The Shifting Sands of Medical Software Regulation



Similar documents
FDA Issues Final Guidance on Mobile Medical Apps

CENTER FOR CONNECTED HEALTH POLICY

Regulation of Mobile Medical Apps

Medical Device Software

Mobile Medical Applications: FDA s Final Guidance. M. Elizabeth Bierman Anthony T. Pavel Morgan, Lewis & Bockius, LLP

Breakout Sessions: FDA s Regulation of Mobile Health and Medical Applications

Risk based 12/1/2015. Digital Health Bakul Patel Associate Director for Digital Health Office of Center Director.

Medical Device Software: Establishing FDA Authority and Mobile Medical Apps

Use of Mobile Medical Applications in Clinical Research

Mobile Medical Application Development: FDA Regulation

International Medical Device Regulators Forum (IMDRF) US FDA Center for Devices and Radiological Health - Update

Mobile Medical Applications

The U.S. FDA s Regulation and Oversight of Mobile Medical Applications

CDRH Regulated Software Looking back, looking forward

Mobile Medical Applications: An Overview of FDA Regulation

Rethinking the FDA s Regulation of. By Scott D. Danzis and Christopher Pruitt

US & CANADA: REGULATION AND GUIDELINES ON MEDICAL SOFTWARE AND APPS OR

CDRH Regulated Software

Mobile Medical Applications. Guidance for Industry and Food and Drug Administration Staff

Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices

Medical Product Software Development and FDA Regulations Software Development Practices and FDA Compliance

Regulatory Considerations for Medical Device Software. Medical Device Software

Mobile Medical Apps. Purpose. Diane Romza Kutz Fredric E. Roth V. Regulation and Risks. Purpose of today s presentation

2014 Annual Report on Inspections of Establishments

MOBILE MEDICAL APPLICATIONS

Developing a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA

Templates. FDA Mobile Medical App Regulations. Your own sub headline This is an example text. Your Logo

Draft Guidance for Industry, Food and Drug Administration Staff, and Clinical Laboratories

Combination Products Regulation in the United States

What is a medical device? Medical Devices: Roadmap to Market. Kathryn Klaus, Esq.

How To Regulate A Medical Device From A Cell Phone

Cutting Edge Issues in Health Care Technology & mhealth. Agenda

Understanding Medical Device Regulation for mhealth A Guide for Mobile Operators

How To Know If A Mobile App Is A Medical Device

Considerations for using the Web for Medical Device Applications

FDA Regulation of Whole Slide Imaging (WSI) Devices: Current Thoughts

Thomas Conroy, RPh., J.D. Director, Promotion Compliance Global Regulatory Affairs MARCH 11, 2015

On Behalf of: InTouch Health

REFERENCE DOCUMENT. (DRAFT for Public Comments) Title: White Paper on Medical Device Software Regulation Software Qualification and Classification

Development and Validation of In Vitro Diagnostic Tests. YC Lee, Ph.D. CEO

EVALUATION OF AUTOMATIC CLASS III DESIGNATION FOR STUDIO on the Cloud Data Management Software DECISION SUMMARY

Final Document. Software as a Medical Device (SaMD): Key Definitions. Date: 9 December Despina Spanou, IMDRF Chair. IMDRF/SaMD WG/N10FINAL:2013

Medical Device Software Standards for Safety and Regulatory Compliance

[DOCKET NO.96N-0002] DRAFT

The Human Experiment- Electronic Medical/Health Records

General Wellness: Policy for Low Risk Devices. Draft Guidance for Industry and Food and Drug Administration Staff

Regulation and Risk Management of Combination Products

Information Sheet Guidance For IRBs, Clinical Investigators, and Sponsors

FDASIA Health IT Report

Sarah Chandler A/Head, Regulatory and Scientific Section Medical Devices Bureau

Perspectives on the FDASIA Health IT Report and Public Workshop

Security of Medical Device Applications

AND. CE IT Community Town Hall Meeting Feb. 8, 2012

Inspections, Compliance, Enforcement, and Criminal Investigations

Adapting Agile Software Development to Regulated Industry. Paul Buckley Section 706 Section Event June 16, 2015

Medical Software Development. International standards requirements and practice

Cybersecurity for Medical Devices

QMS for Software as a Medical Device [SaMD] Lessons Learned from a Quality Perspective

Document issued on: May 11, 2005

30 In Compliance October

Regulation of Medical Apps FDA and European Union

Poten&al Impact of FDA Regula&on of EMRs. October 27, 2010

Risk Management and Cybersecurity for Devices that Contain Software. Seth D. Carmody, Ph.D. 12 th Medical Device Quality Congress March 18, 2015

ORACLE CONSULTING GROUP

Software as a Medical Device (SaMD): Possible Framework for Risk Categorization and Corresponding Considerations. Proposed Final IMDRF WG(PF)/N12 R10

Guidance for Sponsors, Institutional Review Boards, Clinical Investigators and FDA Staff

PMAs, 510(k)s, and Advanced IDE Topics

Re: Docket No. FDA 2014 N 0339: Proposed Risk-Based Regulatory Framework and Strategy for Health Information Technology Report; Request for Comments

Regulated Mobile Applications

Clinical Laboratory Improvement Amendments (CLIA) How to Obtain a CLIA Certificate of Waiver

Health Care February 28, CMS Issues Proposed Rule on Stage 2 Meaningful Use,

Section 5: Quality Systems Regulation (QSR) and Good Manufacturing Practice (GMP)

IVD Regulation Overview. Requirements to Assure Quality & Effectiveness

Overview of MU Stage 2 Joel White, Health IT Now

Correspondence between ISO 13485:2003 and the US Quality System Regulation

Transcription:

The Shifting Sands of Medical Software Regulation Suzanne O Shea Ralph Hall September 10, 2014 What Software is Regulated by FDA? FDA regulates medical devices. FDA regulates software that meets the definition of a medical device. What s a Medical Device? instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including any component, part, or accessory, which is intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment or prevention of disease in man or other animals Section 201(h) of the Federal Food, Drug, and Cosmetic Act; 21 U.S.C. 321(h) 1

What s a medical device? How Does FDA Regulate Medical Device Software? Class I, II, III 510(k) / PMA Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices, 2005 Documentation required depends on software s Level of Concern: Major failure could directly result in serious injury or death Moderate failure could directly result in minor injury Minor failure not likely to result in injury Recognized Consensus Standards Registration / Listing, QSR (design controls, CAPA, recordkeeping etc.) Recalls, Reporting, Inspections Software as a Device Component Many devices software controlled Pacemakers Neuromodulators Imaging systems Components generally take the classification of the parent device Often reviewed as part of PMA submission 2

Manufacturing Software Software controlled manufacturing processes common Includes labeling systems Manufacturing software may be included in PMA and some 510(k) submissions Subject to traditional PMA review Need to submit modifications What about Electronic Health Records? FDA does not regulate electronic health records. An Electronic Health Record (EHR) is an electronic version of a patients medical history, that is maintained by the provider over time, and may include all of the key administrative clinical data relevant to that persons care under a particular provider, including demographics, progress notes, problems, medications, vital signs, past medical history, immunizations, laboratory data and radiology reports. Center for Medicare and Medicaid Services What about Mobile Medical Apps? FDA Final Guidance: Mobile Medical Applications (September 2013) Risk-based approach to regulation- focus on software that could cause harm to patients due to faulty functionality vs. consumer-oriented apps Some in D.C. believe that further clarity is needed. In March, Senator Orrin Hatch and a group of bipartisan senators formally urged FDA to provide more transparency regarding regulation of MMAs FDA has yet to respond to the Senators letter 9 3

Mobile Medical App Guidance Categories Three categories: 1. The mobile app is not a medical device; 2. The mobile app might be a medical device, but is low risk and FDA will exercise enforcement discretion; or 3. The mobile app is a medical device (MMA) and will be subject to FDA oversight. 10 Category 1: Not a Device FDA offered a number of examples of apps that are NOT devices: Mobile apps that are intended to provide access to electronic copies of medical textbooks or other reference materials Mobile apps that are intended for health care providers to use as educational tools for medical training or to reinforce training previously received Mobile apps that are intended for general patient education and facilitate patient access to commonly used reference information Mobile apps that automate general office operations in a health care setting and not intended for use in the diagnosis, cure, treatment, or prevention of disease Mobile apps that are generic aids or general purpose products 11 Category 2: Enforcement Discretion Apps that are low risk so FDA will exercise enforcement discretion: Help patients self-manage their disease or conditions without providing specific treatment or treatment suggestions Provide patients with simple tools to organize and track health information Provide easy access to information related to patients health conditions or treatments Help patients document, show, or communicate potential medical conditions to health care providers Perform simple calculations routinely used in clinical practice Enable patients or providers to interact with Personal Health Record or Electronic Health Record systems 12 4

Category 3: Apps Subject to FDA Premarket Review FDA identified three subsets of apps that it intends to regulate: 1. Mobile apps that are an extension of one or more medical devices by connecting to such device(s) for purposes of controlling the device(s), displaying, storing, analyzing, or transmitting patient-specific medical device data. Examples include: Apps that display patient-specific medical device data (e.g., EEG waveforms, images from PACS) Apps that control medical devices ( e.g., apps that control inflation and deflation of blood pressure cuffs) Apps that display, store or transfer medical device data in its original format (these will be regulated as Class I- lowest risk) 13 Category 3: Apps Subject to FDA Premarket Review cont. 2. Mobile apps that transform the mobile platform into a regulated medical device by using attachments, display screens, or sensors or by including functionalities similar to those of currently regulated medical devices. Examples include: Attachment of a blood glucose strip reader to a mobile platform to function as a glucose meter Attachment of ECG electrodes to a mobile platform to measure, store, and display ECG signals 3. Mobile apps that become a regulated medical device by performing patient-specific analysis and providing patient specific diagnosis, or treatment recommendations. Examples include: Apps that use patient-specific parameters and calculate dosage for radiation therapy 14 What about Medical Device Data Systems? Guidance document issued June 20, 2014. FDA will exercise enforcement discretion. MDDS are hardware or software products that: transfer store convert formats and display medical device data. MDDS may not control functions or parameters, not to be used with patient monitoring. 5

Off-the-Shelf Software included in Medical Devices Guidance: Off-the-Shelf Software Use in Medical Devices, 1999 This guidance document represents the agency's current thinking on the documentation that should be provided in premarket submissions for medical devices using OTS software. Cybersecurity Guidance: Cybersecurity for Networked Medical Devices Containing OTS Software, 2005 Guidance: Content of Premarket Submission for Management of Cybersecurity in Medical Devices, 2013 Manufacturers should develop a set of security controls to assure medical device cybersecurity to maintain information confidentiality, integrity, and availability. Software Validation Guidance: General Principles of Software Validation, 2002 The FDA Perspective on Human Factors in Medical Device Software Development, Molly Follette Story, 2012 6

Other Potential Regulatory Approaches Congress intensely interested in software regulation Some fear over regulation Others fear overlapping jurisdiction Breadth of FDA definition of device Concerns over Health IT including electronic health records (EHRs) Multiple agencies involved in software oversight FDA FCC Office of National Coordinator for Health Information Technology FDASIA (2012) mandated report Health Information Technology (HIT) Efforts to both encourage national implementation and determine oversight needs 2004 Executive Order Office of National Coordinator for Health Information Technology (ONC) Charged with advancing health information technology and electronic exchange of medical information Multiple initiatives Quality needs Reporting Risk based regulation 2014 Draft Health IT Report Report Committee included multiple stakeholders FDA, ONC and FCC Recommends three categories Administrative health IT systems Billing systems Scheduling Health management functions Clinical decision software Health information management systems Medical device software narrowly defined group Bedside alarms Radiation control software 7

Draft Health IT Report Recommendations Recommends public private Health IT Safety Center Develop standards Assess performance reports Administrative health IT No premarket requirements Modest reporting Outside FDA Health Management IT FDA exercises enforcement discretion No oversight Medical device software Traditional FDA regulation OUS Regulation Many of the same questions as in the US Role of CE mark and notified bodies Often simpler oversight requirements Lower level of regulatory of some types of Health IT Quality system requirements still exist for certain types Design controls Validation and verification Reporting Overall desire for more commonality IMDRF - SaMD Initative IMDRF (International Medical Device Regulators Forum) Preparing recommended global regulatory framework documents SaMD (Software as a Medical Device) current work stream Initial draft regulatory framework issued March 2014 Many comments Revised final draft submitted to IMDRF management committee September review and potential approval Intended to be regulatory framework for individual countries 8

Current SaMD Approach Unclear content of final draft Risk based approach Four categories of product Risk based Variable level of premarket data needed Differences with current US approach Higher regulation of clinical data support systems Differing risk assessments Next steps require IMDRF approval More specific frameworks may then follow Thank you! Suzanne O Shea Counsel Indianapolis +1 317 569 4649 suzanne.oshea@faegrebd.com Ralph Hall Counsel Minneapolis +1 612 766 8766 ralph.hall@faegrebd.com 9

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information