Pilot Program Tests Easing FDA Regulatory Burdens for Lower Risk Medical Device Products

November 2017

The healthcare industry’s cries for a less burdensome approval process for new medical products have been heard and solutions are finally being tested. In late July, Food and Drug Administration (FDA) Commissioner Scott Gottlieb announced a pilot program to explore a “pre-certification” to fast-track the approval process for medical software products. The Software Precertification (PreCert) Pilot Program, which launched on Sept. 1, is designed to more closely examine the software or digital health technology developer instead of the standard process that focuses primarily on the product.

The working theory: If the FDA has a full understanding of the company that’s making the product, it could be pre-certified so that its low-risk software products could bypass parts of the traditional 510(k) premarket submission process, or potentially go straight to market.

Testing the theory

Products regulated by the Center for Devices and Radiological Health (CDRH) will be the primary focus; products can be at any phase of development. The FDA limited the pilot to nine participants that best met the following criteria:
  • The company must be developing or planning to develop a software product that meets the definition of a device in section 201(h) of the Federal Food, Drug, and Cosmetic Act (21 U.S.C. 321(h)).
  • The company has an existing track record in developing, testing and maintaining software products demonstrating a culture of quality and organizational excellence measured by Key Performance Indicators (KPIs) or other similar measures.
  • Companies may be traditional medical device manufacturers or non-traditional device manufacturers.
On Sept. 26, the FDA announced nine companies from more than 100 applicants would participate in the pilot program: Apple, Fitbit, Johnson & Johnson, Pear Therapeutics, Phosphorus, Roche, Samsung, Tidepool and Verily. Their collective products in development include a smartwatch to detect heart abnormalities and a contact lens that could continuously monitor the body’s blood sugar.

The goal is for companies in the pilot program to work collaboratively with the FDA, sharing insights about how they perform high-quality design, testing and maintenance on their products. Participants will:
  • provide access to measures and KPIs that demonstrate quality and organizational excellence
  • collect real-world post-market performance data and provide it to the FDA
  • be available for real-time consultations with the FDA
  • be available for site visits from FDA officials and
  • provide information about the firm’s quality management system.

FDA’s transformation process

The pilot program is a key element of the FDA’s Digital Health Innovation Action Plan, which lays out a vision for how CDRH will encourage digital health innovation while continuing to protect and promote public health. It acknowledges the need for a new way forward for software products that have a more iterative and fast-moving design, development and validation process than many of the hardware-based medical devices.

The move fits into the FDA’s broader efforts to update its policies, processes and procedures around digital health technology. The 21st Century Cures Act (the Cures Act), signed into law in December 2016, gave the FDA the impetus and funds to make these changes, dedicating $500 million to streamline regulations that would accelerate the approval process for drugs and medical devices.

Bakul Patel, associate director for digital health at the FDA, said the goal of the PreCert program is to align with the speed and manner in which products are being developed, in addition to achieving international alignment with other regulatory bodies.

The FDA has been leading an international effort to converge regulatory principles for Software as a Medical Device (SaMD). The International Medical Device Regulators Forum (IMDRF) has already agreed on common SaMD terminology and quality management systems principles for software.

What does the program mean for providers?

As more providers embrace the valuable data and insights they can derive from new technologies, they must carefully weigh the associated risks.

While an expedited regulatory approval process for lower-risk products can bring new innovations to market more quickly, it can also open the door for product discrepancies to slip through the cracks. Ultimately, providers are responsible for the safety of the products used inside their facilities and must implement their own internal controls to assess the quality of software and devices before using them or offering them to patients. Providers should consider mimicking the FDA’s use of real-world evidence when making decisions about products and partners.

Accelerating innovation will likely introduce more unknown vendors to the healthcare marketplace and spur further investment in digital health companies, which received $4.2 billion in venture funding in 2016. The FDA’s vetting process is a critical first step, but it shouldn’t be the only step. Providers must still conduct their own due diligence to ensure vendors have appropriate policies, procedures and internal controls in place, and are compliant with federal and state regulations to ensure patient safety. With the influx of cyber threats against the industry, reviewing and instituting appropriate cybersecurity defenses for any new technology-related product is of the utmost importance.

Carefully mitigating the risks will be critical to delivering on the promise of improved outcomes that new technologies can deliver.

A version of this article originally ran in PM360 Online.

Return to the BDO Know Healthcare Newsletter - Fall 2017