Amdis 2013 fda oversite classen


Published on

Published in: Health & Medicine, Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Amdis 2013 fda oversite classen

  1. 1. © 2006 HCC, Inc. CD000000-0000XX FDA OVERSIGHT OF HIT ITS COMING AND YOU CAN’T STOP IT David C Classen MD, MS Associate Professor of Medicine University of Utah and CMIO Pascal Metrics June 2013 AMDIS
  2. 2. © 2006 HCC, Inc. CD000000-0000XX
  3. 3. Health IT and Patient Safety: Building Safer Systems for Better Care EMBARGOED UNTIL NOVEMBER 10, 2011, 10:30 AM
  4. 4. The New Challenge : Reducing Harm with HIT Department of Health and Human Services OFFICE OF INSPECTOR GENERAL 15,000 Medicare beneficiaries per month experience adverse events contributing to death State with Safety Program Flat-line Improvement
  5. 5. Is safety improving in the US? Landrigan CP, Parry GJ, Bones CB, Hackbarth AD, Goldmann DA, Sharek PJ. Temporal trends in rates of patient harm resulting from medical care. New England Journal of Medicine. 2010 Nov; 363(22):2124-2134.
  6. 6. 6 Slope: 0.98 (95% CI 0.93, 1.04 p = 0.47) Trends in All Harms Over Time: External Landrigan et al., New Engl J Med 2010; 363: 2124-34
  7. 7. 12 Features of safer health IT
  8. 8. 13 Recommendations: Summary Current market forces are not adequately addressing the potential risks associated with use of health IT All stakeholders must coordinate efforts to identify and understand patient safety risks associated with and prevented by health IT : Facilitating the free flow of information about HIT Creating a reporting and investigating system for health IT– related deaths, serious injuries, or unsafe conditions Researching and developing standards and criteria for safe design, implementation, and use of health IT
  9. 9. 14
  10. 10. 15
  11. 11. 16 Recommendation 1 The Secretary of Health and Human Services (HHS) should publish an action and surveillance plan within 12 months that includes a schedule for working with the private sector to assess the impact of health IT on patient safety and minimizing the risk of its implementation and use. The plan should specify: a. The Agency for Healthcare Research and Quality (AHRQ) and the National Library of Medicine (NLM) should expand their funding of research, training, and education of safe practices as appropriate, including measures specifically related to the design, implementation, usability, and safe use of health IT by all users, including patients. (continued on next slide)
  12. 12. 17 Recommendation 1 (continued) b. The Office of the National Coordinator for Health IT (ONC) should expand its funding of processes that promote safety that should be followed in the development of health IT products, including standardized testing procedures to be used by manufacturers and health care organizations to assess the safety of health IT products. c. ONC and AHRQ should work with health IT vendors and health care organizations to promote post-deployment safety testing of EHRs for high prevalence, high impact EHR- related patient safety risks. d. Health care accrediting organizations should adopt criteria relating to EHR safety. e. AHRQ should fund the development of new methods for measuring the impact of health IT on safety using data from EHRs.
  13. 13. 18 Recommendation 2 The Secretary of HHS should ensure insofar as possible that health IT vendors support the free exchange of information about health IT experiences and issues and not prohibit sharing of such information, including details (e.g., screenshots) relating to patient safety. Recommendation 3 ONC should work with the private and public sectors to make comparative user experiences across vendors publicly available.
  14. 14. 19 Recommendation 4 The Secretary of HHS should fund a new Health IT Safety Council to evaluate criteria for assessing and monitoring the safe use of health IT and the use of health IT to enhance safety. This council should operate within an existing voluntary consensus standards organization. Recommendation 5 All health IT vendors should be required to publicly register and list their products with ONC, initially beginning with EHRs certified for the meaningful use program.
  15. 15. 20 Recommendation 6 The Secretary of HHS should specify the quality and risk management process requirements that health IT vendors must adopt, with a particular focus on human factors, safety culture, and usability.
  16. 16. 21 Recommendation 7 The Secretary of HHS should establish a mechanism for both vendors and users to report health IT–related deaths, serious injuries, or unsafe conditions. a. Reporting of health IT–related adverse events should be mandatory for vendors. b. Reporting of health IT–related adverse events by users should be voluntary, confidential, and nonpunitive. c. Efforts to encourage reporting should be developed, such as removing the perceptual, cultural, contractual, legal, and logistical barriers to reporting.
  17. 17. 22 Recommendation 7-8
  18. 18. 23 Recommendation 8 The Secretary of HHS should recommend that Congress establish an independent federal entity for investigating patient safety deaths, serious injuries, or potentially unsafe conditions associated with health IT. This entity should also monitor and analyze data and publicly report results of these activities.
  19. 19. 25 Recommendation 9 a. The Secretary of HHS should monitor and publicly report on the progress of health IT safety annually beginning in 2012. If progress toward safety and reliability is not sufficient as determined by the Secretary, the Secretary should direct the FDA to exercise all available authority to regulate EHRs, health information exchanges, and PHRs. b. The Secretary should immediately direct the FDA to begin developing the necessary framework for regulation. Such a framework should be in place if and when the Secretary decides the state of health IT safety requires FDA regulation as stipulated in Recommendation 9a above.
  20. 20. 26 26
  21. 21. 1. Continuously improve the safety of health IT products: • Code of conduct: ONC will work with developers on a code of conduct that commits developers to: Work with Patient Safety Organizations (PSOs) — or similar entities — to report, aggregate, and analyze health IT – related safety events • Support providers in reporting safety events • Collaborate with private sector efforts to make comparative user experience with different EHR systems more available ONC-Authorize Accrediting Bodies’ (ONC-ACB’s) surveillance and ONC certification: o ONC will leverage ONC-ACB surveillance and live testing to ensure safety features are functional in live environments and that developers address safety complaints • ONC will continue to incorporate safety into its standards and certification criteria • Manufacturer and User Facility Device Experience: ONC will monitor health IT adverse event reports to the FDA’s MAUDE database 2. Improve understanding of health IT and patient safety: • AHRQ Common Formats to enhance provider reporting: The Agency for Healthcare Research and Quality (AHRQ) and ONC will work with providers and PSOs to incorporate AHRQ Common Formats into providers’ health IT and reporting systems. AHRQ Common Formats allow for easy, real-time reporting and aggregation of patient safety events and risks • PSOs and AHRQ to collect, aggregate and analyze patient safety reports: AHRQ, in collaboration with ONC, will work with PSOs, providers, and developers to add a focus of health IT to their collection, aggregation, analysis, and mitigation of providers’ adverse event reports • AHRQ will also provide guidance to PSOs on how they can work with providers to use health IT to improve reporting and mitigate health IT risks 3. Promote safe use of health IT as part of a culture of safety among providers: • Align Centers for Medicare & Medicaid Services’ (CMS’) safety standards for health care facilities, its interpretive guidance, and surveyor trainings to add a focus on health IT and patient safety
  22. 22. 4. Incorporate safety requirements into Meaningful Use: CMS Medicare and Medicaid EHR Incentive Programs and ONC’s Standards and Certification Criteria rulemakings have been and will continue to be used to improve patient safety 5. Establish Priority Areas: • ONC plans to lead a public-private process to identify health IT safety priority areas, measures, and targets – building from current research to develop health IT safety guides and assess effectiveness of health IT safety interventions • HHS plans to support research and development of tools and guidance for using health IT to improve safety and mitigate health IT safety risks 6. Establish the ONC Safety Program: • Coordinate the implementation of the Health IT Safety Plan • Comprehensively analyze data from identified reporting programs • Eliminate or significantly reduce inefficiencies across the programs • Develop policies and procedures to establish an ad hoc HHS multi-agency committee to address major health IT safety issues 7. Evaluate and monitor approaches: • During implementation, ONC will continually evaluate the effectiveness of the Health IT Safety Plan and determine whether additional actions are required to better capitalize on health IT’s potential to improve patient safety • ONC will collaborate with FDA and the Federal Communications Commission (FCC), to produce a report that proposes a strategy and recommendations for an appropriate, risk- based regulatory framework for health IT which promotes safety and innovation
  23. 23. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 29 Food and Drug Administration Safety and Innovation Act of 2012 The Food and Drug Administration (FDA) Safety and Innovation Act of 2012, which was passed by Congress and signed into law in July 2012, requires the HHS secretary, “acting through the Commissioner of Food and Drugs, and in consultation with the National Coordinator for Health Information Technology and the Chairman of the Federal Communications Commission,” to post a report within 18 months that “contains a proposed strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health information technology, including mobile medical applications, that promotes innovation, protects patient safety, and avoids regulatory duplication.”
  25. 25. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 31 Why a Different Oversight Framework for Clinical Software is Needed  Safety in health IT is a shared responsibility among developers, implementers, and users across the health IT life cycle  Health IT safety relates not only to how it is designed and developed, but also how it is customized, implemented and used.  Health IT is constantly being upgraded and modified.  Importantly, health IT is designed to inform—not take the place of— clinical decision-making.  Many factors (beyond design and development) impact patient safety in health IT:  Quality of data that resides in systems  Level of interoperability and exchange  Integration of software into clinical workflows  Appropriateness of clinical interventions
  26. 26. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 32 Oversight Framework Should Reflect the Following Five Principles: 1. Any framework should recognize and support the important role that health IT plays in improving quality, safety and cost-effectiveness of care, as well as the patient’s experience of care. 2. Assuring patient safety, along with enabling positive patient outcomes, is a shared responsibility that must involve the entire health care system 3. Any framework for patient safety in health IT should be risk-based, flexible and not stifle innovation. 4. Existing safety and quality-related processes, systems, and standards should be leveraged for patient safety in health IT. 5. Reporting of patient safety events related to health IT is essential; a non-punitive environment should be established to encourage reporting, learning and improvement.
  27. 27. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 33 Focus on Principle 1: Any Framework Should Recognize the Important Role That Health IT Plays in Improving Health and Health Care  Research shows that health IT has a positive impact on the quality, safety, and cost-effectiveness of health care  Health IT plays a critical foundational role in rapidly emerging delivery system and payment reforms, such as accountable care arrangements and the patient-centered medical home  However, because of its widespread adoption, we must work together to continuously improve the quality and safety of systems
  28. 28. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 34 Focus on Principle 2: Assuring Safety is a Shared Responsibility throughout the Health IT Life Cycle
  29. 29. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 35 Focus on Principle 3: Any Framework for Patient Safety in Health IT Should be Risk-Based, Flexible, and Not Stifle Innovation  Health care is a continually evolving ecosystem that is now undergoing considerable change.  Health IT plays a foundational role for rapidly emerging delivery system and payment reforms.  Clinical software changes frequently—sometimes weekly to address new requirements and user needs  Any framework for health IT should be flexible enough to support the innovation needed for a rapidly changing health care system and evolutionary nature of clinical software
  30. 30. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 36 Focus on Principle 4: Existing safety and quality-related processes, systems, and standards should be leveraged  Policies, processes, systems and standards which are well-established, should be leveraged for patient safety and health IT oversight.  Duplicative processes should not be created.
  31. 31. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 37 Focus on Principle 5: Reporting of Patient Safety Events is Essential; A Non-Punitive Environment Should be Established to Encourage Reporting, Learning and Improvement  Any framework for patient safety in health IT should be data-driven. Reporting is essential to understanding the nature and magnitude of health IT-related events  The framework should support and promote reporting, sharing, and analysis of patient safety events in a non-punitive environment that maintains confidentiality and enables learning and improvement  Aggregation and analysis of events and timely feedback to developers, implementers, and users is also crucial so that necessary changes can be made and future risk mitigated
  32. 32. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 38 A Risk-Based Oversight Framework for Health IT
  33. 33. 39AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT Factors That Determine Level of Oversight
  34. 34. AN OVERSIGHT FRAMEWORK FOR PATIENT SAFETY AND HEALTH IT 40 Key Components of an Oversight Framework for Clinical Software that Protects Patients and Assures Patient Safety 1. Agreement on and adherence to recognized standards and guidelines for assuring patient safety in the development, implementation and use of health IT 2. Support for the implementation of standards and guidelines as well as development and dissemination of best practices through education, training, and technical assistance 3. Developer, implementer, and user participation in patient safety activities, including reporting, analysis (e.g. identification of root cause), and response (e.g. corrective action, mitigation of future risk), while leveraging patient safety organizations 4. Creation of a learning environment through the aggregation and analysis of data to identify and monitor trends, mitigate future risk, and facilitate learning and improvement
  35. 35. The Three Agencies (FDA,FCC,ONC) Must Propose A strategy and recommendations on an appropriate, risk-based regulatory framework pertaining to health information technology, including mobile medical applications, that promotes innovation, protects patient safety, and avoids regulatory duplication. 42
  36. 36. What does safety mean? Assure that the software does not -- 1. Hurt someone? – IT accessory to a medical device causes the device to hurt someone – Pretty hard for standalone IT to hurt someone directly 2. Fail to help someone? – Related to effectiveness – Does less that it promises to do  Maybe fails to consider human factors to allow proper use  Breaks down at inconvenient times  Poor design means it is ineffective at its task – But the harm may be similar to the manual system it was supposed to improve, heightened by dependence 3. Mislead someone through the information it provides? – Factual error – Objectively wrong advice – Subjectively not the best advice? 43
  37. 37. Protecting patient safety Is the regulation narrowly tailored to do its job? The manner and degree of regulation should be based on level of risk to patients 44
  38. 38. While Minimizing side effects Protecting innovation Allow for Off Label Use – we probably need a part of the framework that can accommodate “off label use”, as many of our pediatric specialists and researchers advance practice faster than the new approvals may process Expedient – timely approvals of new products, innovation, and fixes/repairs/replacements of same Lightweight – seek to reduce the cost burden to patients, families, and providers of care, vs. increase it through the addition of regulatory compliance costs 45
  39. 39. Ancillary goals Maintaining predictability and minimizing disruption  Avoid duplication among agencies and laws  Jurisdiction of FDA should not be diminished in its spheres of expertise and experience, e.g., regulation/clearance/approval of medical devices. Its current jurisdiction should not be transferred to ONC, FCC etc.  As a corollary, the other respective Agencies, ONC, FCC, should have primacy in their own regulatory spaces, e.g.,  ONC – certification of EHRs, FCC – broadcast spectrum  Regulations written to be clear and predictable  Categories of products to be regulated should be defined as clearly as possible. Dedicated efforts must be made to harmonize definitions internationally Stakeholders should have ongoing input as part of the regulatory development process into the respective regulatory agencies as new applications emerge, since the applications’ environment is constantly evolving and will continue to do so in the future 46
  40. 40. SCOPE--Products Types - Categories  EHRs (installed, Saas)  Hospital Information Systems-of-systems  Decision support algorithms  Visualization tools for anatomic, tissue images, medical imaging and waveforms  ? Health Information Exchanges  Electronic/robotic patient  Claims processing  Health benefit eligibility  Practice management / Scheduling / Inventory management  Healthcare provider communication tools (e.g., email, paging)  Population management tools  Software using historical claims data to predict future utilization/cost of care  Cost effectiveness analytic software  Diseases severity scoring algorithms  Electronic guideline distribution  Disease registries In Scope Out of Scope
  41. 41. Draft Risk Framework, v1.5
  42. 42. 49 Safety as a system property  Safety is a characteristic of a sociotechnical system  System-level failures occur almost always because of unforeseen combinations of component failures
  43. 43. 50 Questions? researchers- implementers/federal-advisory- committees-facas/fdasia