Regulation of Medical Apps FDA and European Union



Similar documents
Medical Device Software: Establishing FDA Authority and Mobile Medical Apps

Mobile Medical Application Development: FDA Regulation

Regulatory Considerations for Medical Device Software. Medical Device Software

How To Know If A Mobile App Is A Medical Device

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

Mobile Medical Applications: FDA s Final Guidance. M. Elizabeth Bierman Anthony T. Pavel Morgan, Lewis & Bockius, LLP

CENTER FOR CONNECTED HEALTH POLICY

Regulation of Mobile Medical Apps

Navigating the New EU Rules for Medical Device Software

FDA Issues Final Guidance on Mobile Medical Apps

Mobile Medical Applications

The Shifting Sands of Medical Software Regulation

How To Regulate A Medical Device From A Cell Phone

Use of Mobile Medical Applications in Clinical Research

On Behalf of: InTouch Health

Final Document. Software as a Medical Device (SaMD): Key Definitions. Date: 9 December Despina Spanou, IMDRF Chair. IMDRF/SaMD WG/N10FINAL:2013

Regulated Mobile Applications

The U.S. FDA s Regulation and Oversight of Mobile Medical Applications

Developing a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA

COMMISSION STAFF WORKING DOCUMENT. on the existing EU legal framework applicable to lifestyle and wellbeing apps. Accompanying the document

EU Law and Life Sciences Mobile Health Apps. Webinar - Brussels, 9 July 2014

Mobile Medical Apps. Purpose. Diane Romza Kutz Fredric E. Roth V. Regulation and Risks. Purpose of today s presentation

Key Challenges and Unmet Needs in Bipolar Disorder

Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices

Breakout Sessions: FDA s Regulation of Mobile Health and Medical Applications

Risk based 12/1/2015. Digital Health Bakul Patel Associate Director for Digital Health Office of Center Director.

Mobile Medical Applications: An Overview of FDA Regulation

MOBILE MEDICAL APPLICATIONS

Medical Technologies Market in Turkey

A Design of Mobile Convergence Architecture for U-healthcare

Rethinking the FDA s Regulation of. By Scott D. Danzis and Christopher Pruitt

REFERENCE DOCUMENT. (DRAFT for Public Comments) Title: White Paper on Medical Device Software Regulation Software Qualification and Classification

Websites & Social Media. in the Professional Environment. A practical guide to navigating the world of social media

An introduction to the regulation of apps and wearables as medical devices

Testimony of Denise Lea Elliott, DPM Member, American Podiatric Medical Association Solo Practitioner Marrero, Louisiana

Secure, diagnostically-cleared, mobile access to imaging and information.

Position Paper. Orgalime response to the Public consultation on the. collaborative economy - Digital Single Market Strategy follow up assessment

Mobile Medical Applications. Guidance for Industry and Food and Drug Administration Staff

EHRs and Contexts of Use

Draft guidance for registered pharmacies providing internet and distance sale, supply or service provision

A Primer: Solving the Unique Problems of Orphan Drug Communications Programs

Night Owl 8 channel DVR system with HDMI output, 960H recording and a Free Night Owl Pro App with Owl Scan (No Hard Drive Included)

Filename: P4P 016 Todd: Kim: Todd: Kim:

Look at what innovation can do

Unleashing the Potential of Cloud Computing in Europe - What is it and what does it mean for me?

ilinc Legal & Technology Briefs The Liability of Internet Intermediaries In the EU

The Challenge of Implementing Interoperable Electronic Medical Records

ASHVINS Group. Mobile Application Testing Summary

ELECTRONIC MEDICAL RECORDS. Selecting and Utilizing an Electronic Medical Records Solution. A WHITE PAPER by CureMD.

Thomas Conroy, RPh., J.D. Director, Promotion Compliance Global Regulatory Affairs MARCH 11, 2015

Medical Device Software

Enabling Integrated Care

The Personality Disorders Service

FREQUENTLY ASKED QUESTIONS ABOUT THE CVS CAREMARK PRESCRIPTION DRUG PROGRAM

Getting Clinicians Involved: Testing Smartphone Applications to Promote Behavior Change in Health Care

Testing Mobile Application using Device Cloud

Regulation and Risk Management of Combination Products

CDRH Regulated Software

Bipolar Disorder. Some people with these symptoms have bipolar disorder, a serious mental illness. Read this brochure to find out more.

Guidance for Industry

A Sample Radio Interview

Breakthrough Lung Cancer Treatment Approved Webcast September 9, 2011 Renato Martins, M.D., M.P.H. Introduction

ICD-10 Frequently Asked Questions

02- DEPARTMENT OF PROFESSIONAL AND FINANCIAL REGULATION. Chapter 8 REGULATIONS RELATING TO ADVANCED PRACTICE REGISTERED NURSING

General Wellness: Policy for Low Risk Devices. Draft Guidance for Industry and Food and Drug Administration Staff

User Agreement. Quality. Value. Efficiency.

MEPI Connect An Open Source Graduate Tracking Software System: Resource Requirements to Customize and Implement the System

NetSuite. Goes Natural. We have spoken to dozens of small business executives about their move to adopt technology.

Leveraging Partners and Open Source Technology in your Mobility Strategy. emids webinar Thursday, August 11, :00 pm 2:00 pm EDT

Understanding Medical Device Regulation for mhealth A Guide for Mobile Operators

Getting Started with iphone SDK, Android and others: Mobile Application Development Create your Mobile Applications Best Practices Guide

EMR Adoption Survey. Instructions. This survey contains a series of multiple-choice questions corresponding to the 5-stage EMR Adoption Model.

Guidance for registered pharmacies providing pharmacy services at a distance, including on the internet

GUIDANCE NOTES FOR MANUFACTURERS OF CLASS I MEDICAL DEVICES

Organising and planning services for people with a personality disorder

Certified National Pharmaceutical Representative

Medical App Checker:

Under European law teleradiology is both a health service and an information society service.

Transcription:

JHW Comment - The content of below article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances. Erik Vollebregt Erik is a Dutch lawyer specialised in EU legal issues relating to medical devices Erik s blog can be found at: http://medicaldeviceslegal.com FDA Draft Guidance for Mobile Medical Applications can be found at: http://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm263366.pdf Article by Erik Vollebregt 27 July 2011 On 21 July the FDA released Draft Guidance for Industry and Food and Drug Administration Staff Mobile Medical Applications, a document that I think has great significance for the regulation of the EU ehealth and medical device markets, even if it is presently only a draft. If adopted by the FDA its importance will only increase. Important guidance for the EU too I have read the document and the reasoning behind it can, as you will read in the following, almost for a 100% be transplanted to the EU medical devices regulatory environment and the document describes in a very detailed and practical way what is regulated as device (and what not) while giving lots of examples. This is a significant benefit for stakeholders in the EU (and in the US). Why is this document so significant for regulation of ehealth and medical devices markets in the EU? Firstly, the EU regulatory environment, although software is regulated in very general terms, is way behind in terms of the sophistication and level of detail provided. While the different stakeholders and regulators are going back and forth to agree on possible guidance to be published after the publication of the 'Swedish report' and whether this should be in a MEDDEV or guidance document, the industry and in particular the clinical institutions in the EU seem to have no clue about how apps, websites and software with diagnostic and/or therapeutic functionality are regulated and more often than not act like it is not regulated at all. Secondly, because the reasoning of the FDA fits so well into the EU regulatory system, medical technology and software companies can rely on the same things being regulated as medical device. Of course, the clinical substantiation and the way devices are regulated differs significantly between the EU and the US, but knowing that the same things are regulated as device in the first place is already a big step forwards. Scope of software regulated The FDA proposes that the guidance is applicable to mobile medical applications or "mobile medical apps", defined as "a software application that can be executed (run) on a mobile platform, or a web-based software application that is tailored to a mobile platform but is JHW Editorial Info-Note 270711 - Regulatory Affairs of Medical Apps Page 1

executed on a server"; and has an intended use within the scope of the concept of medical 'device' as regulated by the FDA; and are used as an accessory to a regulated medical device; or transform a mobile platform into a regulated medical device. Although the wording "app" is misleading here because that seems to refer to software that is stored and run locally, it is quite clear that also web applications are covered by the definition. Such regulation applications are: Mobile apps that are an extension of one or more medical device(s) by connecting to such device(s) for purposes of controlling the device(s) or displaying, storing, analyzing, or transmitting patient-specific medical device data Mobile apps that transform the mobile platform into a medical device by using attachments, display screens, or sensors or by including functionalities similar to those of currently regulated medical devices. Mobile apps that allow the user to input patient-specific information and using formulae or processing algorithms output a patient-specific result, diagnosis, or treatment recommendation to be used in clinical practice or to assist in making clinical decisions. The FDA plans to address in a separate issuance mobile medical apps intended to analyze, process, or interpret medical device data (electronically collected or manually entered) from more than one medical device. Excluded however are "mobile apps that are electronic "copies" of medical textbooks, teaching aids or reference materials, or are solely used to provide clinicians with training or reinforce training previously received. These types of apps do not contain any patient-specific information, but could show examples for a specific medical specialty." In EU regulation terms, these devices quite clearly do no achieve a therapeutic or diagnostic effect "in or on the human body" as required by the definition of 'medical device' under the Medical Devices Directive (MDD); Mobile apps that are solely used to log, record, track, evaluate, or make decisions or suggestions related to developing or maintaining general health and wellness, provided that they are not intended for curing, treating, seeking treatment for mitigating, or diagnosing a specific disease, disorder, patient state, or any specific, identifiable health condition. This outcome would be largely similar under EU law as there is no intended therapeutic or diagnostic use except that the EU definition also covers "investigation [...] of the anatomy or of a physiological process" which makes these apps borderline cases under EU law. Mobile apps that only automate general office operations with functionalities that include billing, inventory, appointments, or insurance transactions. These are also excluded under the EU MDD. Mobile apps that are generic aids that assist users but are not commercially marketed for a specific medical indication, such as recording audio, note-taking, replaying audio with amplification, and other similar functionalities. These are currently also excluded under the EU MDD. Mobile apps that perform the functionality of an electronic health record system or personal health record system. These are also excluded under the EU MDD. JHW Editorial Info-Note 270711 - Regulatory Affairs of Medical Apps Page 2

Manufacturer A mobile medical device manufacturer may include anyone who initiates specifications, designs, labels, or creates a software system or application in whole or from multiple software components. Examples of mobile medical device manufacturers include any person or entity that: Creates, designs, develops, labels, re-labels, remanufactures, modifies, or creates a software system from multiple components; Provides mobile medical app functionality through a "web service" or "web support" for use on a mobile platform; Initiates specifications or requirements for mobile medical apps or procures product development/manufacturing services from other individuals or entities (second party) for subsequent commercial distribution; Creates a mobile medical app intended to be used on a mobile platform, or that manufactures a mobile app to be supported by hardware attachments to the mobile platform with a device intended use. All of this fits perfectly in the definition of manufacturer under the MDD, defined as "the natural or legal person with responsibility for the design, manufacture, packaging and labelling of a device before it is placed on the market under his own name, regardless of whether these operations are carried out by that person himself or on his behalf by a third party." An important point is that the FDA urges manufacturers of applications that do not meet the definition of 'device' still apply a quality system to the design and development. A standard that would work for the EU is the EN 62304 standard on life cycle requirements for medical devices software harmonised under the MDD. Distributors A very important final point in the draft guidance is that the FDA expects distributors of mobile medical apps who may or may not be a platform or service provider will cooperate with manufacturers in conducting corrections and removal actions and requires medical app manufacturers to make timely reports of corrections and removals made to reduce a health risk or remedy a violation of the FD&C Act that presents a health risk, and to keep records regarding other corrections and removals. In EU wording: the manufacturer must exercise control over its supply chain and be able to implement Field Safety Corrective Action through its supply chain, while the supply chain is expected to cooperate. This is a very important point, because in my experience manufacturers distributing apps via larger stores will have no control whatsoever over these stores, like the itunes Store or the Android Market. They will have very limited options to implement field safety corrective action (in US wording: recall) in case of serious issues. If the FDA and the EU authorities are serious on safety in this respect, they should require design functionality that gives the manufacturer sufficient reach through to the user (e.g. by means of push messages to discontinue use or to upgrade the app to a new version), but also make it clear to the middle men that they have a duty to cooperate as they may be facilitating illegal / unsafe medical devices. In the EU that would mean that the store would for example lose its 'only intermediary' immunity under the e-commerce directive. Conclusion A lot more can be said about the subject, like how to implement in practice all the consequences of a mobile app being regulated as medical device in practice but I will leave it at this for the moment. In any event this draft guidance should be welcomed on both sides of the Atlantic and JHW Editorial Info-Note 270711 - Regulatory Affairs of Medical Apps Page 3

the EU should use it to its advantage to take a much-needed and due step in the clarification of its regulation of software under the MDD. ehealth applications and websites developed by clinicians: There are rules for that! ehealth is booming, hospitals, doctors, clinics, SMEs, big companies, everybody seems to be developing an app nowadays. It is great to see how many people are throwing their weight behind ehealth initiatives in every possible way: remote monitoring of demented senior citizens by means of image interpreting software, decision support systems,, you name it. I am however constantly baffled by the fact that no one ever considers that this type of software, which has either an important role within a medical process or has a medical function in itself (treatment or diagnosis), should be validated on another level than the purely functional one (the does it work? level). This seems to be part of a bigger problem, because physicians have recently repeatedly demonstrated that they are not that familiar with medical technology rules (but still criticise them). A case in point is the recently launched online Health risk test from the Dutch Bronovo hospital. For a mere 19,95 (for the expert test, there s a free version too) you can fill in a host of information about your yourself, your medical history and your lifestyle after which you receive back an overview outlining a number of highly prevalent diseases and the risk of you contracting them. A lot of doctors seem to have cooperated on this software and have lent their name to it, given the number of pictures of people in white coats on the website. In my view, we are talking about a medical device here: there is a piece of software running on a server which applies a model or decision tree, the software produces a result based on this decision tree, the application serves up the information for medical purposes (diagnosis of health risks). In other words, the application fits the definition of software as standalone medical device. Realising that we are dealing with a medical device, I started looking for the CE sign on the website of this application. No CE sign to be found. So I decided to take the test, hoping that somewhere during the process the CE sign would appear. Still no CE sign. So how can I be sure that the manufacturer of the test has properly tested the software (which includes compiling a technical file supporting the way the software reaches its conclusions and presents them)? Soon after, I heard a radio broadcast on Dutch radio channel BNR Nieuwsradio in which it became clear that the Dutch Healthcare Inspectorate (IGZ) also had its doubts about the test as it had not been properly validated and might therefore be in violation of the Dutch Act on Population Investigation (Wet op het Bevolkingsonderzoek). Apparently the possibility of other infringements, like the Act on Medical Devices, has not occurred even to the Inspectorate yet, or the press has not picked up on it but I couldn t locate an official statement of IGZ on the subject. Another case which underlines my point is an app from a Dutch public clinic which claims to support treatment of anxiety disorders. The app shows movies of frightening situations after which viewers are asked to describe how they felt when watching these movies. At a congress, I asked a representative of the company developing the app (a psychiatrist) if it was clinically validated and whether medical devices risk management processes had been applied. What if a patient saw the wrong movie, got an anxiety attack and decided to jump off a building? After all, the goal of the app was therapy, one of the intended purposes that makes software a medical JHW Editorial Info-Note 270711 - Regulatory Affairs of Medical Apps Page 4

device covered by medical devices rules. The company representative reacted very annoyed with my irrelevant questions and decided to avoid me for the remainder of the congress. These are just examples from the Dutch market that I ran into myself but I am sure these cases occur in other markets too. It is strange to see how clinicians that are working on ehealth solutions outside a medical devices company seem to have a tendency to completely overlook the possibility that they are putting medical devices on the market and risk being charged with illegal behaviour. In this particular case they may also have contravened some other rules in the process. Maybe I have met the wrong clinicians who have clouded my judgement. However, as mentioned before, clinicians sometimes do turn out to be very unfamiliar with the medical devices regulatory framework. Therefore, it seems to me that for ehealth to truly take off in a legally compliant fashion, the medical profession has some serious catching up to do. JHW Editorial Info-Note 270711 - Regulatory Affairs of Medical Apps Page 5