Upload
plan-de-calidad-para-el-sns
View
558
Download
2
Tags:
Embed Size (px)
DESCRIPTION
From Servers to Medical Devices. Wright E. eHealth week 2010 (Barcelona: CCIB Convention Centre; 2010)
Citation preview
From Servers to Medical Devices
Elisabethann Wright
Hogan & Hartson LLP, Belgium
Prof.Dr.med. Björn Berg
Director of Information Technology & Medical Engineering
University Hospital Heidelberg, Germany
Anne-Sophie Bricca
Director EMEA Legal Affairs, CaridianBCT, Belgium
Petra Wilson
Director, Internet Business Solutions Group
Cisco Systems
The legal landscape of medical
devices – the needs
Point-of-care diagnostic device for:
• Seamless integration of data at ward level
• Data integration to national summary EHR
• Anonymous data aggregated locally for
research purposes
• Routine automated device testing
Home monitoring device for:
• Patient clinical data collection
• Routine remote follow-up of patients
• Automated alert of the treating
physician
The legal landscape of medical
devices – legal issues
Medical Device Certification for physical medical devicesMedical Device Certification for software which supports devices Local modifications of the devices - hardware and software Data processing of data from devices Liability for use of on-site and off-site devices
What is a Medical Device?
The current Medical Device Directive defines a medical device as:• “any instrument, apparatus, appliance, software, material or other
article, whether used alone or in combination, including the software intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes and necessary for its proper application, intended by the manufacturer to be used for human beings for the purpose of:
• diagnosis, prevention, monitoring, treatment or alleviation of disease;
• diagnosis, monitoring, treatment, alleviation of or compensation for an injury or handicap;
• investigation, replacement or modification of the anatomy or of a physiological process;
• control of conception;
• and which does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but which may be assisted in its function by such means”.
What is an accessory?
An accessory is defined in the Directive as: • “an article which whilst not being a device is intended specifically by its
manufacturer to be used together with a device to enable it to be used in accordance with the use of the device intended by the manufacturer of the device”.
• The European Commission Guideline (MEDDEV 2.1/1 April 1994), provides: • “the definition of "accessory" requires that the accessory is specifically
intended by the manufacturer of the accessory to be used together with a device. The intended use of the accessory must be such as to enable a device to be used in accordance with its intended use. Therefore a product can only become an accessory to a medical device if the manufacturer of such a product establishes an intended use in conjunction with one or several medical devices.”
• The Directive provides that “accessories shall be treated as medical devices in their own right”.
Software as a Medical Device
• No specific definition of “software” in either regulation or guidance at present. However the Medical Devices Directive provides some direction:• “For devices which incorporate software or which are medical
software in themselves, the software must be validated according to the state of the art taking into account the principles of development lifecycle, risk management, validation and verification” (Annex 1 Essential Requirements, point 12.1a)
• “Stand alone software is considered to be an active medical device” (Annex IX Classification criteria, point 1.4)
• “Software, which drives a device or influences the use of a device, falls automatically in the same class” (Annex IX Classification criteria, point 2.3)
• Harmonised international standards provide guidance: • EN 62304:2006 Medical device software - Software life-cycle
processes (IEC 62304:2006).
Data Flows
Patient
Care
Providers
Point of care
Diagnostic
Device
home
monitoring
devices US Vendor
Technical
support
academic
nephrologists
Tech. Data
Pers. Data
Pers. Data
Scientific Data
Pers. Data Tech. Data
Directive 95/46/EC
Scope: protection of individuals with regards to the processing of
personal data and on the free movement of such data.
Appllicability: to data processed by automated means and data
contained in or intended to be part of non automated filing systems.
Content: strict limits on the collection and use of personal data and
demands that each Member State set up an independent national
body responsible for the protection of these data.
Personal Data
Definition:
Chapter I – Article 2 (a)
“Any information relating to an identifiable
natural person (“data subject”); an identifiable
person is one who can be identified, directly or
indirectly, in particular by reference to an
identification number or to one or more factors
specific to his physical, physiological, mental,
economic, cultural or social identity”.
Derogation
Article 8.3: “processing of data concerning
health is (authorized when) required for the
purposes of preventive medicine, medical
diagnosis, the provision of care or treatment or
the management of health-care services, and
where those data are processed by a health
professional subject under national law or rules
established by national competent bodies to the
obligation of professional secrecy or by another
person also subject to an equivalent obligation of
secrecy.”
Data Controller’s obligations
Controller’s obligations:
• Collection of the data subject's consent (Article 2(h))
• To give information to the data subject (Article 10) :• the identity of the controller and of his representative, if any;
• the purposes of the processing
• the recipient(s)
• To provide a right of access to and a right to rectify
(Article 12)
• To ensure the confidentiality of processing (Article 16)
• To ensure the security of processing (Article 17)
• To notify the supervisory authority (Article 18)
• To act as a Data exporter in case of
transfer to a third country.
Liability Flows
PatientHospital / care
institution
Vendor
Health care
professional
Questions of Liability:
Key actors
5 potentially groups of people have
liability issues:
• The device manufacturer(s)
• The Hospital
• The Healthcare Professionals
• The Internet Service Provider
• The patient
Questions of Liability
Relevant EU level Legislation
Liability for defective products(Dir. 85/374/EC & Directive 1999/34/EC)
General product safety(Dir. 2001/95/EC)
Sale of consumer goods(Dir. 1999/44/EC)
Information society services and eCommerce
(Dir. 2000/31/EC)
Questions of Liability
Key Concepts
• Professional liability for good healthcare services
• Institutional and Vicarious Liability of hospital
• No-fault Liability
• Special liability of Information Society Services providers
• Contributory Liability of Patients