The tremendous advance of technology in smartphone applications and mobile devices has netted obvious benefits and changed the daily lives of millions. Location and data tracking emitted from these devices is used in hundreds of ways, from navigation to medical organ use. But the ownership and use of that data is always not as clear to the participants and parties involved. This is especially notable in the medical device implant field. When device implants are used for patient monitoring and subsequent data gathering, the issue of access and use of data can get complicated.
In the U.S., privacy laws provide protection of doctor-patient information and are centered around the medical records of the patient, drug prescription use, and treatment records. However, once this type of information begins to be captured and analyzed for existing and new purposes, via technology devices, the traditional privacy protections may be stressed. For instance, information inserted into a patient with a pace-maker or defibrillator type device can transmit data to the manufacturer concerning the performance of the device, condition of the patient, and other typically “patient protected” type of data. While the primary purpose of the implant is to treat the irregular heartbeat by shocking it back to normal, the unit can also record, store, and transmit data via wireless monitors. Questions regarding the ownership and use of that data exist.
Many device makers fall under federal rules that dictate that the data emissions are to be obtained by doctor and hospital only. This obviously leaves out consideration of the patient’s ability to access their own medical data. Essentially, the device makers’ customers are the doctors and hospitals, not the patient, therefore leaving the patient out of the loop of data sharing. One view is that patients could choose to participate more in their treatment via their doctor relationship if they had access to this type of data, providing a better doctor-patient relationship. An alternative view is that the data is technical and scientific and is not formulated for useful patient consumption. It is yet to be established whether there is even a sufficient amount of demand from patients who want access to their medical device data to warrant what would be a regulatory federal approval action.
It’s been reported that some firms like Medtronic Inc. $MDT are reviewing the idea of selling the data from defibrillator patients to health systems or insurers who could, for instance, use it for disease analysis, statistical purposes, and cost reduction plans. St. Jude Medical $STJ is currently seeking FDA approval for a device that would provide data designed to help adjust patient medication levels but one that may not actually provide patient treatment. In addition to patient data, device makers may receive measurement data to analyze and better the performance of the device itself.
It is essentially an open field as to what device and implant makers may start to capture – and subsequently monetize – via the implant of devices into human patients.
A significant question posed is whether patients should have access to data generated from a device implanted in their own body, and if so, would that data prove beneficial in the doctor-patient relationship and treatment, and the overall health of the patient themselves?
As the FDA regulates the device manufacturers’ products, the agency may officially weigh in on the larger subject of patient data. A FDA official, Erica Jefferson, recently was quoted as saying the agency supports patient access but would need to review the idea of providing data directly to patients. Anticipated with this approach would be potential changes to U.S. law governing patient access to their health files—HIPAA, or the Health Insurance Portability and Accountability Act. The law was originally put into legislation in 1996 but has not had a major update to reflect the growing use of technology in the medical device implant segment.
While medical implant devices, and the data they gather and disseminate, may be regulated by the FDA, smartphone technology and apps in many cases are not. Many smartphone apps are now available that help users manage their diseases and medical problems, in areas from medical image management to electrocardiography readings. These apps also collect data and are not regulated by FDA or HIPAA guidelines in terms of data use. A worry of course, is that data obtained from an implanted medical device or from a smart phone app could be used to the disadvantage of the user or patient.
As the field advances on both the regulated and unregulated technology fronts, it is expected that more stringent requirements may be forthcoming from the FDA, HIPPA, and even perhaps smartphone manufacturers, in terms of approving the use of their apps created by developers.