Medical Devices and FDA

Digital Health

In the first of a three-part series, Covington’s global cross-practice Digital Health team answers key questions that companies across the life sciences, technology, and communications industries should be asking as they seek to fit together the regulatory and commercial pieces of the complex digital health puzzle.

Key Regulatory Questions About Digital Health Solutions

1. What

On 28 June 2017, Advocate General Sanchez-Bordona (AG) presented his opinion in case C-329/16 Syndicat national de l’industrie des technologies médicales and Philips France following a request for preliminary ruling from the Conseil d’État (France) to the Court of Justice of the European Union (CJEU) concerning the laws governing the classification of software medical devices.

On Friday, July 28, FDA announced a new Software Pre-certification (Pre-Cert) Pilot Program in a Federal Register notice.  The Pre-Cert program is one of three main action items discussed in the agency’s recently-released Digital Health Innovation Action Plan.  CDRH also held a webinar on August 1 to provide an overview of the program and answer stakeholder questions.

In an accompanying FDA Voice blog post, Commissioner Gottlieb acknowledged that “FDA’s traditional approach to medical devices is not well suited” to digital health products.  The agency is looking to develop a new regulatory framework that “accommodates the distinctive nature of digital health technology, its clinical promise, the unique user interface, and industry’s compressed commercial cycle of new product introductions.”

The Pre-Cert pilot program is the agency’s first step in developing the Pre-Cert program that the agency initially announced last month.  The Pre-Cert program will replace the agency’s current product-by-product premarket review process with a process to pre-certify software developers who demonstrate sufficient quality performance.  Pre-certified developers would be able to market their software devices with no, or streamlined, premarket review.  The program is intended to allow manufactures of software devices to get to market faster and have greater flexibility to iterate product design based on real world experience.

To move the Pre-Cert program from concept to implementation, the agency is initiating a pilot program.  The goal of the pilot is to leverage input from the participating companies to help the agency establish the appropriate criteria for pre-certification and appropriate review process for pre-certified companies.  Thus, participating companies will have a remarkable opportunity to shape the program and the agency’s regulatory approach to digital health products.

The Pre-Cert program’s developer-based approach represents a significant shift from the agency’s longstanding, fundamental approach to regulating medical products on a product or category basis regardless of the manufacturer.  We expect that there will be significant interest in the pilot, although FDA will only select nine companies to participate.  FDA also strongly encourages companies who do not participate in the pilot to submit feedback through the public docket.

Continue Reading FDA Initiates Software Precertification Pilot Program

On July 27, FDA published its Digital Health Innovation Action Plan. The plan provides details and timelines for the agency’s Digital Health Innovation Plan, announced by FDA Commissioner Scott Gottlieb last month.

The action plan describes the agency’s “next steps” over the coming year to “encourage digital health innovation by redesigning [FDA’s] policies and

Earlier today, on the InsideMedicalDevices blog, our colleague posted a summary of the FDA’s recent issuance of draft guidance on “Postmarket Management of Cybersecurity in Medical Devices.”  The release of the draft guidance coincided with the conclusion of a two-day public workshop hosted by the FDA entitled, “Moving Forward: Collaborative Approaches to Medical Device Cybersecurity.”

On November 2, 2015, the HHS Office of Inspector General (OIG) published its FY 2016 Work Plan, which summarizes new and ongoing activities that OIG plans to pursue with respect to HHS programs and operations during the fiscal year.

The FY 2016 Work Plan includes a new review initiative to examine “whether FDA’s oversight of hospitals’ networked medical devices is sufficient to effectively protect associated electronic protected health information (ePHI) and ensure beneficiary safety.”  The Work Plan notes that networked medical devices, such as radiology systems and medication dispensing systems that are integrated with electronic medical records and the larger health network, “pose a growing threat to the security and privacy of personal health information.”  OIG’s Work Plans for FY 2014 and FY 2015 both included a similar review focused on oversight by CMS of hospitals’ security controls over networked medical devices.  This review activity has been removed in the FY 2016 Work Plan.

Continue Reading OIG FY 2016 Work Plan Includes Review of FDA’s Oversight of Networked Devices

On October 20, 2015, the U.S. Food and Drug Administration (FDA) Center for Devices and Radiological Health (CDRH) released its top ten Regulatory Science Priorities for FY 2016 to facilitate improvements in the safety and effectiveness of medical devices and accelerate innovation. Several of the priorities would harness health information technology or health data to improve regulatory decision making, such as by:

  • Leveraging “Big Data” warehouses such as the human genome sequence database and clinical trials databases. CDRH notes that these sources are “underutilized in regulatory decision making” and could “streamlin[e] scientific review and identif[y] potential emergency post-market issues earlier in the process.”
  • Researching ways to improve device cybersecurity and enhance the performance of devices, including through interoperability and an understanding of how software modifications impact device performance.
  • Leveraging evidence from clinical experience, such as after-marketing observational data in healthcare databases.
  • Developing and validating instruments for collecting and using patient experience data and patient reported outcome measures (PROMs).


Continue Reading FDA Regulatory Science Priorities Address Use of Data, Health Information Technology

Last week, our colleague Libbie Cantor published a post on our InsidePrivacy blog regarding the Online Trust Alliance’s (OTA) release of a draft framework of best practices for Internet of Things device manufacturers and developers.  This draft framework applies to, among other things, eHealth technology, such as wearable fitness and health technologies.  The OTA is