on making them as secure as possible.
Yet when SaaS applications are introduced and data starts being moved into them, compliance gets complicated. For example, every time a new application is introduced into an organisation, that organisation must have the vendor complete a BAA (Business Associate Agreement). This agreement essentially puts the responsibility for the safety of patients’ information — maintaining appropriate safeguards and complying with regulations — on the vendor.
However, even with these agreements in place, healthcare systems still are at risk of failing to meet compliance requirements. To comply with HIPAA, U.S. Food and Drug Administration 21 CFR Part 11 and other regulations that stipulate the need to exercise best practices to keep electronic patient data safe, healthcare organisations must maintain comprehensive audit trails – something that gets increasingly difficult when data sits in an application that resides in the vendor’s infrastructure.
Additionally, data often does not stay in the applications – instead healthcare users download, save and copy it into other business intelligence tools, creating data sprawl across the organisation and exposing patient privacy to greater risk.
With so many of these tools that are meant to spur growth and more effective care creating compliance challenges, it begs the question: how can healthcare organisations take advantage of the data they have without risking non-compliance?
Yes, healthcare organisations can adhere to regulations while also getting valuable insights from the wealth of data they have available. However, to help do this, organisations must own their data. This means data must be backed up and stored in an environment that they have control over, rather than in the SaaS vendors’ applications.
Backing up historical SaaS application data directly from an app into an organisation’s own secure cloud infrastructure, such as AWS or Microsoft Azure, makes it easier, and less costly, to maintain a digital chain of custody – or a trail of the different touchpoints of data. This not only increases the visibility and auditability of that data, but organisations can then set appropriate controls around who can access the data.
Likewise, having data from these apps located in one central, easily accessible location can decrease the number of copies floating around an organisation, reducing the surface area of exposure while also making it easier for organisations to securely pull data into business intelligence tools.
When healthcare providers have unfettered access to all their historical data, the possibilities for growth and insights are endless. For example, having ownership and ready access to authorised data can help organisations further implement and support outcome-based care. Insights enabled by this data will help inform diagnoses, prescriptions, treatment plans and more, which benefits not only the patient, but the healthcare ecosystem as a whole.
To keep optimising and improving care, healthcare systems must take advantage of new tools like SaaS applications. By backing up and owning their historical SaaS application data, they can do so while minimising the risk to patient privacy or compliance requirements. Having this ownership and access can propel healthcare organisations to be more data-driven – creating better outcomes for everyone.