The Food and Drug Administration Safety and Innovation Act (FDASIA), signed into law in 2012, is a comprehensive federal legislation that extends the authority of the Food and Drug Administration (FDA) to ensure the safety and advancement of public health. It introduces various provisions that expand FDA authority. Additionally, FDASIA aims to set up a risk-based regulatory framework to cover mobile medical applications and health information technology.
Who does it apply to?
FDASIA affects healthcare, pharmaceuticals, FDA regulation, entity compliance, and health information tech like mobile medical apps.
- FDA and regulatory bodies: The FDA is the central regulatory authority affected by FDASIA. The Act bolsters the FDA's capabilities and responsibilities in ensuring the safety and efficacy of drugs, medical devices, and related products.
- Covered entities: The Act directly impacts covered entities, which include health plans, healthcare providers, and healthcare clearinghouses. Under the HIPAA Privacy and Security Rules, these entities must comply with regulations related to the privacy and security of protected health information (PHI).
- Business associates: Organizations or entities that conduct business on behalf of covered entities, handling PHI, also fall under the purview of FDASIA. These "business associates" must comply with certain provisions of the Security Rule and most of the Privacy Rule.
- Health information technology (Health IT) sector: FDASIA influences the health IT sector, particularly entities involved in developing mobile medical applications, health-related websites, and portable sensors connected to mobile devices. While not all entities in this sector are directly regulated by FDASIA, the Act shapes the risk-based regulatory framework concerning health information technology and mobile medical apps.
- Stakeholders and external parties: FDASIA emphasizes engagement with various stakeholders, including patients, consumers, healthcare providers, startup companies, health plans, investors, technology vendors, small businesses, purchasers, employers, and experts relevant to the healthcare and technological sectors. The Act encourages their participation in the regulatory framework for health information technology.
See also: HIPAA Compliant Email: The Definitive Guide
FDASIA main points
- The FDASIA expands the FDA's powers by allowing the collection of user fees from the industry.
- It introduces programs like the "breakthrough therapy" designation for expedited review of drugs that could offer substantial improvements for patients with serious or life-threatening conditions.
- It addresses global drug supply chain challenges, considering the significant portion of imported drugs and active ingredients originating from overseas sources.
- The Act mandates the development of a risk-based regulatory framework for health information technology.
- Fosters collaboration between the FDA, the Office of the National Coordinator for Health Information Technology (ONC), and the Federal Communications Commission (FCC).
See also: Staying up to date with regulatory changes in healthcare
HIPAA and the FDASIA
FDASIA oversees FDA regulation, drug development, health information technology, and the drug supply chain. HIPAA is specifically focused on protecting health information in healthcare settings. Both regulations might apply to health information technology innovation, ensuring patient safety, data privacy, and innovation in healthcare technology.
See also: HIPAA and the FDA: Regulating privacy in medical health apps
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
.svg)
Kirsten Peremore : July 17, 2025