[Openid-specs-heart] What is Health Data?

Aaron Seib aaron.seib at nate-trust.org
Fri Jan 20 19:35:17 UTC 2017 

I think 21st Century Cures established one line to consider with regards to
what is in scope for the FDA to regulate.

 

TITLE III—DEVELOPMENT 

Sec. 3060. Clarifying Medical Software Regulation (pg. 257-264)  

·        The term ‘device’ shall be excluded from regulation by the FDA if
the software function of the device is intended for: 

o   Such purposes as administrative support of a health care facility,
including the processing and maintenance of financial records, claims or
billing information, appointment schedules, business analytics, population
health management, and laboratory workflow, among others; 

o   Maintaining or encouraging a healthy lifestyle, unrelated to diagnosis,
cure, mitigation, prevention, or treatment of a disease or condition. 

o   Electronic patient records, including patient-provided information, to
the extent that such records are intended to transfer, store, convert
formats, or display the equivalent of a paper medical chart, as long as: 

§  The records were created, stored, transferred, or reviewed by health care
professionals, or by individuals working under supervision of such
professionals 

§  Such records are certified under section 3001(c)(5) of the Public Health
Service Act

 

Is there any useful criteria for your purposes that you can derive from
this?

 

Aaron Seib, CEO

@CaptBlueButton 

 (o) 301-540-2311

(m) 301-326-6843



 

From: Openid-specs-heart
[mailto:openid-specs-heart-bounces at lists.openid.net] On Behalf Of Glen
Marshall [SRS]
Sent: Friday, January 20, 2017 2:10 PM
To: HEART List
Subject: [Openid-specs-heart] What is Health Data?

 

In our discussion this past week we did not drill-down on use cases about
sharing data from personal health data collection devices, e.g., Fitbit or
environmental activity monitors, or medically prescribed devices, e.g.,
Holter monitors.  In the case of medically prescribed monitors, the data
they collect is clearly health data.  On the other hand, data on personal
wearable devices only becomes medical data when it is shared for that
purpose.  Activity monitors are in-between, as they can be used in an
non-medical assisted living setting or in medical long term care.

 

Where do we set the boundary between health data and other data?  What do we
do when that boundary shifts, as it has for wearable devices over the last
couple of decades?  What is the mechanism for granting permission for
medical use when such devices lack a UX?  Are there existing policies for
this, i.e., is it in scope for HEART, or should we make recommendations for
policy development?

 

  _____  

Glen F. Marshall
Consultant
Security Risk Solutions, Inc.
698 Fishermans Bend
Mount Pleasant, SC 29464
Tel: (610) 644-2452
Mobile: (610) 613-3084
gfm at securityrs.com
www.SecurityRiskSolutions.com

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20170120/f945888b/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 3204 bytes
Desc: not available
URL: <http://lists.openid.net/pipermail/openid-specs-heart/attachments/20170120/f945888b/attachment.jpg>

More information about the Openid-specs-heart mailing list