As computing power continues to become cheaper and more powerful, medical devices are increasingly capable of handling larger and larger sets of data. This provides the ability to log ever expanding amounts of information about medical device use and patient health. Whereas once the data that could be obtained from a therapeutic or diagnostic device would be limited to time and error codes, medical devices now have the potential to store personal patient health information. Interoperability between medical devices and electronic health record systems only increases the potential for medical devices to store personal information.
Continue Reading HIPAA/HITECH Compliance Strategies for Medical Device Manufacturers

On July 25, 2013, the Food and Drug Administration (“FDA” or “the Agency”) published a Draft Guidance for Industry entitled “Pre-Launch Activities Importation Requests”, or “PLAIR”. The draft guidance describes FDA policy on requests for importation of unapproved finished dosage form drug products by an applicant preparing for market launch pursuant to a New Drug Application (“NDA”), an Abbreviated New Drug Application (“ANDA”) or a Biologics License Application (“BLA”). The draft guidance describes the procedure for making requests for importation prior to approval, as well as the factors FDA will look to in deciding whether to grant such requests.
Continue Reading FDA’s Draft Guidance For Industry On Pre-Launch Activities Importation Requests: Dead On Arrival?

On Thursday, June 13, 2013, the U.S. Food and Drug Administration (“FDA”) released a draft guidance on measures to help ensure the cybersecurity of medical devices. The draft guidance, titled “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices,” proposes cybersecurity features that should be incorporated into wireless, Internet- and network-connected medical devices (“cybersecurity-vulnerable devices”), as well as information that will be requested in premarket submissions for cybersecurity-vulnerable devices. In addition to the draft guidance, FDA also issued an FDA Safety Communication to medical device manufacturers, hospitals, medical device user facilities, health care IT and procurements staff, and biomedical engineers on cybersecurity for medical devices and hospital networks.
Continue Reading Cybersecurity: FDA Risks for Medical Devices

I am often called upon to address the nature of how regulatory controls may apply to the organization of healthcare companies in their ability to create, deliver, and capture value (their ‘business models’). While no summation could adequately capture all of the complexity inherent in this question, it would seem appropriate to briefly comment on some of the general recent trends I have seen, and how they may be shaped by various regulatory authorities.
Continue Reading Thoughts on Regulatory Constraints of Business Models

FDA has taken no significant regulatory action with regards to claims made for cosmetics for almost twenty five years. As a result, claims for cosmetics have become aggressive, as new science and ingredients have blurred the line between cosmetics and pharmaceuticals, leading to a class of products generally referred to as “cosmeceuticals”. There is, however, no regulatory definition of a cosmeceutical, and recent regulatory actions by the FDA suggests that they believe claims for such products are drug claims.Continue Reading FDA Takes Action Against Marketers Making “Cosmeceutical” Claims

By Mike Emmick

In the fervor of the U.S.’s current anti-foreign-corruption efforts, a particularly misguided proposal has occasionally reared its ugly head: Requiring “mandatory debarment” for any company that violates the Foreign Corrupt Practices Act (“FCPA”).

On the merits, such a proposal is completely wrong-headed. Debarment is a severe, forward-looking administrative remedy – the corporate “death penalty” – not a vehicle to “boost” the penalties for past criminal FCPA violations.Continue Reading Mandatory Debarment for FCPA Violations? A Bad Idea Whose Time Should Never Come

By Mike Emmick and Joseph Barton

Corporate executives in the health care and environmental industries are rapidly coming to appreciate the implications of the responsible corporate officer doctrine, a recently-revitalized weapon in U.S. Department of Justice’s battle against corporate crime.

This doctrine is a peculiar exception to the usual requirements for a criminal prosecution. Ordinarily, criminal law requires a defendant to have committed a criminal act, and to have done so with criminal intent.Continue Reading The Uncomfortable Resurgence of the Responsible Corporate Officer Doctrine

Welcome to the first monthly update on FDA’s enforcement over regulated tobacco products. This update will examine trends in Warning Letters, and cover some unique Warning Letters and enforcement actions that have occurred in the previous month. As the first post regarding tobacco products, we begin with an alert regarding FDA’s issuance of civil money penalty complaints. The update also provides a summary of tobacco related Warning Letters issued by the FDA to date.[1]Continue Reading Update on Tobacco Warning Letters