USA Law and Practice Contributed by: Nadia de la Houssaye, Allison Bell, Emily Degan Vorhoff and Keiana Palmer, Jones Walker LLP
The Department of Health and Human Services (HHS) This is the primary federal department respon- sible for enhancing the health and well-being of Americans and fostering advances in medicine, public health and social services. The Food and Drug Administration (FDA) Within the HHS, the FDA administers and enforces the Federal Food, Drug, and Cosmetic Act (FFDCA), which governs medical devices, including software as a medical device (SaMD). The FDA’s Digital Health Center of Excellence provides specialised oversight of digital health technologies, focusing on patient safety, product efficacy and cybersecurity. The Centers for Medicare & Medicaid Services (CMS) This oversees Medicare, Medicaid, CHIP and Health Insurance Marketplace programmes, establishing coverage and reimbursement poli- cies for digital health services and technologies. The HHS Office for Civil Rights (OCR) This enforces HIPAA Privacy, Security and Breach Notification Rules, ensuring that individ- uals can access and trust the privacy and secu- rity of their health information in digital formats. The Office of the National Coordinator for Health Information Technology (ONC) This co-ordinates nationwide efforts to imple- ment health information technology and pro- mote the secure electronic exchange of health information. The Agency for Healthcare Research and Quality This produces evidence to make healthcare safer and more accessible, and works to ensure that evidence is understood and used.
• oversight of AI and ML systems in healthcare; • regulation of integrated digital health ecosys- tems spanning multiple regulatory domains; • cross-border telehealth services that chal- lenge state-based licensure systems; and • cybersecurity requirements for internet-con- nected medical devices. The fragmented nature of healthcare regulation in the United States creates particular chal- lenges for digital health innovations that often operate across traditional boundaries. State-by- state variations in licensure, privacy laws and corporate practice of medicine doctrines further complicate compliance for digital health provid- ers operating nationally. Additionally, the rapid pace of technologi- cal innovation frequently outstrips regulatory frameworks. By the time regulations are devel- oped and implemented, technologies may have evolved significantly, creating an ongoing cycle of regulatory catch-up. Regulatory bodies have attempted to address these gaps through flexible guidance, enforce- ment discretion and regulatory sandboxes, though comprehensive legislative solutions remain elusive. Future regulatory development will likely require balancing innovation promotion with appropriate safeguards for patient safety, privacy and equitable access. 3. Regulatory Oversight 3.1 Oversight of Digital Healthcare Several federal agencies share responsibility for regulating digital healthcare in the United States, with each focusing on specific aspects based on their statutory authority.
155 CHAMBERS.COM
Powered by FlippingBook