In June, the FDA offered up a draft guidance document designed to help medical device makers better understand how the agency thinks about a patient's right to access their own data from a device. The guidance clarified that medical device makers can make a patient's data available to them without additional clearance, though it cautioned them to do so thoughtfully to keep the data private and secure.

Now, as the Regulatory Affairs Professionals Society noted on Monday, a number of industry groups have already responded with comments to the draft guidance. Neither industry nor patient groups seem entirely happy with the level of clarity in the guidance. 

Respondents included the Advanced Medical Technology Association (AdvaMed), Novartis, Pfizer-subsidiary Hospira, consulting group Regulatory Compliance Associates, and patient groups FORCE and the Patient, Consumer, and Public Health Coalition.

AdvaMed also wanted the FDA to make it clearer that this guidance is simply a nonbinding suggestion.

"Although FDA has explained the meaning of 'should' in the Introduction, we suggest that the guidance more clearly state that the information on content and context are suggestions, not requirements and should be implemented when feasible," the group wrote. "Because most patient-specific information is developed for the healthcare provider or manufacturer, reconfiguring it and restating it can be difficult and burdensome. The most desirable way to communicate patient-specific information to a patient is via the patient’s healthcare provider. This line of communication should be emphasized and more clearly stated as the primary means for providing patient-specific information."

Novartis may not have understood that the guidance is nonbinding, as their comments ask the FDA to "provide a timeline for older medical devices already on the market to be in compliance." Novartis also requested clarity on which kinds of medical devices are under discussion.

Interestingly, even the patient groups that have responded did so with some trepidation related to the lack of clarity around scope. FORCE, which stands for "Facing Our Risk of Cancer Empowered," wondered if genetic test results would fall under the purview of this guidance. If so, they suggested, the FDA should consider the risk to patients of being presented with data they don't fully understand or have the capacity to interpret.

Other respondents, such as Regulatory Compliance Associates, had concerns about cybersecurity threats being introduced with increased patient access to data.

The FDA also released a new final guidance today, an update of the industry's staff guidance for de novo and PMA classifications. The changes from the 2012 version of the document are fairly modest, but there is a little more emphasis on the role of patient-reported outcomes and patient preference in determining the risk-benefit analysis of new devices.