FDA taking a long-term look at device safety
The Food and Drug Administration appears to be taking a proactive and long-term approach toward improving medical-device safety.
The FDA last week released its Medical Device Safety Action Plan, in which regulators set out their goals for improving device safety, including tracking a product’s performance throughout its life cycle and sparking innovation.
The FDA’s current regulatory framework for devices is from the mid-1970s.
“Safety is an area where there are definitely gaps in device regulation,” said Jim Shehan, senior counsel with Lowenstein Sandler and chair of the firm’s FDA reg- ulatory practice. “The FDA is trying to make the picture better, given the statutory tools that currently exist.”
Updates in the plan include potential initiatives for making sure medical devices are safe, including pushing stronger cybersecurity and a unique device identification system that would track medical devices as they’re distributed and used.
But regulators don’t explain how the unique device identification system would work with existing devices. “The document in general does not address the current in-market devices adequately,” said Dan Dodson, president of consulting firm Fortified Health Security.
In terms of looking ahead, FDA Commissioner Dr. Scott Gottlieb and his fellow regulators want to encourage innovation in device safety.
The agency already sup- ports that goal with the Breakthrough Device Program, established by the 21st Century Cures Act to speed up patient access to treatments for certain serious conditions.
On cybersecurity, the FDA will consider requiring manufacturers to enable patching of their devices from the get-go. The agency will also consider requiring companies to give the agency and users a software bill of materials, which would help users better manage their devices and the devices’ software.
The agency could, in the future, require manufacturers to disclose when vulnerabilities arise, according to the plan. This fills an important gap, said Beth Pitman, an attorney with Waller Lansden Dortch and Davis. Just as HIPAA security rules apply to providers, so should similar rules for medical-device manufacturers, she said.