Advancements in technology play a significant role in the medical device industry, especially regarding software. Software is integrated into many medical device products, but it can also be a medical device on its own. As with any medical device sold in the United States, software as a medical device (SaMD) is subject to regulation by the U.S. Food and Drug Administration (FDA), the governing body for medical device approval.
In the summer of 2023, the FDA released updated guidance on the content of premarket submissions for device software functions. Providing a clear outline of medical device regulations as they relate to SaMD, these updates come at a pivotal time in the medical device industry.
What is Software as a Medical Device?
The International Medical Device Regulators Forum (IMDRF), a voluntary group of medical device regulators from around the world whose goal is to reach a consensus on medical device regulation, defines software as a medical device as “software intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device.” SaMD is a distinctive category within the medical software realm, not to be confused with software applications that are integrated into a medical device and used in its manufacture or maintenance. These integrated applications are not considered SaMD.
Examples of software as a medical device include software that enables a smartphone to view images from a magnetic resonance imaging (MRI) for diagnostic purposes or Computer-Aided Detection (CAD) software that performs image post-processing to help detect breast cancer. Some SaMD uses artificial intelligence (AI), a technology that mimics human activity, decision-making, and learning, as well as machine learning, an AI technique used to design and train software to learn from and act on data.
Software Medical Device Regulation
Establishing federal regulations and approval processes is a time-consuming undertaking, and the FDA often struggles to match the pace of its regulations with technological advancement. As regulators establish medical device software requirements, technology is still rapidly emerging, making the task a moving target. Currently, the following guidance exists in the software as a medical device field:
- Guidance on the Content of Premarket Submissions for Device Software Functions:
Released in June of 2023, this guidance details the software information that must be generated and documented in a premarket submission to evaluate the safety and effectiveness of a device. - IEC 62304:
In 2019, the FDA approved IEC 62304 Edition 1.1 2015-06 for medical device software as a recognized software development standard. This consolidated version consists of the first edition (2006) and its amendment 1 (2015). The standard provides medical device software classification based on its safety, including Class A (injury or damage to health is not possible), Class B (non-serious injury is possible), and Class C (death or serious injury is possible). - Artificial Intelligence/Machine Learning (AI/ML)-Based Software as a Medical Device (SaMD) Action Plan:
In January 2021, the FDA released an action plan drafted based on stakeholder feedback gathered in April 2019. It outlines the five actions the FDA intends to take relating to artificial intelligence and machine learning. - Good Machine Learning Practice for Medical Device Development: Guiding Principles:
In October of 2021, the FDA, Health Canada, and the United Kingdom’s Medicines and Healthcare Products Regulatory Agency (MHRA)—the regulatory bodies in their respective countries—jointly identified ten guiding principles to inform the development of Good Machine Learning Practice (GMLP). The objective is to promote the development of safe, effective, and high-quality medical devices that use artificial intelligence and machine learning. - Policy for Device Software Functions and Mobile Medical Applications:
This guidance document, released in September 2022, provides recommendations for the documentation required for FDA premarket submissions for device software functions that meet the definition of a device under section 201(h) of the FD&C Act. The guidance reflects the FDA’s latest thinking on regulatory considerations and aims to facilitate premarket review. - Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions
Effective cybersecurity is crucial for the functionality and safety of medical devices, especially with the increasing use of wireless and network-connected devices and the frequent exchange of medical device-related health information. In April 2022, the FDA released draft guidance that provides recommendations for device design, labeling, and documentation to ensure that medical devices are resilient to cybersecurity threats and can facilitate an efficient premarket review process.
At Sterling Medical Devices, we partner with businesses of all sizes—from small startups to leading medical device organizations—to design innovative medical devices with successful FDA/CE submissions. Our regulatory experts continually monitor the software as a medical device landscape, along with relevant guidance, standards, regulations, and best practices in the U.S. and abroad. To learn more about how we can help you achieve exceptional results with your medical device system development, contact us here.