The US FDA’s Regulation of Mobile Medical Apps
The US Food and Drug Administration (FDA) is the federal agency responsible for the regulation and oversight of medical devices, including mobile medical apps. Beginning with its “FDA Policy for the Regulation of Computer Products” issued in 1989, the FDA has carefully monitored the use of software products in connection with medical devices.
Over the ensuing two decades, the agency has continuously modified its policies and regulatory procedures to keep pace with the widening use of software products in healthcare.
Defining and regulating mobile medical apps
According to the FDA, a “mobile app” is a software application that can run on a mobile platform or a web-based software application for a mobile platform that is run on a computer server. A “mobile medical app” is either “intended to be used as an accessory to a regulated medical device,” or “intended to transform a mobile platform into a regulated medical device.” Mobile medical apps can be considered “medical devices” and subject to FDA oversight if they are “intended for use in the diagnosis or the cure, mitigation, treatment, or prevention of disease, or to affect the structure or any function of the body.”
More recently, the FDA has recognized the emerging use of software applications on mobile platforms in the delivery of healthcare services. To provide assistance to software developers and agency administrative staff on the regulatory framework applicable to mobile medical apps, the FDA issued a draft of its guidance document for mobile medical apps in July 2011. The agency reportedly received more than 130 comments on the draft guidance, and issued a final guidance document in September 2013.
Types of mobile medical apps subject to FDA regulations
As outlined in the guidance document, the FDA intends to apply a risk-based approach to the regulation and oversight of mobile medical apps. Rather than attempting to regulate all mobile medical apps, the FDA will instead focus its attention primarily on a subset of apps that pose a greater risk to patients. Specific types of mobile medical apps subject to the agency’s regulatory oversight include those that:
- Serve as an extension to an existing medical device through a wired or wireless connection, and which control that device or which display, store, analyze or transmit patient-specific information generated by that device
- Transform a mobile platform, such as a smart phone or tablet computer, into a regulated medical device through the use of attachments, display screens or sensors in order to create functionality similar to other regulated medical devices
- Perform patient-specific analysis or provide patient-specific diagnosis or treatment recommendations.
FDA regulations applicable to mobile medical apps
Appendix E of the FDA’s guidance document provides an overview of the regulatory requirements applicable to all medical devices, including mobile medical apps. Specific requirements include:
- Establishment registration and medical device listing
- Premarket submission for approval or clearance
- Quality system regulation
- Product labeling
- Adverse event reporting
- Other Applicable FDA Regulations
A mobile medical app may also be subject to other general regulations or device-specific regulations. For example, the FDA has implemented regulations applicable to wireless medical that address considerations regarding radio frequency issues. Other FDA regulations cover medical devices intended for home use, which include consumer usability issues. Ultimately, these and other requirements applicable to a given mobile medical app will depend on the app’s intended use or specific configuration with other medical devices.
Recommendations for mobile medical app developers
The FDA guidance document on mobile medical apps provides a useful starting point for developers seeking to understand their obligations under FDA rules, and how specific FDA requirements apply to their products. However, it is important to note that FDA guidance documents are only intended to provide insight into the agency’s planned regulatory approach. As such, statements and positions outlined in guidance documents do not have the force of law and are not a substitute for the FDA’s actual requirements.
In addition to a careful review of the guidance document and applicable FDA requirements, developers of mobile medical apps should also consider taking the following actions in advance of placing their products on the market:
- Determine whether a mobile app is subject to regulatory oversight
- Identify and evaluate all probable means for using an app
- Conduct a risk management assessment
- Determine applicable regulations and standards
- Coordinate regulatory efforts
- Seek additional technical and regulatory guidance as appropriate
Summary and conclusions
The use of mobile medical apps in the provision of healthcare services is growing rapidly, but mobile app developers may be unclear whether their products are subject to the FDA’s oversight of medical devices. The FDA’s guidance document addressing mobile medical apps provides in-depth information on how the agency plans to regulate these products. However, it is not a substitute for an in-depth understanding of the actual regulations and requirements applicable to mobile medical apps.
Developers should conduct a thorough and systematic review of their mobile apps to determine whether FDA oversight is applicable to their products, and to understand the safety risks inherent in their product’s design and anticipated use. An experience third-party can provide expert guidance that can identify potential safety issues early in the product design process and ease the regulatory approval process.
Laura Élan is North America Customer Solutions Manager at UL.