The size of the market for wearable medical devices in the EU is estimated to grow from approximately USD 2.5 billion this year to USD 5.9 billion by 2026. As EU consumers become more and more used to accessing digital health products using their smartphones and other connected devices, manufacturers and developers continue to innovate and compete to deliver ever more sophisticated, intuitive and life enhancing wearable health solutions. With factors such as an aging population, the ongoing COVID-19 pandemic and increases in chronic health conditions driving demand, what issues are wearable device manufacturers contending with right now, and what emerging issues need to be scoped and planned for over the next few years?
We consider some current and emerging issues and concludes with some practical tips for navigating an uncertain, but exciting, next few years.
With the coming into effect of the Medical Devices Regulation (EU) 2017/745 (the MDR) on 26 May 2021, device manufacturers of all types are continuing to acclimatise to a whole new era in the regulation of medical devices in the EU. Owing to transitional provisions provided for under Article 120 of the MDR, as well as the ongoing publication of guidance and harmonized standards and delays in the launch of a fully operational EUDAMED database, manufacturers are already operating in a challenging regulatory environment.
Wellness/health products vs medical devices
Due to the onerous obligations and requirements that come along with designation as a medical device, manufacturers need to give careful consideration to the distinction between health and wellness products on the one hand, and medical devices on the other. Organisations considering entering the wearable device market by developing innovative software or technologies need to decide whether or not they intend on becoming regulated as a medical device manufacturer, or if developing a wellness product without a specific medical purpose is the preferred option. When assessing the status of a product, the manufacturer’s intended use of the product and the presence or absence of a “specific medical purpose” per the definition of a medical device provided for under Article 2 of the MDR will be central.
Setting aside the manufacturer’s stated intended use for a product, products presented in a way that creates an impression that they are intended to be used for a medical purposes can also be regulated as a medical device on that basis.
For most wearable devices, software is a key element. The MDR has triggered various important changes for software medical devices, many of which leverage the sensors and connectivity of wearable consumer tech products such as smartwatches, fitness trackers and phones. This has led to a growing sophistication in the justifications and analyses deployed by manufacturers as part of their regulatory strategies which is set to continue.
Rule 11 of the Classification Rules provided for under the MDR now operates to up-classify a large proportion of software medical devices from class I under the old Medical Device Directive 93/42/EEC (the MDD) to class IIa under the MDR. Therefore, this requires the involvement of a notified body for the first time. Certification by a notified body as a class IIa device requires a manufacturer to present robust evidence that the device has been carefully designed and thoroughly tested. Manufacturers must also prove that the various systems necessary to ensure ongoing safety and performance of the device are in place and being complied with. The application of the new Rule 11 to the wide variety of different software medical devices on the market and in development can be difficult in certain cases. This includes challenges around the status of devices as ‘accessories’ and concepts such as “driving and influencing” as recurrent themes. The MDCG has published important guidance in this area in relation to software specifically (MDCG 2019-11) as well as classification under the MDR more generally, including a section on Rule 11 (MDCG 2021-24).
The period leading up to 26 May 2021 saw a flurry of activity with manufacturers and developers seeking to finalise technical files and draw up declarations of conformity under the MDD in advance of that date. This was due to the upclassification of a large proportion of software devices under the MDR, and the ability for certain class I devices under the MDD to remain on the market as such after 26 May 2021 using transitional provisions contained in the MDR (Article 120). Given the fast pace of innovation and pressure to launch new products, these transitional provisions were a particularly important mechanism for software medical devices for use with wearable consumer tech products. An important issue arises where manufacturers wish to make changes to devices availing of these transitional provisions. ‘Significant changes’ to devices availing of the transitional provisions are not permitted and this can be a particularly challenging issue for software medical devices, with releases of updates and launches of new versions of existing software devices becoming contingent upon an exit from the transitional phase via certification under the MDR.
Full MDR compliance
Although the transitional provisions have provided a sort of staging post from where manufacturers can achieve certification under the MDR until May 2024, three years is a short time in which to gather, organize and present all of the information and evidence necessary to satisfy a notified body that a device is MDR compliant. Manufacturers and notified bodies alike must also continue to adapt their planning in light continued uncertainty brought about by new guidance and new harmonized standards being regularly published. Added to this, manufacturers who are availing of the transitional provisions under Article 120 (2) and (3) also need to be mindful that various MDR requirements have been ‘live’ since 26 May 2021 in spite of the transitional provisions, namely those relating to post-market surveillance, market surveillance, vigilance and registration of economic operators.
Data and cybersecurity
Although they will continue to inform various emerging issues as well, a significant amount of time is already given by wearable manufacturers to issues around data and cybersecurity. In addition to enhanced cybersecurity requirements under the MDR, the General Data Protection Regulation (EU) 2016/679 has also afforded a higher level of protection to health data for some time. As cyber threats, including data privacy threats, continue to evolve, so too must manufacturers’ abilities to prevent and contain them. The importance of data will also continue to grow in a different way as the use of AI and machine learning tools in medical devices and wearable consumer tech increases. Robust and representative data sets are required to train and test safe AI systems, and various provisions of the proposed AI Regulation would create enhanced requirements in this field of data management also.
Looking ahead to the next five years, manufacturers must also scope a highly dynamic regulatory landscape as a means of identifying and exploiting new opportunities, while also steering clear of unnecessary obstacles or regulatory hurdles.
As wearable devices become ever more sophisticated and interconnected, the need to develop strategies that ensure compliance with various regulatory frameworks is increasing. As well as the MDR, wearable devices can also involve elements that require compliance with the In Vitro Diagnostic Medical Devices Regulation (EU) 2017/746 (the IVDR). An example would include ‘closed-loop’ insulin therapy systems involving the use of wearable insulin pumps and continuous glucose monitors connected to a smartphone via Bluetooth). Added to this, medical devices incorporating AI and machine learning tools are soon expected to be regulated under a proposed AI Regulation that was published in April 2021 and is currently undergoing review and revision as part of the EU-level legislative process.
This proposal is regarded as a major watershed in the regulation of AI globally. It is set to have a profound impact on the use of AI in various sectors of society and the economy across the EU, including the regulation of digital health solutions regulated as medical devices. This growing overlap of regulatory frameworks affecting wearable devices will require innovative solutions that can ensure safety and provide value to users while also maintaining compliance with multiple sets of requirements.
Setting aside the convergence of several new applicable regulatory frameworks, depending on their functionality, some wearable devices have also always required manufacturers to track and ensure compliance with a wide array EU regulatory requirement owing to their status as electronic goods. Even a relatively simple wearable device will require careful consideration regarding pieces of EU harmonised legislation such as:
- The Radio Equipment Directive 2014/53/EU (RED)
- The Low Voltage Directive 2014/35/EU (LVD)
- The Electromagnetic Compatibility Directive 2014/30/EU (EMC), and
- The Restriction of Hazardous Substances Directive 2011/65/EC (RoHS)
Even when a wearable device is classed as a wellness product, thereby falling out of scope of the MDR, the existing General Product Safety Directive 2001/95/EC that would apply to the device is also currently under review. The proposal for a General Product Safety Regulation published in 2021 aims to better account for issues such as the use of software in consumer products and the increasing use of physical products with digital elements. A final layer of complexity is added with the increased connectivity of products, and the need to account for safety and compliance across systems of networked devices, each with their own unique regulatory profile.
Under the existing EU product liability framework, set answers to questions around who bears responsibility for damage caused when a wearable medical device malfunctions (and how) remain under-developed.
However, the next few years are expected to see the coming into force of a revised Product Liability Directive 85/374/EEC, revised to account for the application of concepts such as ‘product’, ‘producer’, ‘defect’ or ‘damage’ in an increasingly digitised and networked market for consumer products. The coming into force of other pieces of EU legislation like the Collective Redress Directive (EU) 2020/1828 also brings with it an increased potential for litigation and class action-style claims brought by groups of EU consumers. This in turn increases the likelihood of a whole new body of case law forming across the EU in relation to liability for defective wearable devices and the software connected to them. Associated pieces of EU legislation focusing on consumer protection such as the Market Surveillance Regulation (EU) 2019/1020 are also expected to enhance the rights of consumers and their abilities to seek redress, especially in relation to goods sold online.
With a lot to contend with already, and more regulatory issues and challenges requiring active management on the horizon, manufacturers and developers will be called upon to commit significant resources to safety and compliance. At a high level, there are a number of practical steps that all stakeholders can take to prepare:
- Regulatory intelligence: Invest resources in tracking the development of various pieces of new and proposed legislation on the way in the next 1 – 5 years. New regulatory guidance from bodies such as the Medical Device Coordination Group (MDCG) in respect of the MDR and IVDR is also constantly being published and updated. Although it might currently be a case of running to stand still, keeping up to date with these developments will pay dividends, especially when it comes to effectively timing new product launches and updates.
- Stakeholder engagement: Work done to track legislative proposals should be leveraged using open consultation processes to ensure that the views of all stakeholders are taken into account as new regulatory regimes take shape. Membership of interest groups and other fora should be explored with a view to achieving maximum impact and influence in the policy making process.
- Partner planning: Developing and launching regulated products requires close coordination with external advisors and stakeholders across the value chain. Clarifying and communicating future plans is a key step in ensuring that partners will be available when needed. This will be especially important when working with notified bodies, who are already under significant resource pressures, and must also continue to adapt to new guidance and new legislation in real time.
- Product placement: Products need to be assessed at an early stage to ascertain whether or not the medical device framework is triggered in any give case. Manufacturers can then adopt a structured and strategic approach to regulating their offering, ideally drawing on the necessary legal and technical expertise, in order to ensure that the product they intend to make available to users is compliant with all necessary regulatory requirements.