By Jof Enriquez,
Follow me on Twitter @jofenriq
While interoperable medical devices could foster innovation at minimal cost, they also can pose a risk to patients if improperly designed. Cognizant that interconnected devices could become the norm, the U.S. Food and Drug Administration (FDA) has issued new recommendations for manufacturers on how to design, develop, and label devices to ensure interoperability, or the ability to safely exchange information.
"Medical device interoperability is not limited to unidirectional patient data but includes more complex interactions, such as exerting command and control over a medical device(s). Establishing and implementing appropriate functional, performance, and interface requirements for devices with such interactions is important," FDA states in the draft guidance.
Failure to follow these requirements during product development "may lead to the exchange of inaccurate, untimely, or misleading information, It may also lead to device malfunction, including the failure to operate, and can lead to patient injury and even death," states the agency, describing an example where a device transmits a patient's weight in kilograms to another device that assumes that the weight measurement is in pounds.
According to Modern Healthcare, the new interoperability draft guidance "makes a nod to the numerous cybersecurity attacks on the healthcare industry in 2015 and predictions that 2016 could be even worse." To mitigate risk, FDA calls for manufacturers to perform a risk analysis and conduct “appropriate testing that considers the risk associated with interoperability.”
FDA wants manufacturers to clearly label a device the functional, performance, and interface requirements of the electronic data interface used in the device. In designing the interface, FDA says manufacturers may choose to use their own design preferences for their interface (in lieu of a published consensus standard) for their medical devices. However, manufacturers should consider the clinical context of the information to be exchanged by the device, and the different types of anticipated users of the device.
"Users, operators, and clinicians need to know the clinical uses and potential risks relevant to the use environment and the clinical task at hand," FDA says. "Maintainers and hospital clinical engineers need to know what actions to take to verify correct configuration and operation. System integrators, system designers, and medical device designers are responsible for the safe and effective operation of their systems or devices and need to know the capabilities of the components they use so that they can perform adequate risk management and validation."
Interoperable medical devices requiring premarket submissions are recommended to include in their application information on device description (including electronic data interfaces), risk analysis, results of verification and validation testing, and labeling (including electronic data interfaces, limitations, precautions, warnings, and contraindications).
"If the device is meant to interact with only a few specific devices, the labeling should explicitly state that the medical device is meant to connect with the specific devices listed (including the version) and that it should not be used with other medical devices or non-medical device technologies," FDA says. "If the interface is only meant to be used by the manufacturer’s technicians for software updates or diagnostics, this should be stated in the labeling in an appropriate way that prevents access by other users."
Throughout the guidance document, FDA references several existing communications on matters related to device interoperability, such as: Guidance for Industry – Cybersecurity for Networked Medical Devices Containing Off-the-Shelf (OTS) Software, FDA Guidance: Labeling – Regulatory Requirements for Medical Devices, and FDA Guidance: Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices.