Member Article

Five top tips for entering the mobile medical market

Head of regulation at mobile diagnostics specialist, Novarum, Dr Alasdair Christie, has put together a five step guide to medical mobile app regulations – to outline what providers need to consider and help companies looking to navigate the complicated regulatory structure around mobile medical apps.

There’s no doubt that we’re in the midst of a mobile revolution and there’s no sector where this is truer than healthcare, where numerous applications are coming to market that promise to transform the way we access medical services and provision.

The opportunities for businesses looking to tap into this lucrative market are huge, but complex regulatory barriers to entry can often be off-putting to companies – particularly those looking to enter highly-regulated markets like the USA or EU.

Although major regulators like the FDA recognise the potential benefits posed by mobile technology and are in the process of reevaluating the approach to digital health via projects like the FDA’S Digital Health Program, the regulatory landscape around mobile technology is still highly complex. This presents a highly challenging landscape for businesses looking to enter the sector.

Novarum works with leading diagnostic companies all over the world creating intuitive, accurate, easy-to-use apps that support and enhance their diagnostic technology. Their team is well versed in developing and delivering apps that fit within current regulatory frameworks and works with companies of all sizes, from initial conception of an app, all the way through to delivering the final integrated solution. Here are their top five tips for entering the mobile medical market:

1. Make sure you define your regulatory strategy early:

Defining the regulatory strategy early in the development can save time and cost. Software developers require a good understanding of regulatory approval and validation to develop robust apps the will achieve clearance.

Retro fitting regulatory documentation into existing apps is extremely difficult. Mobile medical apps should be designed from the start with the regulatory requirements in mind. To achieve this, the developer must manage the entire software lifecycle under IEC 62304 - a standard which specifies life cycle requirements for the development of medical software and software within medical devices. It is harmonised by the EU and the USA, so can be used as a benchmark to comply with regulatory requirements from both markets.

2. How are medical apps in the EU and USA regulated?

Apps with a medical function are regulated in the same way as other medical devices in the USA and EU.

While there are subtle differences between the definition of medical devices in the EU and USA, in general any app which is intended for use in diagnosis, treatment, mitigation or prevention of disease will be a medical device.

The FDA has defined Medical Mobile Applications (MMA), as: • Apps that meet the definition of “medical device” • Apps that are intended to be used as an accessory to a regulated medical device • Apps that transform a mobile platform into a regulated medical device

All MMAs should be built to conform to the applicable medical device standards, however not all MMAs will require clearance before being launched to the market. Some MMAs intended for the European Market will require a notified body to issue a certificate of confirming against the Medical Device Directive.

Apps that are accessories to medical devices are also regarded as medical devices. Providers of regulated apps must therefore develop the app under quality systems and with controls that meet internationally recognized quality management system standards for the medical device industry -: EN ISO 13485 for the EU or 21 CFR 820 for the US as appropriate.

*Remember that generally, any medical app that could provide patient identifiable information should consider these aspects too.

3. Remember that your whole system will require regulatory review.

Often, a complete system requires regulatory review rather than just focusing on an app in its own right. The components of a system that would need consideration would include:

• One or more mobile phone apps • The mobile devices (phones) the app will run on • Central databases or web portals used to store or access the data • Existing medical hardware connected to the phone via Wi-Fi or Bluetooth • New hardware that plugs into the phone • Disposable test devices or sampling equipment

Depending on the risk associated with the app, developers may integrate some of the following controls:

• Limits on which devices can install or run the app • Warning to users operating on untested devices • Checks on device hardware to ensure proper function New hardware is frequently released to the market and so app providers may need to establish protocols for extending the scope of coverage to new hardware. Such approaches should generally be established at the time of the original development/ regulatory submission. Mobile phone operating systems are regularly updated and may introduce changes to the platform that regulated apps run on. App providers should identify the risks that new operating system changes may introduce. Maintenance of apps requires careful change management to avoid introducing new bugs into the software.

4. Choose an experienced provider:

While there are countless app developers globally, few have experience developing apps within the current regulatory framework. The framework covers everything from planning, risk management, design and development, verification and validation, and post-market maintenance. Responsibility for regulatory compliance will rest with the party that puts the app on the market. When the app development is subcontracted, this will usually not be the developer themselves, but rather the legal manufacturer of the medical system. The system provider will need to show that they have adequate control of the development process.

5. What about the phone?

The regulatory status of the mobile phone within the system can often be a source of concern or confusion, however, mobile phones themselves are not regulated as medical devices and the app provider does not need to be able to control individual devices. However, app providers should ensure their apps will function properly on the hardware they are used with. The FDA has clarified that the App Stores are not subject to regulatory scrutiny for medical app distribution, and therefore the app provider must verify the apps distributed this way are not subject to uncontrolled modification that may impact performance or safety.

This was posted in Bdaily's Members' News section by Maria Carr .