One of our experts was recently a panelist at the MMA Roadshow workshop on “Managing App Development under FDA Regulation,” which took place at Johns Hopkins University Bloomberg School of Public Health. The MMA Roadshow is an educational series led by the mHealth Regulatory Coalition (MRC) that is held at universities across the U.S. to demystify FDA requirements for app developers and identify best practices for those producing regulated apps.
The MRC, formed in 2010, has become the voice of mHealth technology stakeholders in Washington. The coalition was formed to ensure that the regulatory environment for mHealth technologies allows for innovation while also protecting patient safety. The coalition serves as a thought leader in the mHealth ecosystem, providing expertise and guidance on which mHealth technologies should be regulated and how.
The workshop opened with a presentation from Bakul Patel, Senior FDA Policy Advisor, on the final Mobile Medical Applications (MMA) Guidance. The FDA has chosen to regulate apps through Smart Regulation, which involves:
- Focusing oversight on higher patient risk technology/software;
- Using regulatory tools selectively, as appropriate for each technology;
- Scaling back from their traditional approach (i.e., Class I, Class II Class III);
- Relying on a quality systems approach.
Much of the discussion surrounded what types of apps the FDA will regulate. Most people would expect mobile apps to be put into two buckets: (1) those the FDA regulates and (2) those it does not. But it is not that simple. Actually, there are three buckets that include (1) those FDA regulates, (2) those it does not, and (3) those FDA could regulate but which the agency has decided, at least temporarily, not to regulate.
The complexity stems from the all-encompassing definition of a medical device. Fortunately, the FDA is supposed to use its judgment and limit the scope of medical devices to those that truly need to be regulated, even though the statutory definition is not expressly based on any risk criteria. The FDA regulations have not changed, and in the MMA final guidance the FDA reiterates that it is the functionality, not the platform, which determines whether they regulate an app.
An app used for urinalysis was used to demonstrate the type of FDA enforcement in this market. If the FDA has traditionally regulated urinalysis machines, the app would be regulated because it essentially performs the same function. The intended use determines whether the FDA will regulate an app, not the machine on which it is performed. The FDA website provides a searchable database of all medical devices that the agency has approved or cleared so that companies can determine if the functionality is regulated.
Mobile medical apps can be accessories because they are promoted with a specific intended use: to “accessorize” a medical device. Some of the more complicated examples are MMAs that don’t simply connect to an existing medical device, but transform a mobile phone into a medical device itself. In the MMA guidance, the FDA declares that it will regulate apps that are an “extension” of a medical device. To be an extension, the app must be connected to the medical device, and must do one of two things:
- Control the medical device, or
- Display, store, analyze or transmit patient specific medical device data.
The FDA says they will also regulate apps that perform patient specific analysis and provide patient-specific diagnoses or treatment recommendations.
What is and is not regulated will become clearer as FDA uses its enforcement discretion to set precedent. App developers who currently have an MMA on the market, or that are developing one, should closely monitor the latest FDA developments.