AAMI News December 2016
2016 News in Review
From cybersecurity to third-party service, regulatory changes to patient safety, 2016 provided no shortage of headlines and debates. So what were the top healthcare technology stories of the past year? Here are our picks.
Hackers Zero In on Healthcare
Cases of hackers holding healthcare organizations’ information technology (IT) networks and patient data hostage made headlines during the first half of the year, starting with a high-profile incident at Hollywood Presbyterian Medical Center in California. From April 2015 to April 2016, more than half of U.S. hospitals were hit with ransomware, and another 25% were either unsure or had no way of knowing whether they could have been affected, according to a survey conducted by Healthcare IT News and HIMSS Analytics.
Medical device cybersecurity also came under scrutiny after researchers uncovered more than 1,400 third-party software vulnerabilities in older versions of the Pyxis SupplyStation system. Later, a startling (and disputed) report of alleged vulnerabilities in St. Jude Medical’s implantable heart devices by investment firm Muddy Waters and cybersecurity research firm MedSec Holdings set off a flurry of claims and counterclaims—and even a lawsuit.
In a bid to help secure patient information and devices, multiple government agencies and other organizations released guidance for hospitals and manufacturers. The U.S. Department of Health and Human Services Office for Civil Rights issued a document that explained what ransomware is and how to stop it from taking hold of sensitive data. The Food and Drug Administration (FDA) published draft recommendations of actions manufacturers should take after a device is on the market, which included monitoring and assessing risk, sharing information about vulnerabilities within the medical device community, and taking proactive measures to mitigate risk. AAMI released TIR57, Principles for medical device security—Risk management, which seeks to help manufacturers better identify and address cyberthreats during medical device development.
FDA Dives into Contentious Device Service Debate
In March, the FDA made waves when it announced it was gathering information from original equipment manufacturers, third-party companies, and the healthcare community about the refurbishment, rebuilding, reconditioning, remarketing, remanufacturing, and servicing of medical devices. The resulting debate culminated in a two-day public workshop at the end of October, where all stakeholders voiced a commitment to patient safety but clashed over fundamental questions related to reporting requirements for device-related incidents, access to information and parts, competition in the marketplace, and even whether there is truly a service problem to begin with. The FDA has said it will prepare a white paper that will identify any next steps it will pursue. It’s clear this debate is far from over.
AAMI Selects New CEO
After months of searching, the AAMI Board of Directors named Robert D. Jensen, a former Marine and longtime executive in the healthcare industry, as the association’s new president and CEO. Jensen, who started at AAMI on Nov. 14, came to the association after 16 years at the MITRE Corporation, where he most recently served as a vice president with a focus on modernizing healthcare.
Jensen is just the third president and CEO in AAMI’s 50-year history, succeeding Mary Logan who is retiring after a highly successful eight-year tenure (see related story). “I want the organization to know they’ll get everything I have,” Jensen said.
Regulatory Changes Shake Up Business in Europe
This summer, European lawmakers put into place stricter rules for how medical devices get onto the market and how they are monitored once they are available. The rules, which also call for increased transparency for patients and tougher scrutiny of high-risk devices, won’t go into effect for several years, but manufacturers are already preparing for a new reality. Things were further complicated by the “Brexit” vote: the United Kingdom’s (U.K.) decision to leave the European Union (E.U.). Whether the new medical device regulations will be implemented in the U.K. will depend on whether it is still a member of the E.U. when the legislation takes effect.
FDA Sharpens Focus on Postmarket Surveillance
There’s a shift underway at the FDA with the agency saying it wants to streamline the process for getting safe and effective medical devices out to patients, while also increasing the postmarket surveillance of those products. The thinking is that with better tracking and collection of data related to devices, regulators and manufacturers can react more quickly to any potential problems that may arise once these devices are on the market.
One of the FDA’s Center for Devices and Radiological Health’s (CDRH) strategic priorities for 2016–2017 is to establish a national evaluation system for medical devices. At a meeting in April hosted by the University of Maryland’s Center of Excellence in Regulatory Science and Innovation, this system was presented as a way to strike a balance between faster, cheaper research and long-term, real-world data to assure safety and efficacy.
A major component of the national evaluation system is the unique device identifier (UDI) system, which is being phased in. The agency is pushing for UDIs to be included in the next revision of Medicare claims forms, a move that would save both time and money, according to the Office of the Inspector General for the U.S. Department of Health & Human Services.
Community Homes in on Healthcare-Associated Infection Prevention
With more reports of improper cleaning and disinfection of devices and surgical instruments surfacing, device-related healthcare-associated infections (HAIs) have become a top patient safety concern. During the AAMI 2016 Conference & Expo, George Mills, director of engineering at The Joint Commission (TJC), told attendees that surveyors are increasingly finding noncompliance with standard IC.02.02.01, which requires organizations to reduce the risk of infections associated with medical equipment, devices, and supplies. Mills cautioned that TJC will be paying closer attention to HAIs and the contribution of the environment of care to the overall problem.
To help find solutions, AAMI hosted an invitation-only stakeholder event in collaboration with TJC, the American Hospital Association, the Centers for Disease Control and Prevention, and CDRH. More than 100 experts were tasked with identifying a list of HAI hazards and articulating potential solutions and mitigation strategies. A summary of the forum will be available online with a model risk-assessment protocol expected to be published during the spring of 2017 (see related story).
Hospitals Work to Eliminate Nuisance Alarms
As the number of clinical alarms from devices such as ventilators and infusion pumps has grown, so has alarm fatigue, a condition in which clinicians become desensitized to the cacophony of alerts and beeps. This problem has been so pervasive that TJC established a National Patient Safety Goal for clinical alarm management. Hospitals are expected to have established and implemented policies and procedures for reducing nonactionable alarms—and could be found in noncompliance by surveyors if they are lacking such policies.
To help healthcare organizations meet this goal, the AAMI Foundation published a complimentary toolkit, called the Clinical Alarm Management Compendium, which outlines practices used by leading institutions. The Foundation also released a framework that aims to provide a consistent roadmap for hospitals trying to reduce nonactionable alarms.
Industry Sees More Mergers and Acquisitions
Last December, a PricewaterhouseCoopers report dubbed 2016 the “year of merger mania,” and that was not an overstatement, as rapid consolidation continued both for medical device manufacturers and the healthcare industry as a whole.
For example, early this year Stryker paid billions to acquire Sage Products and Physio-Control International, IBM Watson bought health analytics firm Truven, and Smith & Nephew purchased surgical robotics firm Blue Belt Technologies. Abbott still has a pair of multibillion-dollar acquisitions pending, as it looks to merge with St. Jude Medical and point-of-care diagnostic company Alere. Just a few months ago, California-based ICU Medical, Inc. purchased Hospira Infusion Systems from Pfizer for $1 billion in cash and stock, and Siemens Healthineers acquired Berlin-based point-of-care device interface and data management developer Conworx Technology for an undisclosed amount. With the new healthcare landscape favoring large companies that can leverage economies of scale, this trend is likely to continue.
Annual Conference Is One for the Books
The AAMI 2016 Conference & Expo, which was held June 3–6 at the Tampa Convention Center, set a new record with 2,350 people in attendance. This conference brought education to the Expo floor for the first time and included additional professional development sessions, augmenting an agenda filled with more than 50 presentations and roundtables. Attendees also had the opportunity to see interoperability standards come to life through AAMI’s interactive systems exhibit. The conference ended with a bang, as many attendees braved the wind and rain of Tropical Storm Colin as it battered the Tampa Bay area.
Systems Thinking Begins to Take Root
Systems engineering principles have been employed in a range of industries—from aerospace to defense—but are just starting to be leveraged in healthcare. According to a number of experts who gathered at AAMI’s headquarters in Arlington, VA, in April, the only way the delivery of healthcare will truly improve is if all of the players in that system learn to think more holistically and appreciate just how complex it has become. This event was part of a collaboration with the International Council on Systems Engineering that was designed to evaluate and refine an emerging systems engineering modeling approach to healthcare operations.
Throughout 2016, AAMI also provided systems thinking training to standards committee co-chairs in an effort to improve the output of the standards development process. Moving forward, AAMI is planning to incorporate systems thinking into the co-chair training held during AAMI Standards Week, followed by a more in-depth look at systems thinking for standards development early next year.