Thank goodness, the FDA could start regulating healthcare IT systems

A few years ago I wrote that the FDA should be paying closer attention to healthcare IT systems and consider regulating those systems the same as any other medical devices. After all, some healthcare IT systems can kill just as easily as medical devices.

I hate quoting myself, but here’s what I wrote back in 2005:

If the FDA were paying attention, they would see that lots of hospital information systems, especially those making it over to the clinical side through clinical decision support, should really be regulated. After all, they already regulate blood banking software and that software (which I’ve worked on for years) is not significantly “more important” or “more deadly” than other healthcare software like CPOEs. Without regulations we in the clinical informatics world do not spend the time or effort necessary to test for fitness or suitability for particular uses. We don’t perform large-scale simulations. We often don’t conduct risk analyses the way we should. In high-risk software like clinical systems, over 50% of the time spent in the software should be for design and testing (bookends of the development process). And, the design and testing should be well documented and materials publicly available if appropriate.

As a developer, enterprise architect, and entrepreneur who’s worked in the health IT world for a long time, I’d hate to have more government regulation in our industry than is absolutely necessary. However, if we’re not careful and we don’t do a good job policing ourselves, we won’t have anyone else but ourselves to blame when the FDA comes knocking on our doors wondering about how we develop high risk software.

I remembered my previous post because I saw FDA Considers Regulating Safety of Electronic Health Systems on Huffington Post today. Here’s what they had to say:

The FDA has been studying the issue for several years. Its latest concerns are surfacing as the government ramps up an ambitious plan to spend as much as $27 billion in stimulus money helping doctors and hospitals across the country purchase electronic medical records systems that rely on digital software rather than paper medical charts.

Many health policy experts believe that fostering greater use of health information technology, which officials refer to as HIT, will significantly improve the quality of medical care, cut costs and reduce medical errors and waste. The government hopes to have an electronic medical record for every American by 2014.

But digital medical systems are not risk-free. Over the past two years, the FDA’s voluntary notification system logged a total of 260 reports of “malfunctions with the potential for patient harm,” including 44 injuries and the six deaths. Among other things the systems have mixed up patients, put test results in the wrong person’s file and lost vital medical information.

Yikes. We see all this focus on “meaningful use” but almost no discussion on safety critical systems and how the government will ensure that software being built is being built right and with high quality. Without stricter regulations like we have on medical devices, I’m afraid we won’t get the safety attention we need to bring to bear.

Hospital IT systems can, do, and will kill when not used or implemented properly. It’s a shame that we need the government to improve quality but maybe just the fear of regulations can do the trick.