USA Law and Practice Contributed by: Nadia de la Houssaye, Allison Bell, Emily Degan Vorhoff and Keiana Palmer, Jones Walker LLP
Despite these efforts, regulatory frameworks often struggle to keep pace with rapid inno- vation. The pattern typically follows a reactive cycle: researchers develop new technologies, businesses commercialise these solutions, and regulators subsequently attempt to address potential risks and establish guardrails. 2.4 Technical Standards Technical standards play a crucial role in digital healthcare, providing frameworks that ensure safety, effectiveness, interoperability and secu- rity across technologies. Key aspects include the following. Interoperability Standards Standards organisations such as Health Lev- el Seven International (HL7) develop frame- works such as Fast Healthcare Interoperability Resources (FHIR) that enable different systems to exchange data seamlessly. The 2024 CMS Interoperability and Prior Authorization Final Rule requires implementation of FHIR-based APIs to support electronic prior authorisation and data exchange. Medical Device Standards The FDA recognises consensus standards devel- oped by organisations such as ASTM Interna- tional, the Institute of Electrical and Electronics Engineers (IEEE) and the International Organiza- tion for Standardization (ISO) that address medi- cal device safety, performance and cybersecu- rity requirements. Cybersecurity Frameworks The National Institute of Standards and Tech- nology (NIST) has published numerous “800 Series” special publications on computer/infor- mation security and “1800 Series” cybersecu- rity practice guides providing comprehensive
frameworks for protecting healthcare informa- tion systems. Quality Management Systems International standards such as ISO 13485 establish requirements for quality management systems in medical device development, includ- ing software as a medical device (SaMD). Clinical Decision Support Standards Organisations develop guidelines for the devel- opment, validation and implementation of AI and ML algorithms in healthcare applications. These technical standards support regula- tory compliance, guide industry development, establish minimum performance requirements and promote technological compatibility across healthcare systems. Standards are often incor- porated by reference into regulations or used by regulatory bodies to assess whether products meet safety and effectiveness requirements. 2.5 Issue-Specific Legal Framework Various aspects of digital healthcare are subject to specialised regulatory frameworks. Software as a Medical Device (SaMD) The FDA regulates software intended for medical purposes without being part of hardware medi- cal devices based on risk classification (Class I, II or III). The agency’s Digital Health Center of Excellence provides guidance on SaMD policy, clinical studies and regulatory review. The 21st Century Cures Act excludes certain low-risk software functions from FDA regulation. Self-Care, Wellness and Fitness IT Products Consumer health applications and wearables generally fall outside FDA oversight unless they make specific medical claims. However, they must comply with Federal Trade Commission
153 CHAMBERS.COM
Powered by FlippingBook