The COVID-19 pandemic is still creating headlines in the health care domain. Around the world, governments, and organizations such as World Health Organization (WHO), European Medical Agency (EMA), and FDA are working together to eliminate lockdowns and get our society back up and running. In such cases, several companies, firms, and universities have found opportunities to provide critical services such as virus detection, tracking, data-driven decision-making algorithms, and visual analytic applications. Based on our research for proximity tracking applications, we were able to identify a couple of state-of-the-art COVID-19 tracking tools.1 Most of these tools are Bluetooth based and have certain specific characteristics which distinctively differ them from one another.
CovidSafe, the application from Australia, starts proximity data recording if a person is within a radius of 1.5 meters of another person for more than 15 minutes. China’s tracking app uses the QR code technology with a risk-based multicolored visual analysis. India’s “AarogyaSetu” recommends measures based on risk computation methods when users are found in contact with a positively identified COVID-19 case. The models followed by the UK, Germany, and the USA, which focus on user data preservation and security are getting adopted by almost all the countries in the world. CovidWise, an application developed by Apple and Google, uses anonymous tokens via Bluetooth Low Energy (BLE) technology to avoid storing user sensitive data. Also, it alerts all users who are found to be in contact with a positive case token within the last 14 days.
From an FDA perspective, such applications may fall under the categories of SaMDs, SiMDs, Digital Medicine/Health, or simply a medical device. Surely, they must be compliant with FDA’s regulatory requirements to be utilized in a commercial, medical, or industrial environment. These applications or devices undergo regulatory measures that not only grade their quality and safety levels, but also test the implemented security methods.2 As these devices host a large amount of critical and sensitive patient data, the security methodologies must meet FDA/EMA accepted security protocols such as ISO/FDIS 81001-1 – Health software and health IT systems safety, effectiveness, and security — Part 1: Principles, concepts, and terms.
While regulating a medical application (web/mobile-based) or a device, especially in the USA, the FDA steps in to investigate the applied regulatory measures. FDA has provided a guidance document which offers a view of high-level activities to be conducted from a device regulatory requirements perspective:
- Establishment Registration and Medical Device Listing – Manufacturers register their devices with FDA and list their device they are marketing under 21CFR§807.
- Investigational Device Exemption (IDE) requirements – Enables the investigational device to be utilized in a clinical study which collects safety and effectiveness related data to support a Premarket Notification 510k or a Premarket Approval.
- Labeling requirements – Verify that the device complies with corresponding labeling regulations found in 21CFR§801 for medical devices and 21CFR§809 for in vitro diagnostic products.
- Premarket submission for approval or Clearance – Identify the device class. Prepare and submit an appropriate premarket submission to the FDA.
- QS or Quality System Regulation – A framework manufacturers follow to ensure that their devices always meet applicable requirements and specifications as a part of QS regulations (21CFR§820.30).
- MDR or medical device reporting – MDR regulation mandates manufacturers to submit reports when they learn that their device has malfunctioned or has caused a serious injury or a death.
- Correcting Problems along with corrections reporting to FDA – Manufacturers may take essential actions to upgrade the software to fix an error or bug. Under 21CFR§806.10, manufacturers are required to report these changes within 1o working days from the time the patch or the correction is applied.
Hence, to market a medical app or a device, it is necessary to have approval from a regulatory governing entity such as the FDA. Do you have a COVID-19 related software or a medical device that needs FDA approval? Our regulatory experts at EMMA International can help get your product compliant with FDA’s regulatory requirements. Contact us at 248-987-4497 or info@emmainternational.com for additional information.
1Seerat Chabba (April 2020). Coronavirus Tracking Apps: How Are Countries Monitoring Infections? Retrieved on 22/08/2020 from https://www.dw.com/en/coronavirus-tracking-apps-how-are-countries-monitoring-infections/a-53254234.
2Bernard Marr (June 2020). Why Contact Tracing Apps Will Be the Biggest Test Yet of Data Privacy Versus Public Safety. Retrieved on 22/08/2020 from https://www.forbes.com/sites/bernardmarr/2020/06/01/why-contact-tracing-apps-will-be-the-biggest-test-yet-of-data-privacy-versus-public-safety/#4de726da4da2