As we kick off 2022, several recent developments from FDA suggest that this year could be pivotal for the Agency’s digital health priorities.  From new FDA offices and artificial intelligence guidance, to FDA’s user fee commitments and must-pass legislation in Congress, this post outlines five key issues to watch in 2022 related to FDA and

On September 15, 2021, CMS published a proposed rule to repeal the Medicare Coverage of Innovative Technology (MCIT) and Definition of “Reasonable and Necessary” Final Rule (“MCIT/RN Rule”), which was published on January 14, 2021 and was set to take effect on December 15, 2021.  The MCIT/RN Rule would have created a pathway to provide

On September 15, the Federal Trade Commission (“FTC”) adopted, on a 3-2 party-line vote, a policy statement that takes a broad view of which health apps and connected devices are subject to the FTC’s Health Breach Notification Rule (the “Rule”) and what triggers the Rule’s notification requirement.

The Rule was promulgated in 2009 under the Health Information Technology for Economic and Clinical Health (“HITECH”) Act.  Under the Rule, vendors of personal health record that are not otherwise regulated under the Health Insurance Portability and Accountability Act (“HIPAA”) are required to notify individuals, the FTC, and, in some cases, the media following a breach involving unsecured identifiable health information.  16 C.F.R. §§ 318.3, 318.5.  Third-party service providers also are required to notify covered vendors of any breach.  16 C.F.R. § 318.3.


Continue Reading FTC Adopts Policy Statement on Privacy Breaches by Health Apps and Connected Devices

On August 23, 2021 the UK Government published its report entitled “Harnessing technology for the long-term sustainability of the UK’s healthcare system” (the “Report”). The Report calls for system-wide adoption of technology in the UK health system to enable transformative change that will benefit the health and wellbeing of the UK and promote economic growth.  However, the Report cautions that technology alone cannot overcome the inequalities that lead to disparities in health outcomes and that digital tools for health should be accessible to all, or risk exacerbating health inequalities as a result of a “digital divide”. The Report notes how the COVID-19 pandemic has both exposed the limitations of the current system and highlighted the capability of the UK National Health Service (“NHS”) for responding with flexibility and agility. The Report also makes several recommendations to the UK Government, including to set up “Demonstrators” to test the system-wide application of healthcare technologies.

The Report arrives ahead of the expected publication of the UK Government’s review into the use of health data for research and analysis (see our earlier blog here), and outlines the opportunities presented by technology in the context of public healthcare systems.


Continue Reading UK Government Publishes Report on Harnessing Technology For Benefit of the UK Healthcare System

The International Coalition of Medicines Regulatory Authorities (“ICMRA”) has published a report on the use of artificial intelligence (“AI”) to develop medicines (the “AI Report”) that provides a series of recommendations on how regulators and stakeholders can address challenges posed by AI.  The ICMRA notes that there are numerous opportunities to apply AI to medicines development, but that AI poses a number of challenges to existing regulatory frameworks.  The AI Report discusses these opportunities and challenges in detail based on several case studies, and provides a set of recommendations for implementation by the ICMRA and its member authorities, which includes the European Medicines Agency (the “EMA”), the USA’s Food and Drug Administration, and the World Health Organisation.  Based on the AI report, we expect to see an increased focus on adapting regulatory frameworks to deal with AI products going forwards both on an international and national level.

Continue Reading ICMRA Publishes Report and Recommendations on AI and Medicinal Products

Legislation that would amend California’s Confidentiality of Medical Information Act (“CMIA”) is working its way through California’s Senate and passed in the Senate Health Committee earlier this week.  The proposed bill passed in the state’s Assembly back in April.  Introduced by Democratic California Assemblymember Edwin Chau, who sits on the Privacy and Consumer Protection Committee, the proposed legislation (AB 1436) expands the definition of “provider of health care.”  Under the CMIA, providers of health care are subject to various obligations, including provisions that restrict the disclosure of medical information without a prior valid authorization, subject to certain exceptions.
Continue Reading Proposed Bill Would Expand the Scope of the CMIA

On June 22, 2021, Congressional leaders Diana DeGette (D-DO) and Fred Upton (R-MI) released a bipartisan follow-up to the 2016 21st Century Cures Act“Cures 2.0”—a “discussion draft” at this stage—is intended to build upon the Cures Act.  The draft lays out several notable policies related to digital health, real-world data/evidence (RWD/E), and

On February 9, 2021, the UK Government’s Department for Health and Social Care (“DHSC”) announced a review into the efficient and safe use of health data for research and analysis for the benefit of patients in the health sector (“Review”). The DHSC encourages stakeholder feedback in the context of the Review, and will be of particular interest to organisations that have, or seek to have, access to NHS patient data for research purposes.

Continue Reading UK Government Announces Review Into Use Of Health Data For Research And Analysis

The Federal Trade Commission (“FTC”) announced this month a proposed settlement against Flo Health, Inc. (“Flo”), the developer of popular menstrual cycle and fertility-tracking application (the “Flo App”), resolving allegations that “the company shared the health information of users with outside data analytics providers after promising that such information would be kept private.”  The proposed settlement requires Flo, among other things, to obtain review by an “independent third-party professional” of its privacy practices, obtain users’ consent before sharing their health information, alert users whose data was disclosed, and require third-parties that previously received that data to destroy it.
Continue Reading FTC Reaches Settlement with Digital Health App, Requires First Notice of Privacy Action

FDA has long recognized the significant potential of artificial intelligence- and machine learning- (AI/ML-) based software as a medical device (SaMD) to transform health care as well as the unique challenges presented by AI/ML-based software under the Agency’s traditional medical device regulatory framework.  On January 12, 2021, FDA issued the Artificial Intelligence/Machine Learning (AI/ML)-Based Software