Complete regulatory guide for Software as a Medical Device: definitions, market insights, regulatory challenges, data privacy, and compliance strategies.
Digital health technology encompasses many categories, such as mobile health (mHealth), health information technology (IT), wearable devices, telehealth and telemedicine, and personalised medicine.
One revolutionary development in digital health technology is software that can perform complex medical functions—software as a medical device (SaMD).
The International Medical Device Regulators Forum (IMDRF) defines the term Software as a Medical Device as "software intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device."
It is critical to emphasise the words "without being a part of." This implies that the program works independently of any current hardware. SaMD can, however, interface with other medical devices, including hardware medical devices, and other software as a medical device software.
Software used in healthcare facilities that does not have a medical purpose, such as patient databases, pharmacy prescribing software, software that enables clinical communication and workflow, including patient registration, scheduling visits, voice calling, and video calling, or software that encrypts data for transmission from a medical device, is not SaMD.
Software in Medical Device (SiMD) describes software that is a part of another existing device. This would include any software that powers a medical device's mechanics, remotely controls functionality, processes data, or is otherwise essential to a medical device's operation.
SaMD can diagnose conditions, suggest treatments, and inform clinical management.
SaMDs are incredibly valuable because of the way they interact with data. Specifically, these applications can process huge amounts of complex data in a matter of moments.
Accessible anywhere, anytime without physical infrastructure limitations.
Lower infrastructure costs than traditional physical medical devices.
Software updates versus costly hardware replacement and maintenance.
Always connected to the internet for continuous improvement and monitoring.
However, with rapid advancements, constant innovation, and the ongoing adoption of smartphones and tablets, the SaMD landscape is changing rapidly. This is leading to a considerable deficit in critical knowledge around regulatory practices worldwide.
This process can be managed by the sponsor for setting the same expectations when assessing clinical research organizations in the process of RFI (request for information) and/or RFP. Implementing a standard comparison process can provide the same set of questions and scope of work for medical device CROs to respond.
The Industry Research group forecasts significant growth in the global SaMD market over the next decade.
Medical software and potential applications can pose challenges for regulatory oversight, classification, intended use and operation instructions guided by highly precise wording. Same SaMD application may have different risk classifications in the EU, U.S., or other countries. Therefore, it is essential to correctly apply the regulatory requirements for risk classification and applicable guidelines to classify the SaMD in each jurisdiction separately.
While it is unrealistic to expect regulatory harmonisation any time soon, the International Medical Device Regulatory Forum (IMDRF) continues its efforts to provide guidelines for better regulatory convergence. During the September 2022 IMDRF meeting in Sydney, Australia, the SaMD Working Group reported that it published four technical documents from 2013-2017 on:
The SaMD WG will continue to improve international alignment and increase the granularity of its guidance documents.
SaMDs are incredibly valuable because of the way they interact with data. Specifically, these applications can process huge amounts of complex data in a matter of moments.
Manufacturers under SaMD will collect the user's personal data, further including health data. Thus, the bridges between GDPR and MDR are numerous.
Indeed, the SaMD will have to respect the fundamental principles of the GDPR, including privacy by design and privacy by default. This means that the principles of the GDPR must be considered from the design of the SaMD and that these principles must be applied throughout the life of the software.
No user intervention must be necessary to comply with the GDPR:
In addition, the collection of health data must also be considered, especially due to its sensitive nature. Health data are data that directly provide information on the health status of the user, but also the combination of several data to arrive at the same result, or a health data by destination.
In principle, the processing of health data is prohibited by the GDPR. Still, there are exceptions, according to article 9.2 of the GDPR, including:
If SaMD is collecting health data for scientific research, there are two options:
In any case, a privacy impact assessment will have to be carried out by the data controller.
Mobile applications for disease diagnosis
Software for analyzing medical images
Clinical decision support systems
Remote patient monitoring platforms
AI-powered diagnostic tools
Treatment planning software
Disease risk assessment applications
Personalized medicine algorithms
An intelligent digital platform for hospital pharmacists. Facilitating the analysis and control of medical prescriptions and the detection of iatrogenic risk situations.
The sponsor required a route to European market access. ECLEVAR MEDTECH created the clinical development strategy and the regulatory strategy to obtain the CE mark.
ECLEVAR MEDTECH is supporting SaMD companies to navigate the regulatory pathways. A practical case study on how Eclevar helped a sponsor achieve their CE mark is described above.
Eclevar MedTech provides comprehensive support for SaMD companies navigating complex regulatory pathways:
Partner with Eclevar MedTech to develop your regulatory strategy, achieve CE marking, and successfully bring your Software as a Medical Device to market.
Contact Us Now