GAO: FDA needs to work on IT infrastructure, Sentinel program privacy

The FDA is developing a plan to modernize its IT systems and infrastructure in response to a report from the Government Accountability Office (GAO), which revealed that the agency does not have such architecture in place to support its modernization efforts.

In a report released June 2, the GAO also said the agency is not strategically managing its IT human capital by determining its skill needs or the gaps between what it has and what it will need in the future, reported Government Health IT.

The FDA has 16 modernization projects underway, including automating employee processing and updating its system for reporting adverse events from drugs and other products, according to the GAO report.

In 2007, the FDA's Science Board said that the agency lacked the IT capability and infrastructure to fulfill its regulatory mission.

In a separate report released June 1, the GAO stated that the FDA has yet to set adequate privacy and security protections for its planned Sentinel program, which gathers health-effects information on drugs and other products after they are on the market.

Plans for the congressionally mandated program were announced by the agency one year ago. The FDA design calls for a coordinating center to send queries to data sources including health insurance companies, academic institutions, federal and state government agencies and healthcare providers. Summaries of the information would go back to the coordinating center, and from there, back to the FDA and other entities, according to Government Health IT.

The FDA said it is working to establish a distributed network to gather and protect the information that will be transferred. The information will stay with its original owners who will do the data searches themselves and only supply summaries.