After a three-year wait, the Food and Drug Administration (FDA) has issued a final rule that reclassifies medical device data systems, or MDDS, as Class I devices that are subject to general regulatory control and exempt from premarket notification requirements.
In a preview to the final MDDS rule, the FDA defines a medical device data system thus:
An MDDS acts only as the mechanism through which medical device data can be transferred, stored, converted or displayed. An MDDS does not modify, interpret or add value to the data or the display of the data. An MDDS does not add to or modify the intended uses or clinical functions that are already contained within the medical devices that provide data to (or receive data through) the MDDS. An MDDS by itself does not control the functioning of any other medical device. … If some of the intended uses of a device fall outside the scope of the MDDS regulation, then the device would not meet the definition of or be regulated as an MDDS.
The final MDDS rule will apply to “all manufacturers,” the FDA says. Critically, this includes hospitals, health care facilities or any other organization that does any of the following:
- Makes any modifications to the MDDS that are outside the parameters of the original manufacturer’s specifications for the device, for purposes of the user’s clinical practice or otherwise for commercial distribution.
- Purchases hardware or software and modifies it to transfer, store, convert or display medical device data for clinical use.
- Develops in-house software with an intended use consistent with an MDDS.
- Develops an in-house system, using multiple components of devices, that has an intended use consistent with an MDDS.
The final MDDS rule, which will be published today in the Federal Register, goes into effect in 60 days. Thirty days after that — May 16, 2011 — the FDA will expect manufacturers to register and list their MDDS, it said. By April 16, 2012, the FDA will expect that “all MDDS manufacturers will have established a compliant quality system and [medical device reporting] system for their devices,” it added.
Other key points from the preview to the MDDS final rule include the following:
- The rule does not apply to electronic health record (EHR), personal health record (PHR), computerized physician order entry (CPOE), e-prescribing or word processing systems. Laboratory information systems and picture archiving and communication systems (PACS) are not medical device data systems either.
- An MDDS can covert data to the HTML; PDF; or Health Level Seven International, or HL7, data formats. However, “an MDDS may not otherwise convert, alter, modify or interpret the data that is received from a medical device,” the FDA said.
- Devices that transfer information for the purpose of information exchange, or that can generate or manipulate data on their own, are not considered medical device data systems.
- Such devices as glucose monitors, blood pressure cuffs and active patient monitors are not MDDS. These are Class III devices because they directly support and sustain a patient’s life; as such, they remain subject to stricter regulatory control, as well as to premarket approval.
- Devices intended for use by people who are not health care professionals (data entry clerks, for example) count as MDDS, though the FDA reserves the right, “if, through normal reporting mechanisms or otherwise, FDA determines that the use of these devices by someone other than a health care professional poses an unreasonable risk of illness or injury.”
The MDDS proposed rule has been on the books since February 2008, and the FDA received public comments until May 8, 2008. It’s unclear why it took the organization so long to act. In any event, the health care industry has been wary of greater FDA involvement in health IT regulation for the last three years — and the MDDS final rule seems to illustrate why.