Monday, August 4, 2014

FDA Mobile App Guidance for Dummies (or, why Mobile Health Apps ≠ Drugs)

I've heard a lot of assumptions and misconceptions with respect to FDA regulation of mobile health technologies. This is partly due to the fast-moving nature of this field, but also due to the reputation the FDA have earned over the years for slowing the pace of innovation through appropriate regulatory oversight, particularly in the pharmaceutical industry.

It takes many years and hundreds of millions of dollars to develop a blockbuster new drug and then see it through regulatory approval. On the other hand, a mobile health app could be developed in weeks to months with nothing more than sweat equity. Only a fool would have trouble distinguishing these two, or would attempt to apply the regulatory framework of the former to the latter.

Fortunately, the FDA are not fools, and should be given credit for anticipating the trend towards proliferation of mobile healthcare at least as quickly as would seem reasonable in the current political climate.

Mobile Apps Regulation Timeline

Just over three years ago, on July 21, 2011 (back when only 23% of all adults used a smartphone to go online in a typical day, and most iPhone users were running iOS 3 and iOS 4), the FDA released draft guidance on mobile medical applications.

One year later, on July 9, 2012, the Food and Drug Administration Safety and Innovation Act, or FDASIA, was signed into law. One important component of this act was to "Promote Innovation," which included a provision to "further medical device innovation."

Fourteen months later, on September 23, 2013, the FDA issued "final guidance on mobile medical apps" that included a report summarizing their nonbinding recommendations. Despite the common misconception that the FDA plan to regulate all apps with any component of clinical decision support, this document makes clear that the FDA plan to focus "its oversight on mobile medical apps that:
  • are intended to be used as an accessory to a regulated medical device – for example, an application that allows a health care professional to make a specific diagnosis by viewing a medical image from a picture archiving and communication system (PACS) on a smartphone or a mobile tablet; or
  • transform a mobile platform into a regulated medical device – for example, an application that turns a smartphone into an electrocardiography (ECG) machine to detect abnormal heart rhythms or determine if a patient is experiencing a heart attack."
Note that there is no mention of clinical decision support here, which the agency makes explicit in a prior disclaimer (emphasis mine): "The agency intends to exercise enforcement discretion (meaning it will not enforce requirements under the Federal Drug & Cosmetic Act) for the majority of mobile apps as they pose minimal risk to consumers. The FDA intend to focus its regulatory oversight on a subset of mobile medical apps that present a greater risk to patients if they do not work as intended."

In April 2014, as a result of the FDASIA, a report was published that detailed "Proposed Strategy and Recommendations for a Risk-Based Framework" for health IT. The report recommended "that no new or additional areas of FDA oversight are needed," and also called for the creation of a "Health IT Safety Center" created by ONC (in collaboration with FDA, FCC and AHRQ) "with the ultimate goal of assisting in the creation of a sustainable, integrated health IT learning system that avoids regulatory duplication and leverages and complements existing and ongoing efforts."  The report describes three distinct groups of medical apps, each requiring varying levels of oversight:

Three categories of health IT functionality as described in the FDASIA Health IT Report, April 2014

Oversight is as follows:
  • Administrative Functionality (billing and claims processing, practice and inventory management, and scheduling): no additional oversight
  • Health Management Functionality (health information and data exchange, data capture and encounter documentation, electronic access to clinical results, most clinical decision support, medication management, electronic communication and coordination, provider order entry, knowledge management, and patient identification and matching): no intention to focus oversight here if the product meets the statutory definition of a medical device
  • Medical Device Functionality (computer aided detection software, remote display or notification of real-time alarms from bedside monitors, and robotic surgical planning and control): oversight required
Finally, on June 20, 2014, draft guidance was issued in the form of an update to the September 2013 guidance on mobile medical apps that further limited the scope of regulatory oversight with respect to Medical Device Data Systems (MDDS).

The Path Forward

To summarize, the FDA's current guidelines reflect a pragmatic approach to regulation of the 97,000+ healthcare apps currently available, with emphasis placed on apps that mimic the functionality of medical devices, and not on most clinical decision support apps. Rather than significantly augment the the abilities of the FDA to handle this accelerating volume of healthcare apps, the FDASIA Health IT Report recommends that "a better approach is to foster the development of a culture of safety and quality; leverage standards and best practices; employ industry-led testing and certification; and selectively use tools such as voluntary listing, reporting, and training to enable the development of a healthcare environment that is transparent and promotes learning to foster continual health IT improvement."

Despite the guidance provided by the FDA to date, tremendous uncertainty remains, especially for the developers of these mobile applications who often are not medical or policy experts. Thus far, however, there's been a clear trend towards minimizing regulatory oversight.

Some argue that there may be significant risk in allowing so many unregulated healthcare apps to flood the market.  In my next post, I'll share my opinion on the FDA guidance to date and compare the guidance with a summary article just released in the July 24, 2014 issue of the New England Journal of Medicine entitled "FDA Regulation of Mobile Health Technologies", which includes additional policy recommendations.

Update: click here to read my assessment of the current landscape and the path forward for FDA mobile app regulation.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.