Should the FDA Regulate EHR Safety?

By Glenn Laffel
03:37 PM

HHS Secretary Kathleen Sebelius probably wishes she never left Kansas.

She’s got one department—the Office of the National Coordinator for HIT (ONC)—that’s passing out HITECH money faster than a street-hawker with peep show tix in order to hasten the dissemination of EHRs.

And she’s got this other department—the Food and Drug Administration—that wants to regulate the dang things because of safety concerns…an idea that, depending on how it’s implemented, would completely gum-up what ONC is trying to do.

The <a href="/directory/food-and-drug-administration-fda" target="_blank" class="directory-item-link">FDA currently has nothing to do with electronic health records. Yet, according to Jeffrey Shuren, who directs the FDA’s Center for Devices and Radiological Health, it’s received reports of 6 deaths and several dozen injuries associated with EHRs on-the-fritz in last 2 years alone.

The mishaps have included mixed-up patients, misplaced test results, missing medical information, and failure to display allergy information, among other things.

“Because these reports are purely voluntary, they may represent only the tip of the iceberg,” Shuren warned. “We believe that a framework of federal oversight of HIT needs to assure patient safety.”

Shuren should only know that any mad dash for EHR cash on the hospital side will overwhelm the legacy EHR vendors who have neither the manpower nor the platform/software flexibility to handle the ensuing flood of customization projects that would be required to accommodate workflows at each hospital...that’s more accidents waiting to happen.

In prepared testimony for an FDA hearing on the matter yesterday, Shuren suggested the FDA could pursue 3 possible regulatory strategies for EHRs:

- Require that EHR vendors register with the FDA, voluntarily report adverse events and fix problems when they arise (Let's call this “Post Market Surveillance Lite”)

- Same as above, but with mandatory adverse event reporting. Additional requirements can be added at the FDA’s discretion: e.g. vendors must show they have software QC systems in place (“Post Market Surveillance”)

- Classify EHRs as Medical Devices, which would make them subject to the same pre-market regulatory scrutiny as, say a defibrillator goes through. In this instance, EHR vendors must prove to the FDA that its product is safe and efficacious before it can go to market (“Pre Market Approval”)r />

What’s Going to Happen
If nothing else, the FDA’s hearings have called attention to the Feds’ obligation to assure EHRs are safe and effective. After all, they’re spending taxpayer dollars to hasten EHR dissemination via HITECH.

But since the Feds are indeed committed to The Great EHR Roll-Out, they need to select a regulatory strategy that doesn’t gum it up. That pretty much eliminates Pre Market Approval.

So the Feds are left with the first 2 options. They can take their pick, knowing that the first is toothless and subject to capture by EHR vendors, and the second will take one to 2 years before it’s underway.

But…the FDA?
Why in the world do we have one HHS department turning the safety of EHRs into a public concern at the same time another is trying to promote their dissemination? Assuming HITECH provisions give ONC proper leeway, the job of assuring safety and efficacy of EHRs should be given to ONC, not the FDA. Sebelius should tell ONC to get it done and call off the dogs over at Food and Drug. It’ll just work better.

To be fair, in January, ONC released an RFP to address “undesirable and potentially harmful unintended consequences” of EHRs. But the FDA didn’t even wait to see how that played out. Do these guys talk to each other?

Glenn Laffel, MD, PhD
Sr. VP Clinical Affairs, Practice Fusion