On Friday, April 19, 2019, the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS) explained in an FAQ the circumstances under which electronic health record (EHR) systems may be subject to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) liability for an app’s impermissible use or disclosure … Continue Reading
On April 2, 2019, FDA released a discussion paper entitled “Regulatory Framework for Modifications to Artificial Intelligence/Machine Learning (AI/ML)-Based Software as a Medical Device (SaMD)” (the “AI Framework”). The AI Framework is the Agency’s first policy document describing a potential regulatory approach for medical devices that use artificial intelligence (“AI”) and machine learning (“ML”). The … Continue Reading
On December 7, FDA published the much-anticipated “Framework for FDA’s Real-World Evidence Program” for drugs and biological products (the “Framework”). In a statement announcing the Framework, Commissioner Gottlieb recognized the opportunities and challenges of using real-world data (“RWD”) and real-world evidence (“RWE”) to enhance regulatory decision-making and noted that leveraging this information is “a top … Continue Reading
As previewed by Commissioner Gottlieb several months ago (see our earlier post here), FDA published a notice in the Federal Register on November 20, 2018, to propose a new framework for “prescription drug-use-related software.” The Agency defines this digital health category widely as software disseminated by a prescription drug sponsor for use with the sponsor’s … Continue Reading
Designing data-driven products and services in compliance with privacy requirements can be a challenging process. Technological innovation enables novel uses of personal data, and companies designing new data-driven products must navigate new, untested, and sometimes unclear requirements of privacy laws, including the General Data Protection Regulation (GDPR). These challenges are often particularly acute for companies … Continue Reading
On 5 September, in response to the opportunities presented by data-driven innovations, apps, clinician decision support tools, electronic health care records and advances in technology such as artificial intelligence, the UK Government published a draft “Initial code of conduct for data-driven health and care technology” (Code) for consultation. The Code is designed to be supplementary … Continue Reading
On 1 May, 2018 the Centre for Policy Studies (the “CPS”) published its latest paper on the UK’s National Health Service (the “NHS”) entitled “Powerful Patients, Paperless Systems: How New Technology Can Renew The NHS” (the “Paper”). The Paper advocates a “digital first NHS” that adopts a paperless system and enables patients to take full … Continue Reading
On April 26, Commissioner Gottlieb addressed the agency’s progress on FDA’s Digital Health Innovation Action Plan and announced several additional steps the agency is taking to advance the potential benefits of digital health. Here is a recap of the key updates: (1) Launch of New FDA Program to Apply Digital Health to Drugs As our … Continue Reading
On the April 25, 2018 the European Commission (the “Commission”) adopted a plan of action to enable the digital transformation of health and care in the Digital Single Market (the “Communication”), intended to put EU citizens at the centre of the healthcare system. This is to be achieved in three ways: 1. Citizens’ secure access … Continue Reading
Inflection Point for IoT In a relatively short amount of time, the adoption of the Internet of Things (IoT) and its applications— from smart cars to the myriad of interconnected sensors in the General Service Administration building reminiscent of HAL 9000 from 2001: A Space Odyssey— has rapidly proliferated, providing significant opportunities and benefits. However, … Continue Reading
On February 1, 2018, Covington’s Digital Health team hosted a webinar examining U.S. and EU regulatory issues for digital health associated with pharmaceuticals. Here are some key takeaways from that webinar: Neela Paykel from Proteus Digital Health, noted that “you need to think outside the box for how to engage, whether you’re a pharma company … Continue Reading
Technology companies widely use open source software (“OSS”), which carries with it many potential benefits. It can reduce the time and cost of development, and, to the extent that the code has been vetted by numerous other developers, may contain fewer bugs. OSS can also reduce dependency upon third party vendors and associated pricing risks. … Continue Reading
On December 8, FDA addressed the agency’s evolving approach to digital health by issuing two new draft guidance documents: “Clinical and Patient Decision Support Software” (the “CDS Draft Guidance”) and “Changes to Existing Medical Software Policies Resulting From Section 3060 of the 21st Century Cures Act” (the “Software Policies Draft Guidance”). These draft guidances announce the … Continue Reading
On November 16, 2017, the Food and Drug Administration (“FDA” or the “Agency”) will hold a public hearing on a proposed approach for sponsors seeking to market devices referencing drugs (“DRDs”) when the drug sponsor does not wish to collaborate with the sponsor of the device. FDA will accept comments to the docket until January … Continue Reading
In the first of a three-part series, Covington’s global cross-practice Digital Health team answers key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle. Key Regulatory Questions About Digital Health Solutions 1. What are … Continue Reading
On 28 June 2017, Advocate General Sanchez-Bordona (AG) presented his opinion in case C-329/16 Syndicat national de l’industrie des technologies médicales and Philips France following a request for preliminary ruling from the Conseil d’État (France) to the Court of Justice of the European Union (CJEU) concerning the laws governing the classification of software medical devices. … Continue Reading
On Friday, July 28, FDA announced a new Software Pre-certification (Pre-Cert) Pilot Program in a Federal Register notice. The Pre-Cert program is one of three main action items discussed in the agency’s recently-released Digital Health Innovation Action Plan. CDRH also held a webinar on August 1 to provide an overview of the program and answer … Continue Reading
On July 27, FDA published its Digital Health Innovation Action Plan. The plan provides details and timelines for the agency’s Digital Health Innovation Plan, announced by FDA Commissioner Scott Gottlieb last month. The action plan describes the agency’s “next steps” over the coming year to “encourage digital health innovation by redesigning [FDA’s] policies and processes … Continue Reading
The UK Information Commissioner’s Office (“ICO”), which enforces data protection legislation in the UK, has ruled that the NHS Royal Free Foundation Trust (“Royal Free”), which manages a London hospital, failed to comply with the UK Data Protection Act 1998 in providing 1.6 million patient records to Google DeepMind (“DeepMind”), requiring the Royal Free to sign an … Continue Reading
The Department of Health and Human Services (HHS) recently published guidance on HIPAA requirements governing the use of cloud computing entities, specifically cloud services providers (CSPs). In this guidance, HHS explains that CSPs that create, receive, maintain, or transmit protected health information (PHI) on behalf of a covered entity or business associate are considered business … Continue Reading
In a new post on Covington’s InsideMedicalDevices blog, we provide an analysis of FDA’s newly issued final guidance document entitled “General Wellness: Policy for Low Risk Devices.” To read the post, please click here.… Continue Reading
On 15 July 2016, the European Commission updated MEDDEV 2.1/6 (the “MEDDEV Guidance), its medical device guidance on the qualification and classification of stand alone software used in the healthcare setting. The updated version replaces an earlier version of MEDDEV 2.1/6 issued by the European Commission in January 2012. MEDDEV 2.1/6 generally stands as a … Continue Reading
Earlier this month the U.S. Department of Health and Human Services (HHS), Office of the National Coordinator for Health Information Technology (ONC), released a report to Congress highlighting “large gaps” in policies and oversight surrounding access to and security and privacy of health information held by certain “mHealth technologies” and “health social media.” mHealth technologies … Continue Reading
The Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently announced a significant settlement with Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS), a business associate under HIPAA, arising from a breach of protected health information (PHI) after the theft of an employee’s iPhone. The iPhone … Continue Reading
