In a May 13 public meeting, stakeholders told federal agencies that drafted recommendations for a risk-based health information technology regulatory framework that true regulation certainty can only come from congressional legislation.

Recommendations from the Food and Drug Administration, Office of the National Coordinator for HIT and Federal Communications Commission, expressly state that the framework and priority areas contained in the report "are not binding" regulations and "do not create new requirements or expectations for affected parties." Consequently, some stakeholders made their case that a law passed by Congress is necessary to provide the relative permanence that legislation affords. 

"The draft report in the end is a statement of present regulatory intent," said Dan Haley, vice president of government and regulatory affairs for vendor athenahealth Inc. "Simply put, a statement of present regulatory intent does not and cannot provide regulatory certainty. For all the excellent and encouraging language in the draft, in the end absent congressional action to codify its recommendations, what the agencies are asking of industry is that we trust not only that the human beings currently making regulatory policy will stick to their own recommendations over time, but that their successors will share their perspective as well. That isn't certainty. It's the opposite. It's a leap of faith." 

"My understanding from previous presentations since the draft was released is that the agencies do not believe they need, nor do they necessarily want, congressional action to implement the recommended framework," added Haley. 

Mike Marchlik, vice president of quality assurance and regulatory affairs at McKesson Technology Solutions, made a similar argument supporting the need for legislation. However, Bakul Patel, senior policy advisor for the FDA's Center for Devices and Radiological Health, asserted that regulatory flexibility is critical to keep up with rapidly changing health IT--something that rigid legislation would not allow.

Athenahealth’s Haley responded that "statutory certainty doesn't preclude regulatory flexibility. Congress can draw broad lines to establish the outer parameters of agency authority and discretion without micro-managing those finer lines that FDA and the other agencies should properly be charged with drawing within those parameters."

Both athenahealth and McKesson support H.R. 3303, the Sensible Oversight for Technology Which Advances Regulatory Efficiency Act, establishing three distinct categories of health IT--medical software, clinical software and health software. The legislation calls for the FDA to continue to regulate the highest risk category of “medical software” and charges Congress and the Obama administration with collaborating in the development of a new risk-based regulatory framework for “clinical” and “health” software.

The public meeting on the FDA/ONC/FCC risk-based health IT strategy continues May 14-15 at the National Institute of Standards and Technology in Gaithersburg, Md.

Register or login for access to this item and much more

All Health Data Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access