Part 1: What is a medical device?
In this two-part series we are going to answer this question: first by determining what the FDA considers a medical device and secondly by looking at software specifically and how it is regulated by the FDA.
How can you tell if your company’s mobile app or software would be subject to regulation by the FDA?
The financial considerations of submitting an application for FDA approval are significant, with costs that can rise to several hundreds of thousands of dollars, depending on the intended audience for your software. Even more, the process of approval can include detailed and extensive clinical trials which could result in longer wait times before your software can be released, a significant consideration in the rapidly-developing MedTech environment.
But first let’s clarify what the FDA considers a medical device.
The FDA regulates two main categories of healthcare products: Drugs and Devices. The first part of this is easy as drugs are described as substances which “achieve their primary purpose through chemical action within or on the body.”
As software does not typically perform any chemical actions on the body, your software might fall in the realm of Devices.
A device is described by section 201(h) of the Food, Drug and Cosmetic Act (FD&C Act):
“A medical device is an instrument, apparatus, implement, machine, contrivance, implant or in vitro reagent,” which is intended to:
Straightforward, right? Not quite.
Certainly, some medical devices requiring FDA regulation are straightforward and intuitive, including items such as wheelchairs and insulin pumps. However, the designation of a regulated device can be more tricky, requiring a clear understanding of FDA code and possibly consultation with a regulatory affairs professional.
Take, for example, the following case:
An active middle-aged gentleman purchases a $40 smartwatch to track his activity and calories burned. His smartwatch detects an abnormally high heart rate, for which he seeks medical attention. His doctor orders an electrocardiogram (or ECG) and diagnoses him with an arrhythmia.
In the eyes of the FDA, would the smartwatch be considered a medical device and, therefore, subject to the full regulatory procedure of a medical device? The answer might surprise you. Basic smartwatches which track heart rate, calories burned and even sleep patterns have NOT traditionally required FDA approval.
However, in September 2020, Fitbit announced that the FDA had given its approval for the new Sense smartwatch for its electrocardiogram (ECG) app. To meet the FDA’s requirements, Fitbit demonstrated that the device could accurately and consistently detect a type of arrhythmia known as atrial fibrillation (or Afib). For $329, the smartwatch offers its user basic heart monitoring, an oxygen sensor and the ability to detect heart rate abnormalities.
Why does the $40 smartwatch not require FDA approval while the $329 Fitbit Sense smartwatch requires both clinical testing and FDA approval?
It all comes down to the definition and the intent of the software or device. Let’s take a closer look.
A basic smartwatch promises to use heart rate only to calculate calories burned, track steps and record physical activity. Tracking heart rate cannot alone, in a strict medical sense, diagnose a medical condition. An electrocardiogram (and preferably an astute physician) is needed to diagnose a heart arrhythmia. Our hypothetical patient’s $40 smartwatch does not promise to diagnose diseases/conditions OR Cure, mitigate, treat or prevent disease AND it does not affect the structure/function of the human body. It only promises to track heart rate and calories, encouraging people to walk those extra 1000 steps.
In fact, if you read the fine print, you will find this exact verbiage on many smartwatch sites, stating clearly that the device is “not intended to treat, cure or prevent any disease,” and wisely referring users to their physicians for further evaluation.
However, the Fitbit sense includes a feature that allows it to generate a similar reading as an electrocardiogram or ECG, and promises to diagnose a specific medical condition.
For an extra $290, it DOES intend to “diagnose diseases/conditions.”
So in the eyes of the FDA, it is a medical device and is thus subject to regulation. And we can expect to see more devices promising to diagnose conditions, including even COVID 19, as technology improves and new insights can be gained. (Check it out here.)
Let’s look at a few other products and apply the same principles to determine how they might be viewed by the FDA.
Take, for example, a mobile app that helps patients with obesity manage their condition by suggesting healthy diet/exercise and even prompting them to maintain proper medication dosing and schedules.
Although the app can be a powerful tool in the treatment of obesity, it does not make specific treatment decisions, and would not typically require FDA approval.
In contrast, an app that tracks ovulation times in women, serving as a contraceptive that promises to prevent pregnancy, would be subject to FDA regulation. In March 2021, an early pioneer in period-tracking apps, Clue, announced that it was preparing to launch an app that would be 98% effective in preventing pregnancy under perfect use (for context, “the pill” is 99% effective under perfect use and male condoms are 98% under perfect use). This “digital contraceptive” app also specifically claims to be an effective tool in preventing pregnancy” and as such requires approval by the FDA. In fact, the Berlin-based company announced that they recently gained FDA clearance for the product, in time for a US launch in 2021.
Let’s look at one more example.
A low-risk app used by physicians to perform simple calculations routinely used in medical care, such as Body mass index (BMI), would not be regulated.
However, software that uses patient-specific analysis to help physicians perform high-risk calculations, such as dosage plans for radiation therapy, would be regulated by the FDA. This software is specifically intended to “mitigate” and “treat” disease.
So, you’ve determined your software might be considered a medical device. That means it would need to be regulated, right? Not so fast, there is more to consider. Some software functions may meet the definition of a medical device but because they pose a lower risk to the public, the FDA may not enforce requirements under the FD&C Act.
Let’s take a look at our last example of a software that uses patient-specific analysis to help physicians calculate dosage plans for radiation therapy. You might be able to imagine how an error in the calculation for a radiation dose might lead to dangerous outcomes for a patient.
This example provides an important lesson about how the FDA approaches devices to determine if they classify as a medical device. Potential risk to the patient also matters—specifically the question of whether or not a “malfunction of or latent design flaw” could result in significant harm to a patient. The higher the potential of injury to the patient depending on the device, the more likely it would be regulated.
In our next blog post, we are going to take a look specifically at software and how the FDA classifies software within the realm of medical devices, taking into consideration issues like risk level.
This article is meant as a brief, simplified overview intended to be used for informational purposes only. Determining if your healthcare-related software would be subject to FDA regulations can be a complex and challenging prospect, so consulting a regulatory affairs professional can be a wise approach. Hopefully, this article provided a quick primer to help you along your journey.
For official FDA rules and regulations, please refer to the FDA’s Website.