Tuesday, January 11, 2011

FDA eyes regulation of wireless networks at clinics, hospitals - Computerworld

Computerworld - As more hospitals and clinics plug patient monitoring equipment and other devices into traditional data networks, the closer the U.S. Food and Drug Administration (FDA) comes to regulating the networks as medical devices.

Currently, most hospitals and clinics manage medical devices on discrete networks to better ensure the safety and security of those systems. But there is a trend toward consolidation, particularly onto wireless networks, for easier management.

"We're trying to get away from separate networks and put those medical devices on the IT backbone; the problem is that backbone has never been tested to support these medical systems," said Rick Hampton, wireless communications manager for Partners HealthCare System in Boston.

In 2008, the FDA released its Medical Device Data System (MDDS) proposal, which is aimed at reclassifying health IT. The proposed regulation would define medical devices as anything that provides electronic transfer, exchange, storage, retrieval, display or conversion of medical device data without altering the function or parameters of any connected device.

"If you take a thing and connect that thing to a medical device as defined by the FDA, and that thing extracts medical data as defined by the FDA ... and it takes that data and transports, displays, stores or manipulates that data, then that thing is a medical device," Hampton said.

Partners Healthcare, which includes Massachusetts General Hospital, Brigham and Women's Hospital, and Dana-Farber/Partners CancerCare, is for now keeping its medical devices on stand-alone wireless networks, according to Hampton. But that's frustrating for IT administrators who would rather manage all of their wireless networks as a single system for convenience. At the same time, "most IT departments look at being regulated with quite a bit of disdain. Being a regulated medical device, you can't make changes to those networks willy-nilly," Hampton said.

The FDA encouraged the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) to form a joint working group to draft a standard that addresses management risks associated with medical IT networks. After years of work, the IEC 80001-1 Risk Management Standard was finalized in November by both the IEC and the Association for the Advancement of Medical Instrumentation.

The standard is aimed at protecting patient safety, patient data security, and effectiveness of care, said Karen Delvecchio, the lead systems designer at GE Healthcare. "Those three things all have some risk associated with them in medical IT networks, and in fact they need to be balanced. Often we do things to increase effectiveness that brings safety risks. Or we may increase security to the degradation to safety risks or effectiveness."

Posted via email from Tony Burkhart

No comments:

Post a Comment