Hostname: page-component-cd9895bd7-gvvz8 Total loading time: 0 Render date: 2024-12-25T17:16:53.306Z Has data issue: false hasContentIssue false

Evaluation of Mobile Health Applications: Is Regulatory Policy Up to the Challenge?

Published online by Cambridge University Press:  16 July 2019

Magdalena Ruth Moshi*
Affiliation:
School of Public Health, University of Adelaide, Adelaide, Australia
Jacqueline Parsons
Affiliation:
Adelaide Health Technology Assessment (AHTA), School of Public Health, University of Adelaide, Adelaide, Australia
Rebecca Tooher
Affiliation:
Division of Academic Student and Engagement, University of Adelaide, Adelaide, Australia
Tracy Merlin
Affiliation:
Adelaide Health Technology Assessment (AHTA), School of Public Health, University of Adelaide, Adelaide, Australia
*
Author for correspondence: Magdalena Ruth Moshi, E-mail: magdalena.moshi@adelaide.edu.au

Abstract

Objectives

The aim of this study is to determine whether the approach used in Australia to regulate mobile medical applications (MMA) is consistent with international standards and is suitable to address the unique challenges of these technologies.

Methods

The policies of members of the International Medical Device Regulator's Forum (IMDRF) were analyzed, to determine whether these regulatory bodies address IMDRF recommendations for the clinical evaluation of software as a medical device (SaMD). Case-studies of varying types of regulated MMAs in Australia and the United States were also reviewed to determine how well the guidance in the IMDRF's SaMD: Clinical Evaluation (2017) document was operationalized.

Results

All included jurisdictions evaluated the effectiveness of MMAs and addressed the majority of the key sub-categories recommended in the IMDRF guidance document. However, safety principles concerning information security (cybersecurity) and potential dangers of misinformation (risk-classification) were generally not addressed in either the case-studies or in the policy documents of international regulatory bodies. Australia's approach was consistent with MMA regulation conducted internationally. None of the approaches used by global regulatory bodies adequately addressed the risk of misinformation from apps and the potential for adverse clinical consequences.

Conclusions

The risks posed by MMAs are mainly through the information they provide and how this is used in clinical decision-making. Policy in Australia and elsewhere should be adjusted to follow the IMDRF risk-classification criteria to address potential harms from misinformation. Australian regulatory information should also be updated so the harm posed by cybersecurity and connectivity can be comprehensively evaluated.

Type
Policy
Copyright
Copyright © Cambridge University Press 2019 

Access options

Get access to the full version of this content by using one of the access options below. (Log in options will check for institutional or personal access. Content may require purchase if you do not have access.)

Footnotes

Magdalena Moshi is a recipient of an Australian Government Research Training Program Scholarship and the University of Adelaide, School of Public Health, Higher Degree Research Student Support Fund.

References

1.Therapeutic Goods Administration (2013) Regulation of medical software and mobile medical ‘apps’: Australian Government. [cited April 27, 2015]. https://www.tga.gov.au/regulation-medical-software-and-mobile-medical-apps.Google Scholar
2.Therapeutic Goods Administration (2011) Australian regulatory guidelines for medical devices (ARGMD). Australia: Australian Government. p. 1733, 74–104, 217–218.Google Scholar
3.U.S. Department of Health and Human Services Food and Drug Administration (2015) Mobile medical applications: Guidance for Industry and Food and Drug Adminitration Staff. U.S. Department of Health and Human Services Food and Drug Administration.Google Scholar
4.Therapeutic Goods Administration (2013) Software as in vitro diagnostic medical devices (IVDs): Australian Government; 2013 [cited April 22, 2016]. https://www.tga.gov.au/publication/software-vitro-diagnostic-medical-devices-ivds.Google Scholar
5.Therapeutic Goods Administration (2016) Australian register of therapeutic goods. Australian Government: [cited May 14, 2018]. https://www.tga.gov.au/australian-register-therapeutic-goods.Google Scholar
6.U.S. Food and Drug Administration (2017) Digital health: U.S. Department of Health and Human Services [cited February 7, 2018]. https://www.fda.gov/MedicalDevices/DigitalHealth/default.htm.Google Scholar
7.U.S. Food and Drug Administration (2017) Software as a medical device (SaMD): U.S. Department of Health and Human Services. [cited February 7, 2018]. https://www.fda.gov/MedicalDevices/DigitalHealth/SoftwareasaMedicalDevice/default.htm.Google Scholar
8.U.S. Department of Health and Human Services Food and Drug Administration (2017) Clinical and patient decision support software. Draft Guidance for Industry and Food and Drug Administration Staff: U.S. Department of Health and Human Services Food and Drug Administration.Google Scholar
9.International Medical Device Regulators Forum (2014) Software as a Medical Device (SaMD): Possible framework for risk categorization and corresponding considerations. International Medical Device Regulators Forum.Google Scholar
10.Shuren, J, Patel, B, Gottlieb, S (2018) FDA regulation of mobile medical apps. JAMA 320, 337338.10.1001/jama.2018.8832Google Scholar
11.Horvath, AR, Lord, SJ, StJohn, A, et al. (2014) From biomarkers to medical tests: The changing landscape of test evaluation. Clin Chim Acta 427, 4957.10.1016/j.cca.2013.09.018Google Scholar
12.European Commission (2018) Regulatory framework: European Commission. [cited March 12, 2018]. https://ec.europa.eu/growth/sectors/medical-devices/regulatory-framework_en.Google Scholar
13.International Medical Device Regulators Forum (2017) Software as a Medical Device (SaMD): Clinical evaluation. International Medical Device Regulators Forum.Google Scholar
14.International Medical Device Regulators Forum (2016) Draft: Software as a Medical Device (SaMD): Clinical evaluation. International Medical Device Regulators Forum.Google Scholar
15.International Medical Device Regulators Forum (2018) About IMDRF [cited May 5, 2018]. http://www.imdrf.org/about/about.asp.Google Scholar
16.U.S. Department of Health and Human Services Food and Drug Administration (2018) 510(k) clearances: U.S. Department of Health and Human Services Food and Drug Administration. [cited April 16, 2018]. https://www.fda.gov/MedicalDevices/ProductsandMedicalProcedures/DeviceApprovalsandClearances/510kClearances/.Google Scholar
17.European Commission (2016) Guidelines on the qualification and classification of stand alone software used in healthcare within the regulatory framework of medical devices. Medical devices: Guidance document: European Commission.Google Scholar
18.Government of Canada (2011) Medical devices regulation Government of Canada.Google Scholar
19.Health Science Authority (2017) Regulatory guideline for telehealth products. Medical Devices Branch: Health Sciences Authority.Google Scholar
21.Eisenhart, S (2018) Latest chinese medical device regulatory changes affect clinical trials, testing, telehealth: Emergo. [cited March 3, 2018]. https://www.emergogroup.com/blog/2018/01/latest-chinese-medical-device-regulatory-changes-affect-clinical-trials-testing.Google Scholar
22.Eisenhart, S (2017) South Korean MFDS revises recently enacted medical device regulations: Emergo. [cited March 3, 2018]. https://www.emergogroup.com/blog/2017/09/south-korean-mfds-revises-recently-enacted-medical-device-regulations.Google Scholar
23.Agência Nacional de Vigilância Sanitária (2018) Regulation of products and companies: Agência Nacional de Vigilância Sanitária. [cited March 16, 2018]. http://portal.anvisa.gov.br/regulation.Google Scholar
24.European Commission (2016) Clinical evaluation: Guide for manufacturers and notified bodies under directives 93/42/eec and 90/385/eec Guidelines on medical devices: European Commission.Google Scholar
25.Health Science Authority (2017) GN-20: Guidance on clinical evaluation Medical device guidance: Health Science Authority.Google Scholar
26.Therapeutic Goods Administration (2017) Clinical evidence guidelines. Medical devices: Australian Government.Google Scholar
27.Health Canada (2011) Software regulated as a medical device - frequently asked questions. Government of Canada.Google Scholar
28.U.S. Department of Health and Human Services Food and Drug Administration (2014) The 510(k) program: Evaluating substantial equivalence in premarket notifications [510(k)]: U.S. Department of Health and Human Services Food and Drug Administration.Google Scholar
29.European Commission (2018) Market surveillance and vigilance: European Commission. [cited April 17, 2018]. https://ec.europa.eu/growth/sectors/medical-devices/market-surveillance_en.Google Scholar
30.Health Canada (2011) Guidance document for mandatory problem reporting for medical devices. Canada Vigilance - Medical Device Problem Reporting Program: Health Canada.Google Scholar
31.Health Science Authority (2016) Post-market Information Reporting: Health Science Authority. [cited April 17, 2018]. http://www.hsa.gov.sg/content/hsa/en/Health_Products_Regulation/Medical_Devices/Safety_reporting/Post-market_Information_Reporting.html.Google Scholar
32.Therapeutic Goods Administration (2017) Postmarket monitoring: Australian Government. [cited April 17, 2018]. https://www.tga.gov.au/postmarket-monitoring.Google Scholar
33.U.S. Department of Health and Human Services Food and Drug Administration (2018) Mandatory reporting requirements: Manufacturers, importers and device user facilities: U.S. Department of Health and Human Services Food and Drug Administration; 2018 [cited April 17, 2018]. https://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/PostmarketRequirements/ReportingAdverseEvents/default.htm.Google Scholar
34.Health Science Authority (2013) Appendix-FAQ. Telehealth Product. Singapore: Health Science Authority.Google Scholar
35.Wallace, DR, Fujii, RU (1989) Software verification and validation: An overview. IEEE Software. 6, 1017.Google Scholar
36.Health Science Authority (2014) GN-14: Guidance on the risk classification of in vitro diagnostic medical devices Medical device guidance Health Science Authority.Google Scholar
37.Health Science Authority (2014) GN-13: Guidance on the risk classification of general medical devices Medical device guidance Health Science Authority.Google Scholar
38.U.S. Department of Health and Human Services Food and Drug Administration (2015) Classification overview. FDA Small Business Regulatory Education for Industry (REdI): U.S. Department of Health and Human Services Food and Drug Administration.Google Scholar
39.U.S. Department of Health and Human Services Food and Drug Administration (2014) General controls for medical devices: U.S. Department of Health and Human Services Food and Drug Administration. [cited May 3, 2016]. http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/Overview/GeneralandSpecialControls/ucm055910.htm.Google Scholar
40.Emergo Asia Pacific Pty Ltd Ta Emergo Australia (2016) Medical device application. Australian Government.Google Scholar
41.Department of Health and Human Services (2014) AnthroTronix, Inc: Department of Health and Human Services.Google Scholar
42.Propell Pty Ltd ATF Propell Trust. IVD application. Australian Government; 2016.Google Scholar
43.Therapeutic Goods Administration (2015) IVD technical file review checklist. Australian Government.Google Scholar
44.Department of Health and Human Services (2016) Andon health co. ltd. Department of Health and Human Services.Google Scholar
45.Therapeutic Goods Administration (2013) Level 2 application audit. Request for clinical assessment: Australian Government.Google Scholar
46.Therapeutic Goods Administration (2015) Clinical assessment – 1st round. Application Audit - Level 2: Australian Government.Google Scholar
47.Department of Health and Human Services (2015) Medtronic inc. Department of Health and Human Services.Google Scholar
48.U.S. Food and Drug Administration (2017) Digital health software precertification (Pre-Cert) program: U.S. Department of Health and Human Services. [cited February 7, 2018]. https://www.fda.gov/MedicalDevices/DigitalHealth/DigitalHealthPreCertProgram/default.htm.Google Scholar
49.U.S. Food and Drug Administration (2017) Statement from FDA Commissioner Scott Gottlieb, M.D., On new steps to advance medical device innovation and help patients gain faster access to beneficial technologies: U.S. Government. [cited October 30, 2017]. https://www.fda.gov/NewsEvents/Newsroom/PressAnnouncements/ucm581861.htm.Google Scholar
50.U.S. Food and Drug Administration (2018) Developing a software precertification program: A working model. U.S. Department of Health and Human Services Food and Drug Administrartion.Google Scholar
51.Therapeutic Goods Administration (2013) Regulation of medical software and mobile medical ‘apps’: Australian Government. [cited August 30, 2018 ]. https://www.tga.gov.au/regulation-medical-software-and-mobile-medical-apps.Google Scholar
52.Therapeutic Goods Administration (2015) Classification of IVD medical devices: Australian Government. [cited April 22, 2016]. https://www.tga.gov.au/book-page/applying-classification-rules.Google Scholar
53.Therapeutic Goods Administration (2016) Medical devices safety update, volume 4, number 5, September 2016: Australian Government. [cited September 13, 2016]. https://www.tga.gov.au/publication-issue/medical-devices-safety-update-volume-4-number-5-september-2016.Google Scholar
54.Out, DJ, Tettero, O (2017) Assessing the security of connected diabetes devices. J Diabetes Sci Technol 11, 203206.Google Scholar
55.Blenner, SR, Kollmer, M, Rouse, AJ, et al. (2016) Privacy policies of android diabetes apps and sharing of health information. JAMA 315, 10511052.Google Scholar
56.Jarrett, MP (2017) Cybersecurity-a serious patient care concern. JAMA 318, 13191320.Google Scholar
57.Kruse, CS, Frederick, B, Jacobson, T, Monticone, DK (2017) Cybersecurity in healthcare: A systematic review of modern threats and trends. Technol Health Care 25, 110.Google Scholar
58.O'Dowd, A (2017) NHS patient data security is to be tightened after cyberattack. BMJ 358, j3412.Google Scholar
59.ECRI Institute (2017) Top 10 health technology hazards for 2018. USA: ECRI Institute.Google Scholar
60.U.S. Department of Health and Human Services Food and Drug Administration (2017) Firmware update to address cybersecurity vulnerabilities identified in abbott's (formerly st. Jude medical's) implantable cardiac pacemakers: FDA safety communication: U.S. Food and Drug Administration. [cited July 16, 2018]. https://www.fda.gov/medicaldevices/safety/alertsandnotices/ucm573669.htm.Google Scholar
61.Pope, J (2016) Ransomware: Minimizing the risks. Innov Clin Neurosci 13, 3740.Google Scholar
62.Department of Health (2017) HTA for reimbursement: Australian Government. [cited May 14, 2016]. http://www.health.gov.au/internet/hta/publishing.nsf/Content/reimbursement-1.Google Scholar
63.Moshi, M, Tooher, R, Merlin, T (2018) Suitability of current evaluation frameworks for use in the health technology assessment of mobile medical applications: A systematic review. Int J Technol Assess Health Care 11, 112.Google Scholar
Supplementary material: File

Moshi et al. supplementary material

Table S1

Download Moshi et al. supplementary material(File)
File 18.3 KB