Advanced Bionics, LLC (Valencia, CA)

What is a Software Medical Device for Methods and systems to block the unauthorized access to patient information

Is Your Software a Medical Device for Methods and systems to block the unauthorized access to patient information

One example method involves displaying a user interface that includes the patient list, and receiving input that represents the search term comprising at least one character to identify a specific patient from a plurality listing of patients, and updating the patient lists dynamically in response to the user’s input to ensure that they only contain a few entries that include the search word. Each entry also includes details about the patient, and the user interface also blocks characters that are not search terms from appearing in any of the entries. Corresponding methods and systems are also disclosed.

The Health Insurance Portability and Accountability Act (“HIPAA”) provides federal protections for personal medical information that is held by covered entities and gives patients a variety of rights with respect to that information. HIPAA requires that all appropriate administrative, technical, and physical security measures be put in place to protect the privacy of patient data (e.g. medical records, patient names , or social security numbers). A medical facility such as a doctor’s office or clinic needs to ensure that authorized personnel have only access to electronic patient data.

But, if the medical software application is able to access a large number of patient data files and patient information, it is likely to display the names of patients on a display screen which an authorized user (e.g., a hospital employee) can select a specific patient’s name to access the information corresponding to the patient. However, if the patient happens to be watching the screen while an authorized user is accessing the patient information and the patient is looking at the list of names of patients. This is in violation of HIPAA regulations.

An exemplary method includes displaying a graphical user interface configured to include a patient list displayed therein, receiving user input representative of a search term comprising one or more characters selected to identify a particularpatient included within a plurality of patients, dynamically updating the patient list in response to the received user input to only include a plurality of entries that contain the search term, each of the entries comprising patient informationassociated with a distinct one of the patients, and preventing one or more non-search term characters contained within each of the entries of the patient list from being displayed within the graphical user interface.

Another exemplary method includes maintaining data representative of patient information corresponding to a plurality of patients, receiving user input representative of the search term that includes the one or more characters that are selected to identify an individual patient within the set of patients, dynamically updating a patient list in response to the received user input to only include an array of entries that include the search term, with each entry containing information about a patient related to a particular patient and displaying the entries of the list on a visual user interface, and preventing the non-search-term characters that are contained in entries of the list from appearing in the user interface’s graphic user.

A typical system includes an interface for display and a communication device and a privacy facility selectively and communicatively linked to one another. The display facility is set up to display a patient’s list inside a graphical user interface. The communication facility is designed to take user input that is representative of a search term comprising some or all characters chosen to identify a particular patient included within a plurality of patients. The privacy feature is designed to dynamically update the patient lists upon input from the user. Each entry includes details of the patient connected to a specific patient. The facility also blocks characters that aren’t search terms from being displayed within each entry.

Click here to view the patent on USPTO website.

Get Patents with PatentPC

What is a software medical device?

The FDA is referring to the functions of software that may comprise ” Software as a Medical Device” (SaMD), and “Software in Medical Device (SiMD) ), which is software that is part of (embedded in) the medical device.

Section 201(h) of the?Federal Food Drug, Cosmetic, and Act, 21 U.S.C. 321(h)(1) defines a medical device as ?an instrument, apparatus, instrument an instrument, device implant or in vitro reagent or any similar or similar article, including a component or accessory that’s . . . (b) designed for use in the diagnosis of diseases or other conditions, or in the treatment or mitigation of disease, or prevention of disease in animals or man, or (c) designed to alter the structure or any function of the body of man or other animals.? Thus, to be considered a medical device and therefore subject to FDA regulation, your software must meet one of two criteria:

  • It is essential to use it in the diagnosis and treatment of patients.
  • It should not be designed to change the structure or function of the body.

Therefore, if your program is designed specifically for health professionals to diagnose and treat patients, or is used in hospitals for the management of patient information, the FDA would likely view such software as medical devices subject to regulatory review.

Is Your Software a Medical Device?

According to FDA’s current approach to oversight, which considers the functionality of the software more than its platform, FDA will apply its supervision only to devices for medical use that possess capabilities that be a risk to the safety of patients. Examples of Device Software and Mobile Medical Apps that FDA is focusing on include

  • Software functions that aid patients suffering from diagnosed psychiatric illnesses (e.g. the post-traumatic stress disorder (PTSD) anxiety, depression, obsessive-compulsive disorder) maintain their behavioral ability to cope by offering the “Skill of the day” behavioral technique or audio messages that the user can access when experiencing increased anxiety;
  • Software functions that offer periodic reminders, motivational guidance, and educational information to patients who are recovering from addiction, or who are who are trying to quit.
  • Software functions that use GPS location data to warn asthmatics of environmental conditions which could trigger asthma symptoms, or to warn an addict (substance abusers) when near a pre-identified high-risk area;
  • Software that uses games and videos to motivate patients to exercise at home.
  • Software functions prompt users to choose which medication or herb they would like to take simultaneously. They also provide information on interactions and provide an overview of the kind of interaction that was reported.
  • Software functions that utilize the characteristics of the patient like age, gender and risk factors for behavioral health to offer specific screenings for each patient and counseling, as well as preventive advice from well-known and reputable authorities;
  • Software functions that make use of a list of common symptoms and signs to give advice about when to see the doctor and what to do next.
  • Software functions that lead a user through a questionnaire of symptoms and signs in order to provide a recommendation for the health facility that is most suitable for their needs.
  • Mobile applications that are designed to allow a user to initiate a emergency or nurse call using broadband or mobile phone technology;
  • Mobile apps that enable a patient or caregiver to design and send an alert or general emergency notification to first responders.
  • Software that tracks medications and provides user-configured reminders to improve medication adherence.
  • Software functions that give patients a portal into their personal health information for example, access to information captured during a prior visit to a doctor or historical trends and comparison of vital sign (e.g. body temperature and blood pressure, heart rate or respiration rate);
  • Software functions that show trends in personal healthcare incidents (e.g. rate of hospitalization or alert notification rate)
  • Software functions allow the user to collect (electronically or manually input) blood pressure data , and share this data through e-mail, track and trend it, or even upload it into a personal or electronic health record;
  • Apps that offer mobile apps to track and remind users about oral health. They also provide instruments to monitor patients suffering from gum disease.
  • Mobile applications that give patients suffering from prediabetes advice or tools to assist them develop better eating habits or increase their physical activity;
  • Apps that allow users to display images and other messages on mobile devices, which are a great option for addicts looking to quit addictive behaviors.
  • Software functions that provide safety and drug interactions (side effects and drug interactions, active ingredient, active ingredient) in reports based on demographic data (age and gender) as well as current diagnoses (current medications), and clinical information (current treatment).
  • Software functions allow surgeons to identify the most effective intraocular lens power for the patient and the ideal axis for implant based on the information provided by the surgeon (e.g. the expected surgically induced astigmatism as well as the the length of the patient’s axial, preoperative corneal astigmatism , etc.).
  • Applications, mostly mobile, that converts a mobile platform to an FDA-approved medical device.
  • Software that is connected to an mobile platform using the use of a lead or sensor to monitor and display electrical signals coming from the heart (electrocardiograph; ECG).
  • Software that attaches sensors to the mobile platform, or other tools in the platform, to view or record the eye movements in order to diagnose balance disorders
  • Software that questions potential donors about their donor history and their records and/or sends those answers to a blood collection facility. The software helps determine if a person is eligible before collecting blood or any other component.
  • Software that is connected to an existing device type in order to control its operation, function, or energy source.
  • Software that alters the functions or settings of an infusion pump
  • Software that regulates inflation or deflation of the blood pressure cuff
  • Software is used to calibrate hearing devices and assess the electroacoustic frequencyand audio intensity characteristics, as well as sound quality of hearing aids, master hearing aids, group hearing aids, or group auditory trainers.

What does it mean if your software/SaaS is classified as a medical device?

SaaS founders need to be aware of the compliance risks that medical devices pose. Data breaches are one of the biggest risks. Medical devices often contain sensitive patient data, which is why they are subject to strict regulations. This data could lead to devastating consequences if it were to become unprotected. SaaS companies who develop medical devices need to take extra precautions to ensure their products are safe.

So who needs to apply for FDA clearance? The FDA defines a ?mobile medical app manufacturer? is any person or entity who initiates specifications, designs, labels, or creates a software system or application for a regulated medical device in whole or from multiple software components. This term does not include persons who exclusively distribute mobile medical apps without engaging in manufacturing functions; examples of such distributors may include the app stores.

Software As Medical Device Patenting Considerations

The good news is that investors like medical device companies which have double exclusivity obtained through FDA and US Patent and Trademark Office (USPTO) approvals. As such, the exit point for many medical device companies is an acquisition by cash rich medical public companies. This approach enables medical devices to skip the large and risky go-to-market (GTM) spend and work required to put products in the hands of consumers.

Now that we have discussed the FDA review process, we will discuss IP issues for software medical device companies. Typically, IP includes Patents, Trademarks, Copyrights, and Trade secrets. All of these topics matter and should be considered carefully. However, we will concentrate on patents to demonstrate how careless drafting and lack of planning can lead to problems, namely unplanned disclosures of your design that can then be used as prior art against your patent application.

In general, you should file patent application(s) as soon as practicable to get the earliest priority dates. This will help you when you talk to investors, FDA consultants, prototyping firms, and government agencies, among others. Compliance or other documents filed with any government agency may be considered disclosure to third parties and could make the document public. In general, disclosures to third parties or public availability of an invention trigger a one year statutory bar during which you must file your patent application. Failure to file your application within the required time frame could result in you losing your right to protect your invention.

The information from your FDA application may find its way into FDA databases, including DeNovo, PMA and 510k databases and FDA summaries of orders, decisions, and other documents on products and devices currently being evaluated by the FDA. Your detailed information may be gleaned from Freedom of Information Act requests on your application. This risk mandates that you patent your invention quickly.

When you patent your medical device invention, have a global picture of FDA regulatory framework when you draft your patent application. Be mindful of whether your software/SaaS application discusses the diagnosing and treating patients or affecting the structure or function of the body and add language to indicate that such description in the patent application relates to only one embodiment and not to other embodiments. That way you have flexibility in subsequent discussions with the FDA if you want to avoid classification of your software/SaaS/software as a medical device. In this way, if you wish to avoid FDA registration and oversight, you have the flexibility to do so.

An experienced attorney can assist you in navigating the regulatory landscape and ensure that you comply with all applicable laws. This area of law is complex and constantly changing. It is important that you seek legal advice if you have any questions about whether or not your software should be registered with FDA.

Patent PC is an intellectual property and business law firm that was built to speed startups. We have internally developed AI tools to assist our patent workflow and to guide us in navigating through government agencies. Our business and patent lawyers are experienced in software, SaaS, and medical device technology. For a flat fee, we offer legal services to startups, businesses, and intellectual property. Our lawyers do not have to track time as there is no hourly billing and no charges for calls or emails. We just focus on getting you the best legal work for your needs.

Our expertise ranges from advising established businesses on regulatory and intellectual property issues to helping startups in their early years. Our lawyers are familiar with helping entrepreneurs and fast-moving companies in need of legal advice regarding company formation, liability, equity issuing, venture financing, IP asset security, infringement resolution, litigation, and equity issuance. For a confidential consultation, contact us at 800-234-3032 or make an appointment here.