MedCity Influencers, Devices & Diagnostics

Top 5 FDA considerations for medtech-enabled data platforms

Medtech companies should have a team of FDA advisors at the ready to develop and implement pre- and post-market strategies, prevent and resolve pre- or post-market issues and guide lifecycle management

FDA sign, headquarters

The ability to collect and leverage data — whether be it from the patient or from provider — is transforming the medtech industry. Consider companies that once largely developed hardware-based products. Now they provide a more comprehensive view of how patients behave.

All of this creates new compliance challenges. How should they address those?

Medtech companies should have a team of FDA advisors at the ready to develop and implement pre- and post-market strategies, prevent and resolve pre- or post-market issues and guide lifecycle management, with a keen understanding of how FDA works and how to leverage regulatory mechanisms and pathways to achieve  business objectives. Key topics identified for medtech companies include:

1. Use of real-world evidence in regulatory decision making 

Real-world evidence (RWE) can be used for a variety of regulatory purposes, including to support bringing new devices to market, to evaluate the safety and effectiveness of existing devices for new uses, and to assess the continued performance and safety of marketed devices. Developers interested in utilizing RWE for regulatory purposes should select appropriate real-world data (RWD) sources based on their suitability to address specific regulatory questions. In particular, developers should consider the relevance and reliability of the sources and their specific elements as FDA assesses these factors in determining whether the RWD sources can be used to generate evidence that is sufficiently robust for a regulatory purpose.

2. Cybersecurity concerns and laws 

Cybersecurity has become an area of increasing FDA scrutiny. In recent years, for example, FDA has issued a number of safety communications related to cybersecurity vulnerabilities. Further, a number of medtech companies have initiated recalls to correct cybersecurity vulnerabilities.

The FDA expects manufacturers to take a total product lifecycle approach to minimize cybersecurity vulnerabilities. Consider the following for developing and maintaining a cybersecurity risk management program:

      • Premarket considerations 
        • Address cybersecurity during device design and development, including the establishment of design inputs related to cybersecurity and a cybersecurity vulnerability and management approach, as part of software validation and risk analysis.
        • Understand the type of documentation related to cybersecurity to include in a premarket submission to FDA.
      • Post-market considerations 
        • Implement a comprehensive cybersecurity risk management program to monitor, identify, and promptly address cybersecurity vulnerabilities and exploits.
        • Understand whether changes to medical devices for cybersecurity vulnerabilities require reporting to FDA.

3. Regulation and Categorization of Digital Health Products 

With the generation of repositories of data comes potential opportunities for the development of new stand-alone digital health products. A threshold question for digital health product developers is whether such products are actively regulated by FDA. Digital health products fall into one of three regulatory categories:

      • Not a medical device: Many digital health products do not meet the statutory definition of a “device” and, therefore, are not regulated by FDA. This includes, for example, certain types of clinical support software (CDS).
      • Enforcement discretion: FDA has established a number of “enforcement discretion” policies, whereby FDA chooses not to actively enforce regulatory requirements applicable to medical devices. For example, FDA exercises enforcement discretion for a number of mobile medical applications that it views to be low-risk.
      • Actively regulated medical devices: Though FDA continues to explore other potential approaches, it generally applies the traditional framework for regulation of medical devices to all other digital health products.

An understanding of these categories is essential as digital health products marketed without the requisite FDA marketing authorization may be, and have been, the subject of not only administrative action but also removal from distribution.

4. Unique Regulatory Concerns of AI/ML-Based Medical Devices 

The FDA has stated on multiple occasions that the traditional paradigm of medical device regulation was not designed for adaptive AI/ML-based technologies, and it continues to consider multiple aspects of the regulatory framework for these technologies, including the following:

    • Transparency of AI/ML-based devices
    • Good ML practices
    • Modifications to FDA-cleared AI/ML-based devices

Companies developing and marketing AI/ML-based devices should stay aware of FDA’s guidance on such technologies.

5. Nimble Adoption and Tracking of FDA Guidance 

Stay aware of guidance relating to:

    • Clinical Decision Support Software (Final Guidance; September 2022)
    • Content of Premarket Submissions for Device Software Functions (Draft Guidance; November 2021)
    • Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions (Draft Guidance; April 2022)
    • Risk Categorization for Software as a Medical Device: FDA Interpretation, Policy, and Considerations (Draft Guidance; anticipated)
    • Marketing Submission Recommendations for a Change Control Plan for AI/ML-Enabled Device Software Functions (Draft Guidance; anticipated)

Photo: Getty Images, Sarah Silbiger


Avatar photo
Avatar photo

Kristin Havranek, Martin Gomez, Matt Wetzel, Steven Tjoe and Stephanie Philbin

Kristin Havranek has worked extensively with and in the MedTech industry for the last 25 years. A trusted advisor to investors and companies alike, Ms. Havranek regularly helps startup and emerging MedTech companies build their IP portfolios in a strategic, thoughtful manner with their business goals and needs in mind. She evaluates freedom-to-operate, patentability, investor due diligence and financing IP, and conducts patent validity analyses. She advises on strategic alliances and prepares and prosecutes patent applications before the U.S. Patent and Trademark Office. Ms. Havranek’s ties in the industry run deep and is currently on the leadership team of MedtechWomen.

Martin Gomez is a partner in Goodwin’s Technology Companies group specializing in intellectual property matters. Mr. Gomez focuses his practice on advising technology and life sciences companies of all sizes (including startups), and their investors, in corporate and especially intellectual property matters throughout the business life cycle, including new company formation, IP protection, fundraising, strategic transactions and exits.

Matt Wetzel is an experienced health lawyer and provides strategic advice to life sciences companies on complex health care laws and regulations, including federal and state fraud and abuse laws, Medicare and third party billing and reimbursement regulations, patient privacy obligations, and transparency requirements, among other areas. Matt also works with clients to establish and operate effective global compliance and risk management programs.

Steven Tjoe is a partner in the firm’s Technology and Life Sciences groups and a member of the firm’s FDA practice. He focuses his practice on product development strategies and regulatory compliance counseling, in particular as related to medical devices, digital health products, in vitro diagnostics, laboratory developed tests, compounded drugs, cell and gene therapies, and other drugs and biologics. Steven advises clients in analyzing premarket pathways, product adverse event risk profiles, product communications and marketing, and GMP compliance. Steven also advises on Hatch-Waxman patent listing and exclusivity issues, is a contributor to Goodwin’s Guide to Biosimilars Litigation and Regulation in the U.S, and regularly conducts risk analyses for offerings and transactions involving FDA-regulated entities across the medical device, drug, and biologic industries.

Stephanie Philbin, a partner in the firm’s FDA practice and a member of its Life Sciences group, concentrates on Food and Drug Administration laws. She joined Goodwin in 2007.

This post appears through the MedCity Influencers program. Anyone can publish their perspective on business and innovation in healthcare on MedCity News through MedCity Influencers. Click here to find out how.

Shares1
Shares1