The Food and Drug Administration (FDA or the Agency), the US regulating authority in the sphere of medical devices, has published a guidance document dedicated to medical device data systems, medical image storage devices, and medical image communications devices.
The latest version of the guidance was issued in September 2019. Due to its legal nature, the document itself does not introduce any new rules or requirements but provides additional clarifications on the matter and recommendations to be considered by the medical device manufacturers and other parties involved in operations with medical devices covered by its scope. The Agency additionally emphasizes that an alternative approach could be applied, provided such an approach complies with the applicable regulatory requirements and has been approved by the authority in advance.
The Agency acknowledges the rapid development of digital health technologies taking place nowadays. In order for innovative devices to operate in an efficient manner, they should be able to operate in connection with other devices. According to the document, the basis of such connection is hardware and software, typically referred to as medical device data systems (MDDS) that transfer, store, convert formats, and display medical device data or medical imaging data. Initially classified as Class III (high-risk) medical devices under the applicable risk-based classification, later in February 2011, MDDS were reclassified as Class I (low-risk) medical devices, as it was confirmed that the potential risks associated with such devices are relatively low. Later in February 2015, the authority notified interested parties about its intent not to enforce compliance with the applicable regulatory controls in order to reduce the unnecessary regulatory burden and facilitate further development of novel technologies.
In accordance with recent amendments to the Federal Food, Drug, and Cosmetic (FD&C) Act introduced by the 21st Century Cures Act, some of the software functions have been repealed from the definition of a medical device usually used to determine whether the particular product in question should be subject to regulation as a medical device. It was stated that software functions that are solely intended to transfer, store, convert formats, and display medical device data or medical imaging data, unless the software function is needed to interpret or analyze clinical laboratory test or other device data, results, and findings, are not devices and are not subject to FDA laws and regulations applicable to devices. Now, the regulating authority intends to harmonize the definition of MDDS provided in different regulations since certain inconsistencies still exist. According to the existing legislation, hardware products that are intended to transfer, store, convert formats and display medical device data and results remain devices under section 201(h) of the FD&C Act. However, the regulating authority will not enforce compliance with the respective controls, provided that all-important criteria are met.
Regulatory Requirements in Detail
The approach applied by the FDA is consistent with the one described in the Policy for Device Software Functions and Mobile Medical Applications.
First, the authority provides the definitions of the most important terms used in the guidance, namely:
- Non-Device-MDDS: software functions that are solely intended to transfer, store, convert formats, and display medical device data or results.
- Device-MDDS: hardware functions that are solely intended to transfer, store, convert formats, and display medical device data or results.
Additionally, the FDA provides several examples of the products of each type in order to assist the parties involved in interpreting the current legislation.
The authority explicitly mentions that an MDDS neither changes the data it processes nor controls the functions of a medical device to which it is connected. At the same time, the software functions that generate alarms are subject to regulation by the FDA since they are in some way interpreting the data used for patient monitoring.
According to the guidance, software functions that are still subject to the oversight of the FDA could be described in the following way:
- The clinical context requires a timely response (e.g. in-hospital patient monitoring).
- The clinical condition (disease or diagnosis) requires a timely response (e.g., a monitor that is intended to detect life-threatening arrhythmias, such as ventricular fibrillation, or a device used to actively monitor diabetes for time-sensitive intervention).
Examples of medical devices that are intended for active patient monitoring are the nurse telemetry station or the device that receives information from monitoring devices used in a home setting.
Regulatory Approach for Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices
Apart from the medical devices described above, the scope of the present guidance also covers medical image storage devices and medical image communications devices. As stated in the document, such products should not be treated as medical devices. Hence, they fall outside the scope of the regulatory framework for medical devices, provided they are solely intended to transfer, store, convert formats, and display medical device data and results, including medical images, waveforms, signals, or other clinical information. At the same time, the authority also mentions that certain software functions related to the analysis or interpretation of data deriving from a medical device could still be regulated by the Agency.
As mentioned, hardware functions that are intended to transfer, store, convert formats and display medical device data and results remain devices under section 201(h) of the FD&C Act; however, the Agency will not enforce the applicable regulatory requirements with regard to the products that are Device-MDDS, medical image storage, or medical image communications devices as long as the scope of the functions is limited to the scope outlined above. Thus, the Agency will not enforce compliance with the regulatory requirements related to the product registration, initial premarket review, following postmarket reporting, as well as requirements related to the quality system to be employed by the manufacturer.
The document further describes the applicable exemptions from the premarket notification requirements to which the products in question could be subject.
In summary, the present FDA guidance describes the regulatory approach the authority intends to apply with regard to certain specific types of devices, some of which fall outside the scope of the definition of a medical device. For such products, compliance with any and all regulatory requirements for medical devices would not be required due to the relatively low risks associated thereto.
How Can RegDesk Help?
RegDesk is a next-generation web-based software for medical device and IVD companies. Our cutting-edge platform uses machine learning to provide regulatory intelligence, application preparation, submission, and approvals management globally. Our clients also have access to our network of over 4000 compliance experts worldwide to obtain verification on critical questions. Applications that normally take 6 months to prepare can now be prepared within 6 days using RegDesk Dash(TM). Global expansion has never been this simple.