The U.S. Food and Drug Administration is nearing the finish line in its efforts to define its regulation protocols for mobile medical apps. And the final two guidance documents, released earlier this month, paint the picture of an agency balancing a hands-off approach with the need to govern mHealth apps that affect clinical decision-making.
The agency's actions are designed to give the fast-moving mHealth landscape a set of standards by which new apps and platforms will be held. That's good for developers and entrepreneurs looking to enter the field, and for healthcare providers wondering whether the solutions they're using or prescribing are safe.
In separate documents, the FDA has decided that it will not regulate apps that don't have what's defined as a medical function, and that it will govern apps that perform specific medical device functions. Separately, the FDA indicated it would not regulate medical device data systems that receive, store, send or display data from medical devices, deeming those MDDS systems as being a low risk to patients.
Last month, the FDA announced that it wouldn't extend enforcement to low-risk products that are intended for general wellness. This comprises a vast majority of the consumer-facing wearables market, including fitness bands and watches. "These products are designed to maintain or encourage a general state of health and may associate a healthy lifestyle with reducing the risk or impact of certain diseases or conditions," Jeffrey Shuren, MD, JD, director of the FDA's Center for Devices and Radiological Health, and Bakul Patel, the FDA's associate director for digital health, wrote in a recent blog. "We hope this policy fosters the development of low-risk products intended to promote a healthy lifestyle."
The final two guidance documents received high marks from Bradley Merrill Thompson, a Washington D.C. attorney and general counsel for the mHealth Regulatory Coalition. In a letter to mHealth News, he said the FDA "is quite earnestly working to ensure that it uses the lightest regulatory touch appropriate for software."
In terms of what it will or won't regulate, the FDA has announced that it will hold sway over mobile apps that help clinicians make medical decisions, include those that:
- Turn a platform into a mobile medical device;
- Analyze data from a connected device or an active patient monitoring platform (including those that are "intended to be relied upon to take immediate clinical action"); and
- Connect to devices that control its operation, function or energy source.
Conversely, the agency has decided that it won't regulate apps that, for instance:
- Interact with clinicians through electronic health records;
- Enable users to manage their health (though without making any suggestions on treatment);
- Track or assemble health data; and
- Perform a function for providers.
In its guidance document on MDDS, the FDA opted for a hands-off approach, noting that such systems don't control medical devices but serve to transfer, store, display or convert data from one format to another. That document also clarified that image-based data would be included in this category.
That got Thompson's attention.
"This is actually remarkable in many ways," he said. "This type of software used to be regulated as an accessory, so if the software was used, for example, to transfer data out of the blood glucose meter, it was class II. Then, in 2011, FDA put such software uniformly in class I regardless of the medical device it accessorized. That was a huge step, because some of the software connected with class III devices. Now FDA has exempted the software from all FDA regulation, and indeed swept in image management software."
"Through these actions, we continue to clarify which medical devices are of such low risk that we will no longer focus our regulatory oversight on them or we will regulate them under a lower risk classification, narrowly tailoring our approach to the level of risk to which patients or consumers are exposed," Shuren and Patel wrote in their blog.
Other mHealth stakeholders – such as the Health IT Now Coalition – have generally praised the FDA's direction, but note that Congress is eyeing similar enforcement in a couple of pending bills. That could set things up for a turf battle between those who feel the FDA should have regulatory discretion and those who want those guidelines set forth in law.
"(T)he draft guidance comes at a crossroads for the FDA, as the agency is facing bipartisan legislation moving through both houses of Congress that would clarify the role of the agency with regard to regulating health IT," the Health IT Coalition said in a press release. "The guidance comes on the heels of the Office of the National Coordinator working group on FDASIA report, which states that regulation of health IT must be fixed in legislation not regulation because it is ‘broken at the written law level.’
"We urge the FDA and the ONC to work with legislators in Congress to develop a new regulatory framework that encourages innovation and protects the safety of patients," the release concluded.
