Annual Evaluation of Health IT: Are We Stuck in a Holding Pattern? (Part 3 of 3)

The previous installments of this article covered major regulatory initiatives and standards projects. Some of the same questions have a direct impact on technological advances.

Medical Devices: Always With You, But Neither Here Nor There

One ad I saw compares a fitness device to a friend whispering in your ear wherever you go. Leaving aside control freak issues, what could be better for a modern patient with a condition that responds to behavior change than a personal device? Through such devices, we can implement a 24/7 cycle of medical care. We can also save enormous sums of money by treating the patient in his natural environment instead of a hospital or rehab facility.

The rapid spread of health devices was a foregone conclusion even before Apple thrust it into the mainstream with HealthKit. Last month’s launch of ResearchKit suggests that Apple will do the same for the big data revolution in health care championed by the Personal Genome Project, 23andMe (now back in the business after being reined in by the FDA), PatientsLikeMe, and other pioneer organizations. Apple Watch, an indulgence expected to grab the hearts of the affluent, might pull off the paradigm shift in how we interact digitally that Google Glass aimed at.

For these devices to make the leap from digital pets to real medical intervention, including a strengthening of the bond between clinicians and patients, they must satisfy stringent requirements for safety and accuracy. Current FDA regulations distinguish (in very rough terms–I am not a lawyer) between devices that make diagnoses or recommend treatments and other devices that merely measure vital signs or deliver reminders. If you make a diagnosis or recommend a treatment, you need to undergo a complex and expensive evaluation. People can also submit problems they find about your device to FDA’s medical device database.

Safety, accuracy, and transparency are goals well worth pursuing. The problem is not the cost of certification techniques, but the vast gulf between the development model assumed by certification and the one followed by modern developers of both software and hardware.

Development methods nowadays are agile. Developers incrementally release versions of software or hardware and upgrade them every few months. But certification processes require retesting every time the smallest change is made. And that’s reasonble because any tweak (even a configuration change out in the field) can cause a working device to fail. Such certifications work well for embedded systems in airplanes and nuclear facilities, and even critical medical devices that may live in patients’ bodies for decades. But they slow innovation to a crawl and raise prices precipitously.

Oddly enough, the tension between agile development and certification affects medical devices and electronic health records (EHRs) equally, and EHRs are equally prone to errors or misleading interfaces. Yet medical devices are regulated while EHRs are not. This contradiction must be resolved–but perhaps not by dropping the anvil of safety certification on all software used in medicine. The FDA can search for a more supple regulatory process that blesses certain classes of hardware and software while allowing for variation within them, backed up by guidelines for robust development and testing.

The FDA understands that it’s in an untenable situation but doesn’t know what to do. They have shaved off certain devices and marked them for lower levels of scrutiny, such as devices that transfer or display data collected elsewhere. The FDA has also led a muddled discussion over a national “test bed” for medical devices. More regulatory clarity in the area of both devices and EHRs, along with a push by regulators and users for better development practices, could help the field take off and realize the promise of personal devices.


I’m excited about the possibilities of health IT, but concerned that the current environment is insufficiently friendly for its deployment. On top of all the other factors I’ve cited that hold back the field, consider the urgent shortage of health IT staff. Providers and development firms have been bidding up salaries to steal each other’s employees, and attempts to increase the pool have shown disappointing results.

What I hear is that IT experts would love to get into health care, knowing that it can help the public immensely as well as pay off financially. But they have balked at the technical and working conditions in the field: hide-bound institutions, 50-year-old standards and tools, and of course the weight of standards and regulations to study.

How many of these topics will be covered at HIMSS? FHIR will be widely considered, I know, and the buzz over Meaningful Use is always strong. The question what will prod change in the system. Ultimately, it may come from a combination of consumer demand and regulatory pressure. Progress for the sake of progress has not been a prominent trait of health IT.

About the author

Andy Oram

Andy Oram

Andy Oram writes and edits documents about many aspects of computing, ranging in size from blog postings to full-length books. Topics cover a wide range of computer technologies: data science and machine learning, programming languages, Web performance, Internet of Things, databases, free and open source software, and more. My editorial output at O'Reilly Media included the first books ever published commercially in the United States on Linux, the 2001 title Peer-to-Peer (frequently cited in connection with those technologies), and the 2007 title Beautiful Code. He is a regular correspondent on health IT and health policy for He also contributes to other publications about policy issues related to the Internet and about trends affecting technical innovation and its effects on society. Print publications where his work has appeared include The Economist, Communications of the ACM, Copyright World, the Journal of Information Technology & Politics, Vanguardia Dossier, and Internet Law and Business.