On June 20, 2014, FDA issued a draft guidance entitled “Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices,” informing manufacturers and others “that the Agency does not intend to enforce compliance with the regulatory controls” that apply to these three types of devices.
Medical device data systems (MDDS), medical image storage devices, and medical image communications devices have been regulated as Class I, 510(k)-exempt devices. Although exempt from premarket review, they have been subject to other FDA regulatory requirements. In addition, the 510(k) exemption was subject to certain limitations (21 CFR 880.9 & 892.9), including premarket notification for MDDS intended to be used in a system assessing the risk of cardiovascular disease or in diabetes management.
FDA makes clear in the draft guidance that the regulatory controls which FDA would no longer enforce for these types of devices include registration and listing, premarket review, postmarket reporting, and the quality system regulation. In addition, the limitations on the 510(k) exemption for these devices would not be enforced.
According to the draft guidance, MDDS are “hardware or software products that transfer, store, convert formats, and display medical device data.” A MDDS does not modify the data or control the functions or parameters of any connected medical device and is not used for active patient monitoring. MDDS are classified at 21 CFR 880.6310. A medical image storage device is a device that provides electronic storage and retrieval functions for medical images (21 CFR 892.2010). Finally, a medical image communications device is a device that provides electronic transfer of medical image data between medical devices (21 CFR 892.2020).
FDA announced this policy to not regulate these types of devices because FDA has “gained additional experience” with these devices since FDA’s issuance of a final regulation down-classifying MDDS in February 2011 from Class III to Class I, and based on this experience has determined that these devices pose a low risk to the public. Bakul Patel, a senior policy advisor at CDRH, notes in a June 20, 2014 FDA blog post that this draft guidance is consistent with the health information technology (health IT) report issued by FDA, Office of the National Coordinator for Health Information Technology, and Federal Communication Commission in April 2014. The health IT report proposes a risk-based regulatory framework for health IT, with FDA’s regulatory oversight focused on the higher risk devices. Patel states in the blog post that the policy proposed in the draft guidance will encourage greater innovation for these systems that are “critical to the success of digital health” and are “the foundation for intercommunication and interoperability among devices and between medical devices and other health IT.”
The draft guidance proposes conforming revisions to the Mobile Medical Applications Guidance (Mobile Apps Guidance) that was issued on September 25, 2013 (see our previous blog post on the Mobile Apps Guidance here). The revisions to the Mobile Apps Guidance would shift these types of devices from the category of mobile apps that FDA intends to regulate to the category that are subject to enforcement discretion.