Monitoring Medical Devices: An Update

FDA Provides a Progress Report
Monitoring Medical Devices: An Update

The Food and Drug Administration has proposed several ways to improve post-market medical device surveillance for adverse events and safety issues, including malware-related incidents. The plan includes the previously announced effort to create a unique identification system for medical devices, which could be incorporated into electronic health record data (see: Medical Device ID Proposal Unveiled).

See Also: Ondemand Webinar | Navigating the Security Maze of the Remote Worker with Splunk

The FDA says its new report, "Strengthening Our National System for Medical Device Post-Market Surveillance," is the first step in its effort to improve post-market surveillance of medical devices, including implantable devices such as pacemakers that wirelessly transmit data.

The FDA is hosting four public meetings this month to obtain suggestions on how it can strengthen surveillance. The agency is also soliciting feedback on the report via the web.

FDA Criticism

The FDA report comes a few months after a study by University of Massachusetts Amherst, Harvard Medical School and Beth Israel Deaconess Medical Center in Boston suggested that the FDA needs to improve post-market surveillance of medical devices.

That study found that information from FDA databases can be extracted to find records about the reporting of adverse events and recalls of devices that had problems with labeling, battery failure, sterility and software issues. However, little or no information was available about product recalls and adverse events related to privacy and security problems, such as malware (see: Medical Device Security Info Lacking.)

Dale Nordenberg, M.D., founder of the Medical Device Innovation, Safety and Security Consortium, believes a unique ID for medical devices could help address those problems. "An ID system will support surveillance for all types of adverse events because it enables accurate identification and surveillance of a specific device," he says.

But Rick Hampton, a wireless network manager at Partners Healthcare in Boston with a clinical engineering background, says having an ID for a device doesn't necessarily make it easier for clinicians to identify the cause of a problem, whether it's due to a physical malfunction or malware.

"Most clinicians aren't forensic experts with technologies like this," he says. While the IDs might help in the reporting of adverse events to the FDA, it will be up to the FDA to effectively analyze reports to help identify if a medical device - including those connected to a network - is having an issue due to malware or another problem, he says. But the FDA can only conduct a meaningful analysis and investigation if it receives adequate, accurate data, he points out

Also, as medical device technologies become more sophisticated, tracking down issues caused by software will get tougher, Hampton predicts. "The software in medical devices today is extremely complex - just think about the difference between your cell phone years ago and your smart phone today," he points out.

Identifying Problems

The FDA report notes: "A medical device post-market surveillance system should quickly identify poorly performing devices, accurately characterize and disseminate information about real-world device performance, including the clinical benefits and risks of marketed devices, and efficiently generate data to support premarket clearance or approval of new devices and new uses of currently marketed devices."

The report explains that the FDA's current Sentinel System focuses on querying de-identified administrative and claims data maintained by partner organizations, such as healthcare providers, who share aggregated results with the agency. It also notes: "Most of these records lack manufacturer or brand-specific device identifiers and therefore cannot be leveraged to perform meaningful medical device post-market surveillance."

Creating a unique identification system for medical devices "will enhance post-market surveillance activities by providing a standard and unambiguous way to document device use in electronic health records, clinical information systems and claims data sources," the report says.

"The incorporation of medical device identifiers into EHRs is another key step that would improve patient safety, make the conduct of postmarket surveillance more efficient, and make queries of and de-identified responses from electronic health information more readily usable to support device approval or clearance."

In addition to establishing a unique identification systems and promoting its incorporation into electronic health information, the FDA's other proposals to improve post-market surveillance of medical devices are:

  • Promoting the development of national and international device registries for selected products;
  • Modernizing adverse event reporting and analysis;
  • Developing and using new methods for evidence generation, synthesis and appraisal.

About the Author

Marianne Kolbasuk McGee

Marianne Kolbasuk McGee

Executive Editor, HealthcareInfoSecurity, ISMG

McGee is executive editor of Information Security Media Group's media site. She has about 30 years of IT journalism experience, with a focus on healthcare information technology issues for more than 15 years. Before joining ISMG in 2012, she was a reporter at InformationWeek magazine and news site and played a lead role in the launch of InformationWeek's healthcare IT media site.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.