On February 9, 2015, the U.S. Food and Drug Administration (FDA) issued two Guidance documents clarifying its intent to deregulate Medical Device Data Systems (MDDS), medical image storage and communication devices, and most low risk mobile applications (apps) for general health and wellness. The first guidance document, entitled Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices (MDDS Guidance),1 finalizes FDA's June 2014 proposal not to enforce medical device regulations for MDDS, medical image storage devices, or medical image communications devices. The second guidance document, entitled Mobile Medical Applications Guidance for Industry and Food and Drug Administration Staff(2015 MMA Guidance),2 updates the Agency's September 25, 2013 guidance by clarifying FDA's intent to regulate only those medical mobile apps3 and MDDS that meet the Federal Food, Drug and Cosmetic Act's (FDCA's) definition of a medical device4 and would pose a risk to patient safety if they failed to function as intended.
Together, the two guidance documents provide yet another example of FDA's implementation of a risk-based regulatory strategy for medical devices. In adopting this approach, FDA continues to acknowledge that over-regulation of mobile apps could stand in the way of innovation and prevent improvements in patient care and health outcomes. According to a statement issued by Dr. Jeffery Shuren, Director of FDA's Center for Devices and Radiological Health (CDRH) and Bakul Patel, Associate Director for Digital Health, CDRH, the guidance documents represent FDA's ongoing efforts "to clarify which medical devices are of such low risk that [FDA] will no longer focus [its] regulatory oversight on them or [it] will regulate them under a lower risk classification, narrowly tailoring [its] approach to the level of risk to which patients or consumers are exposed."5
2015 MMA Guidance
The 2015 MMA Guidance does not represent a substantive change to the Agency's September 25, 2013 guidance on this topic. As we previously discussed, the September 2013 Guidance described the subset of mobile apps that FDA intended to regulate, and provided an overview of the medical device requirements and regulations that apply to MMAs.
Most of the updates to the 2015 MMA Guidance are located in the document's Appendices, which provide examples of: (1) apps that are not medical devices; (2) apps for which FDA intends to exercise enforcement discretion; and (3) MMAs that FDA intends to regulate as medical devices.6 For example, the Guidance clarifies that FDA intends to regulate mobile apps that connect to a medical device "for use in active patient monitoring or analyzing medical device data"7 and apps "used to calibrate hearing aids."8 Such apps would be regulated under the classification regulation associated with the underlying monitoring device.
The Guidance specifies, however, that FDA does not intend to regulate medical image apps that "are not intended for diagnostic image review such as image display for multidisciplinary patient management meetings (e.g., rounds) or patient consultation (and include a persistent on-screen notice, such as for informational purposes only and not intended for diagnostic use)."9 Other examples of unregulated apps include "mobile apps that provide drug-to-drug interactions and relevant safety information (side effects, drug interactions, active ingredients) as a report based on demographic data (age, gender), clinical information (current diagnosis), and current medications."10
Although the 2015 MMA Guidance clarifies the regulatory status of many types of apps, it does not specifically address clinical decision support tools, nor does it provide specific guidance to manufacturers or developers on how to implement device requirements such as the Quality System Regulation (QSR) or adverse event reporting.
As noted above, the MDDS Guidance finalizes FDA's decision not to regulate MDDS and medical image storage and communication apps that receive, transmit, store, or display medical device data and/or medical images. For these devices and the majority of health and wellness apps described in the MMA Guidance, FDA does not intend to enforce compliance with device regulatory controls, including registration and listing, premarket review, postmarket reporting, and the QSR.11
The Guidance also provides examples of MDDS devices including: software that collects a patient's CO2 output from a ventilator and transmits the information to a central patient data repository and software that stores historical blood pressure information for later review by a healthcare provider.12 Consistent with the 2015 MMA Guidance, the MDDS Guidance specifies that software or devices that perform "active patient monitoring" are not MDDS devices. It also attempts to clarify the distinction between active and passive patient monitoring by providing examples of devices in each category. Examples of devices that do not provide active patient monitoring include an "application that transmits a child's temperature to a parent/guardian while the child is in the nurse/health room of a school" or one that "facilitates the remote display of information from a blood glucose meter, where the user of the meter can independently review their glucose and glucose levels."13
Further, the Guidance eliminates the premarket notification 510(k) requirement for certain in vitro diagnostic MDDS devices that would ordinarily apply when a manufacturer markets a 510(k)-exempt device. FDA typically requires manufacturers of 510(k)-exempt devices to submit a 510(k) if: (1) they make significant modifications to the device; (2) they plan to market the device for a different intended use; or (3) it is an in vitro diagnostic device intended for screening or diagnosis of certain specified diseases or conditions, including cardiovascular disease or diabetes.14 The MDDS Guidance clarifies that FDA does not intend to enforce the 510(k) requirement or other medical device requirements for an MDDS even if it is "an in vitro device that is intended for assessing the risk of cardiovascular diseases (21 C.F.R. 880.9(c)(4)) or for use in diabetes management (21 C.F.R. 880.9(c)(5))."15 The Guidance does not specifically address how FDA intends to regulate MDDS or image storage and communication devices that are integrated into another currently regulated device or intended for use with such a device. Based on FDA's recent Draft Guidance Medical Device Accessories: Defining Accessories and Classification Pathway for New Accessory Types, however, it is likely that an integrated MDDS would be treated as a component of the finished device and not separately regulated. A stand-alone MDDS or MMA would be treated as an accessory to the parent device, but regulated and classified in accordance with the risk-based strategy described in the MMA and MDDS Guidance documents.
Because MDDS and medical image storage and communication devices play a critical role in the exchange and transmittal of health information across the patient care continuum, FDA's decision not to regulate these devices arguably removes certain barriers to market entry. However, FDA's decision not to regulate paves the way for other stakeholders such as the Department of Health and Human Services (HHS) Office of the National Coordinator for Health Information Technology (ONC) to address quality and safety issues such as interoperability through new regulations and standards. It is notable that FDA issued the MDDS Guidance a few days after ONC released its Shared Nationwide Interoperability Roadmap16 and its first annual Interoperability Standards Advisory,17 which describe the process for implementing a unified national patient healthcare information exchange system and standards for interoperability of health IT. It remains to be seen whether ONC's proposed framework will provide developers and healthcare providers with greater flexibility than FDA's medical device Quality System requirements.
Although the MDDS and MMA Guidance documents do not provide details regarding the development of quality processes for MMAs and unregulated mobile apps, the Guidance documents represent a preliminary step in implementing the joint ONC, FDA, and Federal Communications Commission (FCC) interoperability recommendations contained in the April 2014 "FDASIA Health IT Report."18 In the absence of concrete guidance from FDA regarding the implementation of device regulatory controls, including registration and listing, premarket review, adverse event reporting, labeling and quality systems for regulated MMAs, manufacturers and developers must continue to develop practical procedures and policies to ensure ongoing compliance with the applicable regulations.