On Wednesday, October 8, 2014, I accompanied several other individuals active within the CGM in the Cloud community (John Costik, Ben West, Bennet Dunlap, and Ping Fang), and an invited guest observer (Mark O’Donnell from Medtronic) to meet with the US Food and Drug Administration (FDA) to discuss the Nightscout project. Our goal was to begin a dialog with the FDA, in which we hope to educate the FDA on the Nightscout system and the open source development methodology behind it, to learn what concerns the FDA might have about the project, and to determine which efforts need to be prioritized to address those concerns and ensure the safety of everyone using the Nightscout system.
As most of you are aware (and as outlined so well in the recent front-page WSJ article), the Nightscout project started with John Costik’s early efforts to improve safety for his son going to kindergarten, by using the USB interface of his Dexcom G4 Continuous Glucose Monitor (CGM) to obtain up-to-date glucose readings, and make that data available remotely. After John and a few others released their code, many other interested developers began improving and extending it using an open-source development model.
Since that time, the CGM in the Cloud Facebook group has grown to over 7,000 members, and the open-source Nightscout project has been developed into the system used regularly by most of the over 1,100 individuals who have made their own copies (forks) of the source code on GitHub. Recognizing that this rapid growth indicated something so important to so many people living with diabetes, the FDA has reached out over the last several months to a number of us at events like the D-Mine D-Data Exchange.
We all recognize that this kind of open-source patient-driven project has the potential to greatly improve patient safety, quality of life, and quality of treatment. Furthermore, this bottom-up innovation also represents a new way of developing potentially life-saving mHealth systems: it falls somewhat outside the way medical devices have traditionally been developed and regulated, both in the open-source nature of the project and the #WeAreNotWaiting-inspired speed of software development, testing, and release.
In light of all this, the FDA encouraged those of us working on Nightscout to begin working with the FDA through their pre-submission process, so they can better understand what we are doing, and so they can work with us to make sure that we are doing everything possible to accomplish the shared goal of maximizing patient safety. We also saw it as an opportunity to work with the FDA to help them develop a model for regulating patient-driven open source mHealth software, which ensures the aforementioned focus on safety without unnecessarily slowing things down. So Ben West did exactly what the FDA suggested, documenting a number of details about how the Nightscout software and project currently work, and formally submitted them to the FDA along with a request for Wednesday’s meeting.
This meeting represented an excellent start on the dialog required to reach those goals. The FDA asked a number of questions about how Nightscout’s open-source development model works. From our perspective, they seemed particularly interested in learning about the (currently largely informal, yet effective) processes we have in place for ensuring that new features and code are well reviewed and tested before being made available to the general public, and for making sure that any reported issues that might represent a safety issue can be appropriately triaged, prioritized, fixed, and the fix distributed back to the people using the software. They also expressed an interest in making sure that there is a core person, group, or entity that is responsible for making sure nothing falls through the cracks and that any modifications or new features are well-tested and work as designed, and who will take responsibility and take appropriate action if something goes wrong.
Prior to Wednesday’s meeting, some people had expressed concern whether formally engaging with the FDA would put the Nightscout project at risk, and possibly even result in the FDA “shutting it down” and taking away a tool that many people find invaluable in helping ensure the safety of themselves or their loved ones. Given the FDA’s desire to work with us, we did not think that would be a significant risk. In fact, we felt that failing to engage the FDA would be irresponsible, because it would not only put the project at risk, but it would mean that we were not doing everything we could to ensure safety.
Now that we have actually had our first meeting with the FDA and heard what their major concerns are, I am even more confident that we are on the right track. The FDA’s initial questions were mostly focused on making sure that we have good processes, procedures, and systems in place to make sure Nightscout is safe as it can be, even in rare and challenging circumstances. We share their focus on safety, and while we have already put in place systems to address most of the things they are concerned about, we are also committed to working with them to identify and close any gaps. The FDA has not yet indicated to us that they have any problems with what Nightscout is currently doing, but rather indicated they want to learn more, discuss internally, and keep communications open.
We are currently in the process of writing up formal minutes based on the notes I took at the meeting and getting those over to FDA so they can review them for accuracy. Once they approve the minutes, we plan to post them, along with the raw notes, for everyone to review.
Over the next few weeks and months, we will be undertaking an effort to document (and in some cases improve) our processes and systems. That is partly so the FDA knows we’re doing the right thing, but it’s even more importantly so that all of you, the CGM in the Cloud community, can be confident that we’re all doing everything we can to keep our loved ones safe. That is the primary goal that we all share, and #WeAreNotWaiting to make it happen.