Report: health IT requires new oversight framework, not traditional regulations


As the Health and Human Services Department develops a patient safety strategy for health information technology, the Bipartisan Policy Center has put together its own recommendations in a new report (.pdf) to help guide the federal government's regulatory framework for health IT.

In December 2012, HHS released its Health IT Patient Safety Action and Surveillance Plan for Public Comment, which represents the Obama administration's proposed approach for addressing safety in health IT. The FDA Safety and Innovation Act of 2012, passed by Congress and signed into law in July 2012, calls for the HHS secretary to develop—within 18 months—a proposed strategy and recommendations on risk-based regulatory framework pertaining to health IT that promotes innovation, protects patient safety, and avoids regulatory duplication.

According to the BPC report, assuring patient safety in the development, implementation, and use of health IT requires both national focus and public- and private-sector collaboration and leadership. In particular, the report states, assuring safety in clinical software, such as electronic health records, is a shared responsibility among developers, implementers, and users across the various stages of the health IT life cycle.

This kind of software "should be subject to a new oversight framework, rather than traditional regulatory approaches applied to medical devices given its lower risk profile taking into account several factors." The factors that should be considered, the report states, include the level of risk of potential patient harm, the degree of direct clinical action on patients, the opportunity for clinician involvement, the nature and pace of its development, and the number of factors beyond the development stage that impact its level of safety in implementation and use.

As a result, BPC advises that the HHS risk-based, regulatory framework for health IT should include these four elements:

  • Agreement on and adherence to recognized standards and guidelines for assuring patient safety in the development, implementation, and use of health IT.
  • Support for the implementation of standards and guidelines as well as development and dissemination of best practices through education, training, and technical assistance.
  • Developer, implementer, and user participation in patient safety activities, including reporting, analysis, and response, while leveraging patient safety organizations (PSOs).
  • Creation of a learning environment through the aggregation and analysis of data to identify and monitor trends, mitigate future risk, and facilitate learning and improvement.

For more:
-download the report

Related Articles:
CMS issues request for information on hospital and vendor EHR readiness
Patient safety requires coordinated public-private strategy, says ONC plan
Report: Health IT requires greater awareness and innovation to gain widespread use