Tag Archives: health IT

All is Well:  FDA to Host Webinar on its Final Guidance for Low-Risk General Wellness Devices on September 1, 2016

The U.S. Food and Drug Administration (FDA) recently released final version of its guidance, General Wellness:  Policy for Low-Risk Devices (Policy), with a webinar slated for September 1st as part of the rollout.  While not much has changed from the 2015 draft guidance, the number of mobile apps and general wellness products that are pushing the limits of what the FDA believes could be “devices” under the Food, Drug, and Cosmetic Act (FDCA) increases daily.

In order to fit under the FDA Policy, the product needs to both solely marketed for general wellness and present a low risk of safety to the user and other persons. The guidance provides useful examples that anticipate the desire to help  “reduce the risk of” or “live well with” chronic conditions, the most interesting boundaries of the Policy for those wishing to differentiate themselves within the wellness industry.

Agency metrics on the 513(g) Requests for Information may provide some feedback on the impact of the Policy since its draft issuance, and future enforcement needs to be monitored for defining the limits of the Policy.

Leave a comment

Filed under FDA Final Guidance, Health IT, Medical Devices

Implications of the Cybersecurity Bill for the Health Care Industry

*This post is co-authored by Vince Sampson

On Tuesday the Senate passed the Cybersecurity Information Sharing Act (CISA).  The House had passed a similar bill, the Protecting Cyber Networks Act, in April of this year.  The Act comes in the wake of many large scale data breaches, such as that suffered by health insurer Anthem.  Supporters of the bill, including leading health IT groups such as the College of Health Information Management Executives (CHIME) and the Association for Executives in Health Information Security (AEHIS), argue that the Act will stop hackers by getting companies that have been breached to share information with federal law enforcement.  However critics, including tech companies such as Apple and Twitter,  argue CISA is an excuse for federal officials to gain information on individuals without a warrant and that the potential for disclosure will reduce consumer confidence.

Continue reading

Leave a comment

Filed under Health Care, Health Information Privacy, Health IT, HITECH Act, Privacy and Security

General Wellness Products: Will the FDA Regulate Your Medical App or Device?

FDA General Wellness Banner

In January 2015, the U.S. Food and Drug Administration (FDA) released its draft guidance on general wellness products, a reassuring indication that the FDA will focus its efforts on regulating higher risk products rather than products that present a low risk to users. Cooley recently collaborated with Worrell to develop the algorithm below to help companies determine whether their product may qualify as a general wellness product.

In its draft guidance, the FDA states that it will not regulate general wellness products that:
  1. Are intended only for general use, and
  2. Present a very low risk to users’ safety.

According to the FDA’s definition, a “general wellness product” has:

  1. An intended use that relates to maintaining or encouraging a general state of health or a healthy lifestyle, or
  2. An intended use claim that associates the role of healthy lifestyle with helping to reduce the risk or impact of certain chronic diseases or conditions, where it is well understood and accepted that healthy lifestyle choices may play an important role in health outcomes for the disease or condition.

In other words, if your product’s intended use is not limited to the above general wellness intended uses and it does not present a very low risk to users’ safety, the product is outside the FDA’s scope of guidance related to general wellness products.

1 Comment

Filed under FDA Draft Guidance, Health IT, Medical Devices

Lawmakers release new version of 21st Century Cures legislation

Yesterday, a bipartisan group of representatives from the House of Representatives’ Energy and Commerce Committee released a new discussion draft of the 21st Century Cures initiative.  This draft is the latest step in the Committee’s year-long attempt to accelerate new medical innovations and improving the way they are brought to market.  According to a release from the Committee, the discussion draft includes provisions that:

  • Incorporate the patient perspective in the discovery, development, and delivery process.
  • Increase funding for the National Institutes of Health, both through reauthorization and $10 billion over five years in mandatory funding, starting in FY 2016.
  • Foster development of treatments for patients facing serious or life-threatening diseases.
  • Repurpose drugs for serious or life-threatening diseases and conditions.
  • Modernize clinical trials.
  • Break down barriers to increased collaboration and data sharing among patients, researchers, providers, and innovators.
  • Help the development of personalized and precision medicines so the right patient can receive the right treatment at the right time.
  • Provide for continued work in the telehealth space.
  • Advance a truly interoperable health care system.
  • Provide clarity for developers of software products used in health management and medical care.

Of note, is what is not in this draft.  FIrst, the discussion draft (which I should point out is only half the length of the version released in January) , doesn’t include expansion of exclusivity for branded pharmaceuticals – something that was seen as a barrier for securing bipartisan and broad stakeholder support.  It should be pointed out though that the draft has placeholder language that may leave the door open for exclusivity incentives.  Second, the draft does not address how to expand Medicare to pay for telemedicine.  On this point, a bipartisan group of eight members of the Energy and Commerce Committee, led by Rep. Greg Harper (R-Mississippi)  are hard at work to come up with legislative language that spurs adoption of telemedicine but that doesn’t cost CMS (and taxpayers) billions of dollars.

While the schedule is fluid, Energy and Commerce Chairman Fred Upton (R-Michigan) has stated that he wants to mark up the bill before Congress takes its Memorial Day recess and schedule a vote in the House of Representatives in June.  Today, the Committee held a hearing today to take testimony on the draft from HHS and FDA.

Stay tuned for further updates and analysis.


Filed under FDA, Health Care, Health IT, Health Reform, Technology, Telehealth

Class Action Following Health Information Data Breach

As we discussed in our previous post, Premera Blue Cross (Premera) recently revealed that it suffered a massive data breach potentially exposing the personal data of 11 million customers.  On Thursday Premera was hit with a proposed class action lawsuit in Washington federal court accusing it of negligence associated with the data breach.  The suit claims that the letters notifying customers of the breach did not reach those affected within the 60 day notification period required by HIPAA, as Premera discovered the breach in January and letters may not reach all individuals affected until late April.  The suit also argues that the breach came just weeks after federal auditors warned Premera of security issues.

Continue reading

Leave a comment

Filed under Health Care, Health Information Privacy, Health IT, HIPAA, Litigation, Technology, Uncategorized

Early 2015 Federal Policy Developments Impacting Medical Technology Companies

Health care is always a major issue in Washington, DC but recently how to promote innovation in medtech has become a priority within that conversation. Thus far, 2015 has produced a major legislative initiative in the form of 21st Century Cures, a significant report from the Federal Trade Commission (FTC) on the Internet of Things (IoT) and several pieces of guidance from the Food and Drug Administration (FDA) aimed at reducing regulatory burden for digital health. This is on top of the perennial debate over eliminating the medical device tax (there is an increasing likelihood of this actually happening!). This increased visibility for medtech in Washington bears close attention from company executives and counsel because it will shape the future for regulating medtech at the federal level. Presently, policymakers seem focused on protecting medtech companies’ ability to innovate in general, but that climate can change quickly with pressure from consumer groups and other interests. Click here for an overview of some of the more significant issues being discussed in Washington that could impact medtech growth and innovation.

Leave a comment

Filed under Health IT

Another Large Scale Data Breach Announced by Premera Blue Cross

Premera Blue Cross revealed Tuesday it was hit by a sophisticated cyber attack potentially exposing personal data for approximately 11 million of its members including members, employees and others with whom it does business, dating back to as early as 2002.  The insurer said its investigation revealed the initial malware attack occurred on May 5, 2014, and access went undetected until January 29, 2015.  This breach adds to the growing list of hacks against health care companies and should again be an alert that systems must be adequately protected from sophisticated hackers.

Continue reading


Filed under Health Care, Health Information Privacy, Health IT, HIPAA, HIPAA FAQ, HIPAA Omnibus Rule, HITECH Act, Technology, Uncategorized