The U.S. Food and Drug Administration (FDA) recently released final version of its guidance, General Wellness: Policy for Low-Risk Devices (Policy), with a webinar slated for September 1st as part of the rollout. While not much has changed from the 2015 draft guidance, the number of mobile apps and general wellness products that are pushing the limits of what the FDA believes could be “devices” under the Food, Drug, and Cosmetic Act (FDCA) increases daily.
In order to fit under the FDA Policy, the product needs to both solely marketed for general wellness and present a low risk of safety to the user and other persons. The guidance provides useful examples that anticipate the desire to help “reduce the risk of” or “live well with” chronic conditions, the most interesting boundaries of the Policy for those wishing to differentiate themselves within the wellness industry.
Agency metrics on the 513(g) Requests for Information may provide some feedback on the impact of the Policy since its draft issuance, and future enforcement needs to be monitored for defining the limits of the Policy.
*This post is co-authored by Vince Sampson
On Tuesday the Senate passed the Cybersecurity Information Sharing Act (CISA). The House had passed a similar bill, the Protecting Cyber Networks Act, in April of this year. The Act comes in the wake of many large scale data breaches, such as that suffered by health insurer Anthem. Supporters of the bill, including leading health IT groups such as the College of Health Information Management Executives (CHIME) and the Association for Executives in Health Information Security (AEHIS), argue that the Act will stop hackers by getting companies that have been breached to share information with federal law enforcement. However critics, including tech companies such as Apple and Twitter, argue CISA is an excuse for federal officials to gain information on individuals without a warrant and that the potential for disclosure will reduce consumer confidence.
In January 2015, the U.S. Food and Drug Administration (FDA) released its draft guidance on general wellness products, a reassuring indication that the FDA will focus its efforts on regulating higher risk products rather than products that present a low risk to users. Cooley recently collaborated with Worrell to develop the algorithm below to help companies determine whether their product may qualify as a general wellness product.
Yesterday, a bipartisan group of representatives from the House of Representatives’ Energy and Commerce Committee released a new discussion draft of the 21st Century Cures initiative. This draft is the latest step in the Committee’s year-long attempt to accelerate new medical innovations and improving the way they are brought to market. According to a release from the Committee, the discussion draft includes provisions that:
- Incorporate the patient perspective in the discovery, development, and delivery process.
- Increase funding for the National Institutes of Health, both through reauthorization and $10 billion over five years in mandatory funding, starting in FY 2016.
- Foster development of treatments for patients facing serious or life-threatening diseases.
- Repurpose drugs for serious or life-threatening diseases and conditions.
- Modernize clinical trials.
- Break down barriers to increased collaboration and data sharing among patients, researchers, providers, and innovators.
- Help the development of personalized and precision medicines so the right patient can receive the right treatment at the right time.
- Provide for continued work in the telehealth space.
- Advance a truly interoperable health care system.
- Provide clarity for developers of software products used in health management and medical care.
Of note, is what is not in this draft. FIrst, the discussion draft (which I should point out is only half the length of the version released in January) , doesn’t include expansion of exclusivity for branded pharmaceuticals – something that was seen as a barrier for securing bipartisan and broad stakeholder support. It should be pointed out though that the draft has placeholder language that may leave the door open for exclusivity incentives. Second, the draft does not address how to expand Medicare to pay for telemedicine. On this point, a bipartisan group of eight members of the Energy and Commerce Committee, led by Rep. Greg Harper (R-Mississippi) are hard at work to come up with legislative language that spurs adoption of telemedicine but that doesn’t cost CMS (and taxpayers) billions of dollars.
While the schedule is fluid, Energy and Commerce Chairman Fred Upton (R-Michigan) has stated that he wants to mark up the bill before Congress takes its Memorial Day recess and schedule a vote in the House of Representatives in June. Today, the Committee held a hearing today to take testimony on the draft from HHS and FDA.
Stay tuned for further updates and analysis.
As we discussed in our previous post, Premera Blue Cross (Premera) recently revealed that it suffered a massive data breach potentially exposing the personal data of 11 million customers. On Thursday Premera was hit with a proposed class action lawsuit in Washington federal court accusing it of negligence associated with the data breach. The suit claims that the letters notifying customers of the breach did not reach those affected within the 60 day notification period required by HIPAA, as Premera discovered the breach in January and letters may not reach all individuals affected until late April. The suit also argues that the breach came just weeks after federal auditors warned Premera of security issues.
Health care is always a major issue in Washington, DC but recently how to promote innovation in medtech has become a priority within that conversation. Thus far, 2015 has produced a major legislative initiative in the form of 21st Century Cures, a significant report from the Federal Trade Commission (FTC) on the Internet of Things (IoT) and several pieces of guidance from the Food and Drug Administration (FDA) aimed at reducing regulatory burden for digital health. This is on top of the perennial debate over eliminating the medical device tax (there is an increasing likelihood of this actually happening!). This increased visibility for medtech in Washington bears close attention from company executives and counsel because it will shape the future for regulating medtech at the federal level. Presently, policymakers seem focused on protecting medtech companies’ ability to innovate in general, but that climate can change quickly with pressure from consumer groups and other interests. Click here for an overview of some of the more significant issues being discussed in Washington that could impact medtech growth and innovation.
Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business, dating back to as early as 2002. The insurer said its investigation revealed the initial malware attack occurred on May 5, 2014, and access went undetected until January 29, 2015. This breach adds to the growing list of hacks against health care companies and should again be an alert that systems must be adequately protected from sophisticated hackers.