FDA Issues Proposed Guidance on Medical Mobile Apps, Smartphones
In response to the continually growing number of “mobile apps” becoming available to busy healthcare providers, the U.S. Food and Drug Administration (FDA) has issued for comment a draft guidance document regarding mobile medical applications, which the FDA considers as potential risks to public health. This guidance is of special interest to the imaging community and any healthcare provider that is currently using, or plans to use, a mobile device such as a smartphone or tablet.
The guidance defines “mobile medical ‘apps,’ or applications” as software that can be run on a mobile platform, meets the definition of a “device” according to the Federal Food, Drug and Cosmetic Act, and can either be used as an accessory to a regulated medical device, or transforms a mobile platform into a regulated medical device. The FDA states that any mobile app that is intended for “the diagnosis of disease or other conditions, or the cure, mitigation, treatment or prevention of disease, or is intended to affect the structure or any function of the body of man,” is a device.
According to the FDA, the final guidance will be compiled after the comment end date of October 19, 2011, and will represent the Administration’s current thinking on the topic. It will not represent a regulation. However, the FDA intends to use its regulatory authority when selecting software applications intended for mobile medical apps.
The guidance gives the following examples of mobile apps that the FDA considers subject to its regulatory oversight:
- Mobile apps that are an extension of one or more medical device(s) by connecting to such device(s) for purposes of controlling the device(s) or displaying, storing, analyzing, or transmitting patient-specific medical device data. Examples of displays of patient-specific medical device data include remote display of data from bedside monitors, display of previously stored EEG waveforms, and display of medical images directly from a Picture Archiving and Communication System (PACS) server, or similar display functions that meet the definition of an MDDS. Examples of mobile apps that control medical devices include apps that provide the ability to control inflation and deflation of a blood pressure cuff through a mobile platform and mobile apps that control the delivery of insulin on an insulin pump by transmitting control signals to the pumps from the mobile platform.
- Mobile apps that transform the mobile platform into a medical device by using attachments, display screens, or sensors or by including functionalities similar to those of currently regulated medical devices. Examples include a mobile app that uses a mobile platform for medical device functions, such as attachment of a transducer to a mobile platform to function as a stethoscope, attachment of a blood glucose strip reader to a mobile platform to function as a glucose meter, or attachment of electrocardiograph (ECG) electrodes to a mobile platform to measure, store, and display ECG signals; or, a mobile app that uses the built-in accelerometer on a mobile platform to collect motion information for monitoring sleep apnea.
- Mobile apps that allow the user to input patient-specific information and - using formulae or processing algorithms - output a patient-specific result, diagnosis, or treatment recommendation to be used in clinical practice or to assist in making clinical decisions. Examples include mobile apps that provide a questionnaire for collecting patient-specific lab results and compute the prognosis of a particular condition or disease, perform calculations that result in an index or score, calculate dosage for a specific medication or radiation treatment, or provide recommendations that aid a clinician in making a diagnosis or selecting a specific treatment for a patient.
The guidance also gives several examples of devices that are NOT considered mobile medical apps within the guidance:
- Electronic copies of medical textbooks, teaching aids or reference materials that provide clinicians with training or reinforce previous training;
- Apps used to log, record, track, evaluate or make decisions/suggestions related to developing or maintaining general health and wellness;
- Apps that only automate general office operations to include billing, inventory, and others;
- Apps that are generic aids that assist users but are not commercially marketed for a specific medical condition;
- Apps that perform the functionality of an electronic health record system or personal health record system.
Manufacturers must meet the requirements associated with the applicable device classification for the subset of mobile medical apps that are subject to regulatory oversight by the FDA. The guidance states that if the mobile medical app, on its own, falls within a medical device classification, its manufacturer is subject to the requirements associated with that classification.
The FDA is also concerned about assuring safety and effectiveness for mobile medical apps that serve as an accessory to another medical device, and is seeking comment related to the guidance. These types of devices have the purpose of:
- Displaying, analyzing, storing, or transmitting patient-specific medical device data, or
- Controlling the operation, function, or energy source of the medical device.
Several examples of these types of devices are given in Appendix A of the proposed guidance, and include:
- Apps that allow the user to view medical images on a mobile platform and perform an analysis or process for diagnosis;
- Apps that connect to DICOM medical image servers and provide processing functions such as pan, zoom, measurement, auto contrasting, automatic detection of features, and other similar functionality;
- Apps that analyze, assess, or interpret electrocardiogram or electroencephalogram data;
- Apps that connect the mobile platform to vital signs monitors, bedside monitors, cardiac monitors, or other similar devices.
Mobile medical apps will be of enormous help to the clinician and are the wave of the future, but there are several hurdles to overcome relating to patient safety. The HIPAA Privacy and Security Rules and the HITECH Act (including improved enforcement and breaches) must also be considered. Now is the time to submit comments to the FDA, so that the final guidance and regulations will make sense and be workable. Comments must be received within 90 days from the date of publication of July 19th. To view the proposed guidance and submit comments, go here.