The Digital Health Reports page houses digital health reports including the biennial Non-Device Software Functions Report and the FDASIA Health IT Report.
July 14, 2022
Patient Safety Input Requested: Software Functions Excluded from Device Definition by 21st Century Cures Act
The U.S. Food and Drug Administration (FDA) requests input on patient safety, including best practices to promote patient safety, education, and competency, associated with medical software functions that are excluded from the medical device definition by the 21st Century Cures Act. This input will help the FDA develop a report on the risks and health benefits of non-device software functions, which include certain software functions intended for:
- Administrative support of health care facilities;
- Encouraging a healthy lifestyle;
- Serving as electronic patient records;
- Transferring, storing, converting formats, or displaying data; and
- Providing limited clinical decision support.
Who should comment: Patients and other health care consumers, health care providers, startup companies, health plans or other third-party payors, venture capital investors, information technology vendors, health information technology vendors, small business purchasers, employers, and any other interested stakeholders.
Reports on Non-Device Software Functions: Impact to Health and Best Practices
Section 3060(a) of the 21st Century Cures Act, enacted on December 13, 2016 (Pub. L. 114-255), amended the Federal Food, Drug, and Cosmetic Act (the FD&C Act) to exclude certain software functions from the definition of device under section 201(h) of the FD&C Act (21 U.S.C. 321(h)). These functions are described in section 520(o)(1) of the FD&C Act (21 U.S.C. 360j(o)(1)) and are the focus of this report.
Section 3060(b) of the 21st Century Cures Act requires a report to be published every two years that examines information available to the Secretary on any risks and benefits to health associated with the software functions described in section 520(o)(1) of the FD&C Act, and provides summary findings on the impact of non-device software functions on patient safety, including best practices.
- 2020 Report on Non-Device Software Functions (PDF - 6.7 MB)
- 2018 Report on Non-Device Software Functions (PDF - 278KB)
FDASIA Health IT Report
On April 3, 2014, the FDA, Federal Communications Commission (FCC), and the Office of the National Coordinator for Health IT (ONC) released the FDASIA Health IT Report outlining a proposed strategy and recommendations for a risk-based framework.
Health information technology, or health IT, is defined by the federal government’s Office of the National Coordinator for Health IT (ONC) as, “hardware, software, integrated technologies or related licenses, intellectual property, upgrades, or packaged solutions sold as services that are designed for or support the use by health care entities or patients for the electronic creation, maintenance, access, or exchange of health information.”
Health IT is the framework that enables the management of health information across multiple electronic systems and devices, such as wireless medical devices, hospital information systems, communications infrastructure, and electronic health record (EHR) systems. Three federal agencies, the FDA, ONC, and the FCC each have unique responsibilities in the health IT arena.
As health IT evolves, the FDA believes that all stakeholders should understand regulatory requirements surrounding its use. Under the direction of the Food and Drug Administration Safety Innovation Act (FDASIA) of 2012, the FDA worked with FCC and ONC to propose a strategy and make recommendations on an appropriate, risk-based regulatory framework for health IT that promotes innovation, protects patient safety, and avoids unnecessary and duplicative regulation.
The three agencies are committed to a vision that supports a strong health system based on safe and innovative health IT that improves and advances public health.
On 4/3/2014, the FDA, FCC and ONC released the FDASIA Health IT Report outlining a proposed strategy and recommendations for a risk-based framework.
- Memorandum of Understanding (MOU) among the Federal Communications Commission, the Office of the National Coordinator for Health Information Technology, and the Food and Drug Administration
- Health IT workgroup to discuss patient safety, innovation, and regulatory efficiency
- Federal Register: Proposed Risk-Based Regulatory Framework and Strategy for Health Information Technology Report; Notice to Public of Availability of the Report and Web Site Location; Request for Comments