The need for speedy and more complete access to data is instrumental for healthcare providers, researchers, pharmaceutical, biotech and device companies and public health authorities as they work to quickly identify infection rates, disease trends, outcomes, including antibodies, and opportunities for treatments and vaccines for COVID-19.

A variety of data sharing and collaborations have emerged

Digital health companies are producing increasingly innovative products at a rapidly accelerating pace, fueled in large part by the expansive healthcare data ecosystem and the data strategies for harnessing the power of that ecosystem. The essential role data strategies play make it imperative to address the data-related legal and regulatory considerations at the outset of the innovation initiative and throughout the development and deployment lifecycle so as to protect your investment in the short and long term.

The Evolution of Digital Health

Digital health today consists of four key components: electronic health records, data analytics, telehealth, and patient and consumer engagement tools. Electronic health records were most likely first, followed very closely by data analytics. Then telehealth deployment rapidly increased in response to both demand by patients and providers, the improved care delivery and access it offers, and more recently, the expanded reimbursement for telehealth solutions. Each component of digital health was developed somewhat independently, but they have now converged and are interrelated, integral parts of the overall digital health ecosystem.

The patient and consumer engagement dimension of digital health has exploded over the last five years. This is due, in large part, to consumer and patient demand for greater engagement in the management of their healthcare, as well as the entry of disruptors, such as technology service providers, e-commerce companies, consumer products companies and entrepreneurs. At this point in the evolution of the digital health landscape, the patient and consumer engagement tool dimension pulls in all other key components and no digital health consumer engagement tool is complete without the full package.

Data Strategies and Collaborations as Key Innovation Ingredients

No digital health initiative can be developed, pursued or commercialized without data. But the world of data aggregation and analytics has also changed significantly and become immensely complex in recent years. Digital health innovation is no longer working exclusively within the friendly confines of the electronic health record and the carefully regulated, controlled and structured data it holds. Today, digital health innovation relies on massive amounts of data in a variety of types, in various forms, from a wide variety of sources, and through a wide variety of tools, including patient and consumer wearables and mobile devices.


Continue Reading Consumer Demand in Digital Health Data and Innovation

Digital health is experiencing a boom in investment as the regulatory environment becomes more supportive of digital health services. But as companies seek to make the most of their funding and protect the innovations that drive their product, it is imperative that they protect their intellectual property from being copied or duplicated by others in the market.

What exactly is IP?

Intellectual Property (IP) is generally non-tangible property. You can hold your laptop in your hands or you can stand on a piece of land — those are both tangible examples of property. Intellectual property cannot be physically held or touched. Protections available for intellectual property generally break down into one of four areas: patents; trade secrets, trademark, and copyright.

Patent protection offers an additional layer of protection for digital health solutions compared to copyrights. For example, a company may be eligible for a patent if it has innovated a new approach to identifying data, a new approach to storing data more efficiently, or a new approach to the data structure itself—those are all ways where innovations could be patentable and help extend protection around data.

How does IP apply to data?

If, in a digital health patent application, a company focuses on innovation for a computer-specific problem—such as keeping data private, keeping data secure, de-identifying data—that is usually a homerun argument to the patent office for crossing the first threshold of eligibility for patenting.

This is one of the few areas where the patent office has made it clear that these ideas and invention types are considered patent eligible. Thereafter, of course, remains the traditional challenge of getting a patent, which is to prove that no one before you has invented what you’ve invented. But lately, in the digital health space, that challenge seems to be less difficult to overcome compared to the eligibility challenge.

How to protect IP


Continue Reading Maximizing Your IP Protections in Digital Health

On January 7, 2020, the Director of the US Office of Management and Budget (OMB) issued a Draft Memorandum (the Memorandum) to all federal “implementing agencies” regarding the development of regulatory and non-regulatory approaches to reducing barriers to the development and adoption of artificial intelligence (AI) technologies. Implementing agencies are agencies that conduct foundational research, develop and deploy AI technologies, provide educational grants, and regulate and provide guidance for applications of AI technologies, as determined by the co-chairs of the National Science and Technology Council (NSTC) Select Committee. To our knowledge, the NTSC has not yet determined which agencies are “implementing agencies” for purposes of the Memorandum.

Submission of Agency Plan to OMB

The “implementing agencies” have 180 days to submit to OMB their plans for addressing the Memorandum.

An agency’s plan must: (1) identify any statutory authorities specifically governing the agency’s regulation of AI applications as well as collections of AI-related information from regulated entities; and (2) report on the outcomes of stakeholder engagements that identify existing regulatory barriers to AI applications and high-priority AI applications that are within the agency’s regulatory authorities. OMB also requests but does not require agencies to list and describe any planned or considered regulatory actions on AI.

Principles for the Stewardship of AI Applications

The Memorandum outlines the following as principles and considerations that agencies should address in determining regulatory or non-regulatory approaches to AI:

  1. Public trust in AI. Regulatory and non-regulatory approaches to AI need to be reliable, robust and trustworthy.
  2. Public participation. The public should have the opportunity to take part in the rule-making process.
  3. Scientific integrity and information quality. The government should use scientific and technical information and processes when developing a stance on AI.
  4. Risk assessment and management.A risk assessment should be conducted before determining regulatory and non-regulatory approaches.
  5. Benefits and costs. Agencies need to consider the societal costs and benefits related to developing and using AI applications.
  6. Flexibility. Agency approaches to AI should be flexible and performance-based.
  7. Fairness and nondiscrimination. Fairness and nondiscrimination in outcomes needs to be considered in both regulatory and non-regulatory approaches.
  8. Disclosure and transparency. Agencies should be transparent. Transparency can serve to improve public trust in AI.
  9. Safety and security. Agencies should guarantee confidentiality, integrity and availability of data use by AI by ensuring that the proper controls are in place.
  10. Interagency coordination. Agencies need to work together to ensure consistency and predictability of AI-related policies.


Continue Reading US Office of Management and Budget Calls for Federal Agencies to Reduce Barriers to Artificial Intelligence

A recent McDermott roundtable on European health private equity generated key insights into the future of medtech, digital health, and data analytics, and identified opportunities for companies and investors.

Digital health solutions are widely considered to be the next big growth market. Healthcare lags significantly behind other industries when it comes to digitization, but the potential opportunities are driving developers, healthcare providers, and investors to find solutions.

PATIENT CARE
A key point to bear in mind about healthcare technology is that success and adoption may often be measured by the quality of the users’ experience, the resulting clinical outcomes, short and long term cost savings, and the resulting margin for both investors and the health care system at large. These multi-faceted goals are best illustrated by the demands for i) greater efficiency, and ii) better patient outcomes.

Efficiency is typified by, for example, streamlined bookings and appointment reminders, algorithms that triage patients to ensure they are seen by the right person at the right time, and in-home patient monitoring after patients are discharged. Patient take-up is also an excellent gauge of efficiency, for example, a high tech product that measures and reports blood sugar is of no value if the interface is too complicated for an older population.

Better outcomes result from clinicians gathering and using data to determine the right treatment in the fastest possible time, and are demonstrated, for example, by permanent lifestyle changes, improvements in self-care or care outside hospital,accurate drug dosage and use of medicines, and, in direct contrast with other sectors, reduced, rather than increased, service usage.

PRIVACY AND REGULATORY HURDLES
One of the most obvious challenges inherent in digital health is data privacy and security. Stemming from that are issues relating to control of the data, the right to use it, and ownership of the analysis. The most successful companies are those that, from the very beginning, understand the regulatory landscape in which they are operating; are transparent in terms of where their data comes from; make clear the type of data at issue, be that identifiable, pseudonymized, anonymized, or something in between; and identify who will control what data in what form. The ability to marry up these factors is a key part of any new entrant’s value proposition.


Continue Reading Challenges and Opportunities in MedTech, Innovation and Digital Health

As discussed in the first post in this two-part series, new players from outside the traditional healthcare paradigm are joining forces with hospitals, health systems and other providers to drive unprecedented innovation. These unexpected partnerships are bringing new solutions to market and changing how business is done and care is delivered.

Many of these collaborations revolve around data and data sharing arrangements. Traditional health industry stakeholders such as hospitals and health systems (HHSs) are partnering with technology companies—both established and start-up—to develop and market digital health solutions that engage patients beyond the brick-and-mortar clinical setting. Digital health tools are making it easier for patients to receive care in a mobile setting and access their health data across various platforms and sources. These innovative partnerships thus hold out the possibility of delivering better, faster, more targeted care.

Addressing Community Concerns

At the same time, digital health collaborations can encounter challenges regarding data privacy and security, permissions and ownership. Historically, health data was housed in one place—within the health institution. But with the rise of digital health tools, health data has become ubiquitous, raising fears about how it may be used, aggregated and shared.


Continue Reading Getting Cross-Industry Collaborations Right, Part 2: All About That Data

The demand for healthcare innovation is driving collaboration between formerly disparate healthcare companies and bringing in new players, such as technology companies and start-ups, into an already complex space. As companies build partnerships and pool resources – particularly healthcare data – data ownership presents numerous challenges that need to be addressed throughout the lifecycle of

Digital health companies face a complicated regulatory landscape. While the opportunities for innovation and dynamic partnerships are abundant, so are the potential compliance pitfalls. In 2018 and in 2019, several digital health companies faced intense scrutiny—not only from regulatory agencies, but in some cases from their own investors. While the regulatory framework for digital technology in health care and life sciences will continue to evolve, digital health enterprises can take key steps now to mitigate risk, ensure compliance and position themselves for success.

  1. Be accurate about quality.

Ensuring that you have a high-quality product or service is only the first step; you should also be exactingly accurate in the way that you speak about your product’s quality or efficacy. Even if a product or service does not require US Food and Drug Administration clearance for making claims, you still may face substantial regulatory risk and liability if the product does not perform at the level described. As demonstrated in several recent public cases, an inaccurate statement of quality or efficacy can draw state and federal regulatory scrutiny, and carries consequences for selling your product in the marketplace and securing reimbursement.

Tech companies and non-traditional health industry players should take careful stock of the health sector’s unique requirements and liabilities in this area, as the risk is much higher in this arena than in other industries.


Continue Reading Three Tips for Tackling Risk in Digital Health

This post was guest authored by lawyers from MWE China Law Offices, McDermott Will & Emery’s strategic alliance in Shanghai. 

Data compliance in China’s health care industry is multifaceted and highly sensitive, and applies to numerous types of data generated across the continuum of care. Multiple pieces of legislation prescribe complex regulatory requirements governing different types of data, and various supervisory authorities frequently conduct inspections and investigations, paying special attention to health care multinationals with operations in China.

This article explores four key questions on the regulatory requirements for health care data in China, along with key compliance steps for multinationals throughout the entire life cycle of health care data, including collection, storage, transfer and use.

1. What types of health care data are regulated in China? What are the key compliance points related to these types of health care data?

Data compliance rules apply to various sources and types of health care data, including medical record information, medical insurance information, health care logs, human genetic resources, medical experiments and scientific data. The table below lists the various types of health care data governed by China’s laws and regulations related to health care and personal information, as well as the key regulatory compliance focus for each category.

Category Definition Key Regulatory Compliance Focus

Health Care Big Data

The Administrative Measures on Standards, Security and Services of National Healthcare Big Data (for Trial Implementation)

Data relating to health care generated in the course of disease prevention and control as well as health management

Note: the Measures do not clarify what data qualifies as health care “big” data.

Localisation and storage

Transfer: Cross-border data transfer is subject to security assessment.

Human Genetic Resources

The Interim Administrative Measures for the Management of Human Genetic Resources

Genetic materials and related information, including organs, tissues, cells, blood, preparations, recombinant deoxyribonucleic acid (DNA) constructs containing human genome, genes and their products.

Collection: Complex approval procedures are required, and collection by foreign entities or individuals is restricted.

Localisation and storage

Transfer: Approval from administrative bodies is required before cross-border transfer.

Pharmaceutical Data

The Pharmaceutical Data Management Specification (Draft for Comments)

Data from all activities in a product’s life cycle, such as R&D, production, circulation, post-marketing monitoring and evaluation. Laws and regulations on personal information protection, health care big data protection and human genetic information protection, etc., may apply under certain circumstances.

Medical Device Data

The Guidelines for Technical Review of Network Security Registration for Medical Devices

Health care data and device data. Laws and regulations on personal information protection, health care big data protection and human genetic information protection, etc., may apply under certain circumstances.

Medical Records

The Regulations for Medical Institutions on Medical Records Management

All texts, symbols, graphics, images and slides produced in medical activities by medical personnel, including outpatient (emergency) and hospitalisation medical records.

Medical records are filed as medical history.

Collection: Consent from data subject is required.

Transfer: Medical institutions should keep records strictly confidential except under specific circumstances.

Scientific Data

The Measures for the Management of Scientific Data

Primarily data produced from basic research, application research, pilot development and other endeavours in such areas as natural science and engineering technology science, and the original data and data derived via observation and monitoring, survey and investigation, and inspection and detection that is used for scientific research activities. Transfer: Data involving state secrets are strictly forbidden to be transferred to a third party.

2. What are the key compliance steps for health care data collection in China?

Collection of any health care data involving personal information should be based on the three principles of China’s Cybersecurity Law (legitimacy, justification and necessity) and requires the consent of the data subject. The rules, purposes, methods and ranges of such collection should also be disclosed to the data subject.

Collection of human genetic information by foreign entities or foreign individuals is strictly regulated, and such collection is subject to the approval of regulatory authorities.

Multinationals may wish to consider taking the following steps to be compliant with Chinese laws:


Continue Reading Health Care Data Compliance in China: 4 Key Questions and Compliance Steps for Multinationals

Join us on November 8, 2018, for the third installment of McDermott’s live webinar series on digital health. In this installment, partners Bernadette M. Broccolo, Jiayan Chen and Vernessa T. Pollard will explore opportunities for accelerating biomedical research, development and commercialization through digital health tools and solutions, such as end-user license agreements (EULAs), wearables