The U.S. Food and Drug Administration released draft guidance clarifying that device manufacturers may share patient-specific information from medical devices with patients when the patients request it.
In the guidance the FDA states that it developed the draft guidance “to facilitate the appropriate and responsible dissemination of patient-specific information recorded, stored, processed, retrieved, and/or derived from medical devices from manufacturers to patients. This draft guidance provides recommendations to industry, healthcare providers, and FDA staff about the mechanisms and considerations for device manufacturers sharing such information with patients when they request it.”
The FDA specifies that patient-specific information can include, but is not limited to, recorded patient data, device usage/output statistics, healthcare provider inputs, incidence of alarms, and/or records of device malfunctions or failures. Generally, categories for patient-specific information may include, but are not limited to data a healthcare provider inputs to record the status and ongoing treatment to an individual patient or information stored by the device to record usage, alarms, or outputs (e.g., pulse oximetry data, heart electrical activity, and rhythms as monitored by a pacemaker).
“FDA believes that providing patients with access to accurate, useable information about their healthcare when they request it (including the medical products they use and patient-specific information these products generate) will empower patients to be more engaged with their healthcare providers in making sound medical decisions,” the FDA wrote in the guidance.
The FDA guidance specifically clarifies that the Health Insurance Portability and Accountability Act (HIPAA) and the associated HIPAA Privacy mandated the adoption of federal privacy protections for individually identifiable health information. “These protections are intended to prevent manufacturers from sharing this information with covered entities (e.g. health plans, healthcare providers that electronically transmit health information) without the patient’s consent.”
The FDA guidance further states, “However, these protections are not intended to prevent a device manufacturer from sharing patient-specific information with the affected patient.”
In the guidance, the FDA also suggests that device manufacturers should take certain considerations into account when sharing patient-specific information to help to ensure it is useable by patients and to avoid the disclosure of confusing or unclear information that could be misinterpreted. “These considerations relate to the content of information provided, the context in which patient information from medical devices should be understood, and the need for access to additional, follow-up information from the manufacturer or a healthcare provider,” the FDA stated.
As an example, the FDA stated, the manufacturer may choose to provide supplementary instructions, materials or references to aid patient understanding. If this supplemental material meets the definition of labeling, it would be subject to regulation by the FDA and the relevant requirements and restrictions would apply, according to the FDA.
“Generally, patient-specific information provided to patients should be comprehensive and contemporary. For example, if a patient requests a history of his own blood pressure measurements from a device, the data should include all available data up through the most recent measurement,” the FDA wrote in the guidance.
With regard to the context of the device data, the FDA guidance recommends that when device manufacturers provide data regarding a measured physiological parameter over time, “it may be useful to a patient to include information regarding how that parameter was measured and recorded by the medical device.”
“In another example, if information is being provided regarding the activity of a pacemaker, information regarding the circumstances under which an electrical impulse is delivered by the device may provide helpful context.”