The demand for using software to improve health care, including software as a medical device (SaMD), is on the rise. The SaMD market is rapidly growing and is expected to reach US$86.45 billion in value by 2027, from US$18.49 billion in 2019. Realising the potential benefits of the growing demand for SaMD may require clearer and more-consistent regulation of patient safety and medical effectiveness.
Treating certain health-related software as medical device has allowed regulators to use existing rules for medical devices to ensure the quality and safety of that software. What this means in practice remains tricky though. Part of the problem is that there is no universal definition (PDF) of SaMD, but it refers to a wide variety of software that helps with the diagnosis, treatment, and/or prevention of disease, and management of an individual's health. A lack of clarity remains as to when software does or does not qualify to be regulated as a medical device, such as whether it is used as a standalone product, how it relates to hardware devices, and whether it was originally developed for medical use.
Examples of SaMD include software used to analyse medical history data such as MRIs, X-ray or CT scans, and other video or audio recordings. The analysis provided by the software helps to identify abnormalities and assists physicians in diagnosis and treatment decisions, in monitoring patient progress and response to treatment, and in predicting the risk of developing diseases.
Fragmented and variable regulation of SaMD can create challenges for innovators who need to navigate diverse requirements and can add to the costs and timescales of research and development, ultimately affecting patient access to innovative products. However, there is significant uncertainty about what works best for regulation of this area, and different regulatory strategies are emerging.
For example, an innovative regulatory strategy introduced by the U.S. Food and Drug Administration is a programme which provides faster regulatory processes for some pre-approved organisations, the Pre-Cert programme. Regulation in this way is based on the processes involved, rather than the definition of the software itself. Organisations which are not Pre-Cert approved follow standard regulatory pre-market assessment that is defined predominantly by the risk category into which their SaMD falls. Other important differences include varying legal provisions for data protection and privacy that influence both the creation and regulation of AI-driven and machine learning–dependent SaMD.
Realising the potential benefits of the growing demand for SaMD may require clearer and more-consistent regulation of patient safety and medical effectiveness.
Share on TwitterThe SaMD regulatory landscape is likely to continue to evolve, as part of wider evolution in the regulation of medical devices. A particularly interesting area is the UK, which since leaving the EU has the scope to fundamentally reconsider how to regulate digital health and the potential to leverage its smaller scale to create a distinct framework.
There is scope for progress in both formal regulatory approval practices and in the less-formal interventions that can support effective self-regulation of SaMD use in practice. To do so, several regulatory and wider policy challenges may need to be considered by decisionmakers.
Balancing Pre-Market Approval Requirements and Post-Market Surveillance
First, although the use of SaMD promises many benefits for patients and health care practitioners, it also can pose the risk of making erroneous decisions (PDF). For example, challenges can follow when software is trained only using data that does not provide a robust characterisation of the cases to which it would be applied or if it unintentionally obscures clinical judgement. The challenge is deciding when and what types of evidence need to be gathered to ensure safety and effectiveness. Questions to be asked could include:
- What evidence should be made available to regulators before a product reaches the market?
- To what extent can existing standards provide appropriate reference points in this fast-moving area?
- What constitutes a feasible and safe balance between pre- and post-market, real-world data assessments and how does this affect incentives for innovators?
- How can evidence requirements account for user diversity and encourage inclusiveness in both SaMD design and use?
Regulating Technology That Is Frequently Changing
Second, regulatory processes for medical devices were designed for products with lifecycles of years. In contrast, software is continuously changing and updating and this raises important policy and regulatory considerations. For example:
- Can existing regulatory frameworks for medical devices be adapted to accommodate innovation at the intersection of medicine and digital technology, or are entirely new approaches and separate regulatory channels needed for digital health?
- Can the skills necessary to evaluate SaMD (PDF) be developed and nurtured sustainably within existing regulatory agencies?
Harmonising Classifications and Definitions of SaMD
Third, variation in how SaMD is defined creates uncertainty about regulatory requirements, the time and routes needed to reach the market, and associated development costs. One defensive strategy of innovators is deliberately limiting the capacity of products, thus minimising the consequent regulatory risks. But this also means that the potential of digital health, including SaMD, may not be being fully realised. Important questions policymakers might consider include:
- Would a universal definition support more-efficient innovation in the SaMD space and would it help tackle regulatory fragmentation?
- Are current definitions of the term 'software' sufficient in the context of medical devices?
- And how can classification and regulatory requirements be made clearer to innovators?
Putting the Needs of End-Users at the Centre of Regulatory and Policy Developments
Finally, the needs of patients and the health service could be placed at the centre of regulatory and policy developments. To address challenges to adoption in practice and safe and informed use, there may need to be a better understanding of the needs, expectations, and practices of patients and health care providers. Specifically:
- How is new SaMD taken up, used, and 'evaluated' by users over time;
- How do different users establish trust towards a new device and what potential concerns do they have about SaMD?
- How can patients and health care professionals obtain reliable information and guidance on safe SaMD use and what information, capabilities, and/or training do users need for safe and effective SaMD use, including across diverse or vulnerable populations?
We've reflected on a number of the key SaMD-related issues and wider policy challenges that may require decisionmaker attention. The speed at which SaMD technologies are entering the market and the likely further growth of this innovation could require solutions that tackle potential safety risks proactively, support effectiveness, and produce a conducive environment for innovation at the crossroads of medicine and technology.
Zuzanna Marciniak-Nuqui is an analyst in health and well-being, Nick Fahy is research group director of health and well-being, and Sonja Marjanovic is director of health care innovation at RAND Europe.