In The Case for Open Source Healthcare IT John Zaleski uses the VistA open source software as a model for improving the medical device data gathering in order to produce a “more robust end product”. On the whole, I could not agree more. Achieving this in such a diverse and fragmented community would be a real challenge, but it may indeed be a worthwhile path to pursue.
There was one item I’d like to comment on:
The challenge is, of course, regarding regulatory management of open source frameworks. To a large degree open source software is anathema to the FDA regulatory process–and it relates to control and management of access.
OSS detested or loathed by the FDA? I don’t think so. The open source framework itself would not be subject to regulatory control. The FDA does not really care where any specific software component comes from. Also, security and access management are certainly important, but I’m not sure of their applicability at the device connectivity level.
The FDA cares about intended use, efficacy, and safety of medical devices. All FDA regulated software is subject to the same design controls (§820.30) — design, risk analysis, verification, validation, etc. I.e. any company that included these open source software components would ultimately be responsible for proving these processes are followed.
Shahid N Shah’s OSCon 2011 Talk: The implications of open source technologies in safety critical medical device platforms does a good job of detailing these points (Will the FDA accept open source in safety-critical system? Yes!) as well as presenting an OSS connectivity software architecture.