Digital health devices are no longer new on the scene, but the regulatory landscape continues to evolve. As predicted in our blog post earlier this year, the latest development is new U.S. Food and Drug Administration (FDA) guidance documents for digital health devices that were released in September and October 2022. Keeping track of these types of changes can be challenging, which is why we have created a one-stop shop with a breakdown of devices and relevant resources for easy reference.
FDA Guidance Objectives
The draft documents for digital health devices had been around for a while, but the FDA decided to revise and finalize many of them and create clearer definitions for devices that fall under the umbrella of digital health, including:
- SaMD - Software as a medical device
- SiMD - Software in a medical device
- MDDS - Medical device data systems
- MMA - Mobile medical apps
- CADx - Computer-assisted diagnosis that helps physicians determine diagnosis
- CADe - Computer-assisted detection that detects areas of interest in a scan
- CADt - Computer-assisted triage that helps determine where to direct patients
- CDSS or CDS - Clinician decision support software that helps make informed decisions about diagnoses with a faster brain to process patient data
- DTx - Digital therapeutics, an umbrella term
- DDx - Digital diagnostics, similar to CADx, that takes inputs and helps aid in diagnosis
The objective behind this effort was to get more information to stakeholders, industry participants and patients about how the FDA intends to regulate and how FDA reviewers should operate in the digital health space. Artificial intelligence (AI) and machine learning (ML) are additional areas where the FDA is trying to provide more insight into how devices that use AI and ML will be regulated and what information to include in pre-market submissions.
The FDA Digital Health Policy Navigator
The Digital Health Policy Navigator is a tool designed to help you determine the appropriate regulatory path for your digital health device. Each step directs you to the relevant guidance documents you should reference.
Start by understanding the definition of “software function.” The FDA defines this as a “distinct purpose of the product,” and products may have multiple functions. Examples include data analysis, storage and transfer. The software function may or may not meet the definition of a device. Regulatory oversight is only required for software that meets the definition of a device and could pose a risk to patient safety if the device fails to function as intended.
Once you have determined the software functions, complete all seven steps in the navigator for each of them.
Step 1: Is the software function intended for a medical purpose?
Devices that include software that has a medical purpose are subject to FDA oversight. A device qualifies for regulation if the software function is “intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment or prevention of disease.” All regulatory documentation requirements flow from the intended use, so this first step of identifying the intended use, applicable conditions and patient populations is critical.
Step 2: Is the software function intended for administrative support of a health care facility?
If your software is intended for administrative support, it is not considered a device. This includes administrative support of a healthcare facility or laboratory and also encompasses software for transferring, storing, converting formats or displaying clinical laboratory test data and results.
Step 3: Is the software function intended for maintaining or encouraging a healthy lifestyle?
If the software is intended for general support of a healthy lifestyle and is not centered around a specific disease or condition, it is not likely considered a device. Exceptions include if the device aims to reduce risk around a specific chronic disease or condition. Low-risk general wellness products are not subject to FDA regulation.
Step 4: Is the software function intended to serve as electronic patient records?
Software for digitizing or managing patient records is not considered a device. However, if the software has any function designed to interpret or analyze patient records, it may be considered a device.
Step 5: Is the software function intended for transferring, storing, converting formats or displaying data and results?
Software for storing and transferring medical imagery and other clinical information may be a device if it affects the parameters of another medical device, generates alerts, monitors patients or analyzes that data.
Step 6: Is the software function intended to provide clinical decision support?
Clinical decision support (CDS) is a software function that may be a device if it meets certain criteria. It specifically depends on whether the software provides recommendations and whether the provider relies on those recommendations.
Step 7: Does the Device Software Functions and Mobile Medical Applications Guidance apply?
If the device provides information intended to help patients manage their health, the FDA may regulate it as a device or exercise enforcement discretion, depending on the risk level of the device.
Summary of FDA Guidance Documents for Digital Health Devices
If you design or manufacture digital health devices, take a close look at the final guidance documents recently released by FDA. These are the documents reviewers reference when assessing medical devices, so it’s important to understand their content.
Clinical Decision Support Software
This document covers CDS software and provides examples of non-device CDS functions that meet all four criteria and those that do not meet one or more of the criteria. The goal of the guidance is to clarify the types of CDS software functions that are excluded from the definition of a device.
The four criteria that must be met are that the device is:
- Not intended to acquire, process or analyze a medical image or signal.
- Intended for the purpose of displaying, analyzing or printing medical information about a patient or other medical information.
- Intended for the purpose of supporting or providing recommendations to a health care professional about prevention, diagnosis or treatment of a disease or condition.
- Intended for the purpose of enabling such health care professionals to independently review the basis for such recommendations to make a clinical diagnosis or treatment decision.
The agency released two documents related to CAD devices:
- “Clinical Performance Assessment: Considerations for Computer-Assisted Detection Devices Applied to Radiology Images and Radiology Device Data in Premarket Notification (501(k)) Submissions”
- “Computer-Assisted Detection Devices Applied to Radiology Images and Radiology Device Data - Premarket Notification [501(k)] Submissions”
These documents pertain to patient radiology images or patient radiology device data and the FDA’s recommendations regarding 510(k)s for these types of devices. The guidance documents include the product codes that each addresses and how to address the technology in regulatory submissions.
Medical Device Data Systems
This guidance document, which covers Medical Device Data Systems (MDDS), Medical Image Storage Devices and Medical Image Communications Devices, indicates that these devices are not subject to FDA regulation if the software is solely for electronic transfer, storage, conversion of formats or display of medical device data and results.
Mobile Medical Applications
The “Policy for Device Software Functions and Mobile Medical Applications” guidance document states that software for mobile platforms will be regulated if it meets the definition of a device and poses a risk to patients if it does not function as intended. The document provides examples of devices that do and do not meet the criteria.
Cybersecurity in Medical Devices
“Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” is intended to “provide recommendations to industry regarding cybersecurity device design, labeling and the documentation that FDA recommends be included in premarket submissions for devices with cybersecurity risk.” This builds on the guidance documents from 2014 and 2018, and while the 2014 document is still the “final” guidance, FDA has been asking companies to consider and reference this document during the design process and for pre-market submissions.
How RQM+ Helps
If you market digital health devices and need more regulatory resources, our team is here to help. Whether we’re providing consulting about FDA strategy and submissions, supplementing your team or handling every aspect of a project from start to finish, we have the expertise to deliver business-balanced solutions.
If you’d like to see our team in action, check out the RQM+ Live! episode, “Medical Device Software: Top Deficiencies and Requests for Additional Info from FDA and Notified Bodies.”