Federal Government’s Proposed Risk-Based Regulatory Framework for Health IT: A Step in the Right Direction

The federal government’s proposed risk-based regulatory framework and strategy for health information technology (IT) is the right approach for protecting patient safety while also maintaining an environment that promotes innovation in the rapidly evolving field of health IT.

On April 7, 2014, the Food and Drug Administration (FDA), the Office of the National Coordinator for Health IT (ONC), and the Federal Communications Commission (FCC) released the FDASIA Health IT Report: Proposed Strategies and Recommendations for a Risk-Based Framework (FDASIA Report). That report fulfilled the requirement of the Food and Drug Administration Safety and Innovation Act (FDASIA) of 2012, which was passed and signed into law in July 2012. Today, the Bipartisan Policy Center’s (BPC) Health Innovation Initiative submitted public comments on the report to the FDA, ONC, and FCC.

Overall, BPC is pleased to see that the concepts and elements of the FDASIA Report are in significant alignment with BPC’s Oversight Framework for Assuring Patient Safety in Health IT, developed in collaboration with hundreds of experts and stakeholders across every sector of health care, and released more than one year ago.

Key BPC principles reflected in the FDASIA Report include:

1. Recognition that the safety of health IT relies not only on how it is designed and developed, but also on how it is customized, implemented, integrated, and used. Therefore, assuring patient safety is a shared responsibility that must involve the entire health care system, including those who develop, implement, and use health IT.
2. Any framework for patient safety in health IT should be risk-based, flexible, and not stifle innovation.
3. Existing safety and quality-related processes, systems, and standards should be leveraged for patient safety in health IT.
4. Reporting of patient safety events related to health IT is essential.

The draft FDASIA Report also proposes an oversight framework that includes the following four elements which are consistent with key components of the BPC framework.

1. Promoting the use of quality management principles;
2. Identifying, developing, and adopting standards and best practices;
3. Leveraging conformity assessment tools, such as product testing, certification, and accreditation; and
4. Creating an environment of learning and continual improvement, which includes reporting, aggregation, analysis, and response, and the creation of a learning environment to facilitate improvement.

BPC commends the administration for its inclusive and public approach towards the development of its proposed strategy and health IT regulatory framework and its inclusion of key principles and recommendations reflected in our report of last year.

BPC also urges Congress to take action to support key elements of the FDASIA report.

Read BPC’s comment letter to FDA, ONC, and FCC on the draft FDASIA Health IT Report.