In recent years, the FDA has taken an increasingly active role in the growing digital health industry: developing new regulatory frameworks, reframing development standards, and offering a wide array of industry guidance. Led by commissioner Scott Gottlieb, the FDA has pointedly endeavored to actively adapt to the ever-changing health tech industry.
Software Pre-Cert Pilot Program
First announced in 2017, the Software Precertification Pilot Program was developed to provide medical technology developers with a streamlined regulatory pathway that would allow a “more personalized submission processes for new products.” Building from the original De Nova Program, the Pre-Cert pathway is an acknowledgment from the FDA that modern technological developments are often incomparable to past standards. In a January 2019 press statement, Gottlieb remarked that the pre-cert program would allow “the FDA to tailor the premarket submission content to the unique considerations related to each particular digital health device and enables more efficient evaluation of low-risk digital health devices.”
In an effort to determine the efficiency of the new pilot program, the FDA will utilize both the new Pre-Cert Pathway and the traditional De-Nova submission in parallel. Commissioner Gottlieb noted that while traditional De-Nova submissions may be reviewed by through updated pathways, submission sponsors “will not incur additional burden[s].”
In October 2018, the FDA released an updated draft of premarket guidance for medical device cybersecurity. With frequent occurrences of data breaches throughout the medical industry, the FDA and other governmental departments have implored medical organizations and manufacturers to proactively build extensive cybersecurity frameworks. The updated guidelines outline methods of risk assessment, applications of various cybersecurity frameworks, documentation methods, and highlight current standards.
A notable update is the recommendation that developers of internet-connected devices provide consumers with a “cybersecurity bill of materials” which the FDA defines as “a list that includes but is not limited to commercial, open source, and off-the-shelf software and hardware components that are or could become susceptible to vulnerabilities.” The guidances notes that “The need for effective cybersecurity to ensure medical device functionality and safety has become more important with the increasing use of wireless, internet- and network- connected devices, portable media (e.g. USB or CD), and the frequent electronic exchange of medical device-related health information.” Commissioner Scott Gottlieb has noted that the revised guidance could be used by medical organizations as a cybersecurity “playbook” when determining the implementation of new medical devices.
Private Payer Program
In September 2018 the FDA announced a new pilot program that would actively engage medical payers in the the early steps of pre-market submission. While gaining FDA approval remains a significant obstacle for health tech entrepreneurs, many tech companies have found that governmental approval does not automatically translate into insurance coverage. As many tech companies rely on insurance reimbursement to gain and grow capital, this additional barrier has served as a growing point of frustration amongst industry stakeholders. The Private Payor Program invites medical payers to provide medtech startups with early feedback in order to increase the likelihood of eventual coverage. The FDA has contracted commercial payer organizations such as CareFirst BlueCross BlueShield, the BlueCross BlueShield Association, Humana, UnitedHealth Group, and Kaiser Permanente.
In a blog post, Gottlieb explained that the program served a dual purpose for the health tech industry: “For manufacturers, it’s early engagement of payers in discussions about evidentiary needs, being able to consider and address coverage-related issues earlier in the process, and gaining the potential for earlier reimbursement through earlier engagement with payors. For the FDA, it’s improving public health by facilitating more efficient patient access to innovative, safe and effective medical devices.”
To keep up with the latest digital health news and regulations, sign up for the MedTech newsletter below.