As smartphones and other mobile devices become more and more common, medical applications appear in all areas of health care. Modern people are tech-savvy. They want the necessary information to be available at any second on their mobile devices.

Trying to regulate these apps, the U.S. Food and Drug Administration (FDA) created a guidance document for developers of mobile apps used in healthcare. According to the FDA, there are two categories of apps: regulated and unregulated. Unregulated apps are educational. They are used for clinical training or help patients monitor their health. Regulated apps may impact patient safety. They may also turn a user’s device into a regulated device that needs FDA 510(k) approval. For example, a patient monitor app turns your smartphone into a diagnostic device and therefore is regulated.

Although the guidance documents published by the FDA don’t have the force of law, they provide some important information for device manufacturers. Here are some of the key points from this document.

What Are Medical Apps

According to the FDA, mobile medical apps meet the definition of a medical device, serve as an accessory to regulated medical devices, or turn a mobile device into a regulated medical device. People can use mobile apps and medical apps to monitor their wellness and health. Such apps can help them monitor their caloric intake so that they can maintain a healthy weight. For example, the LactMed app developed by the National Institute of Health helps nursing mothers learn about the effects of various drugs on breast milk.

Apps also help health care professionals improve patient care. For instance, the REMM app, which stands for Radiation Emergency Medical Management, helps health care providers diagnose and treat injuries caused by radiation. There are also apps that can diagnose heart rhythm abnormalities or even cancer.

How the FDA Regulates Medical Apps

The FDA states that it encourages the development of medical apps that can provide health care professionals and patients with useful information. At the same time, the FDA points out its public health responsibility to control the safety and effectiveness of such apps, as well as any other medical devices.

Therefore, the FDA issued its Policy for Device Software Functions and Mobile Medical Applications Guidance in 2013. Since then, the FDA also issued updates in 2015 and 2019. The latest version of the guidance includes an updated, function-specific definition for a device. The FDA also stated that the policies for medical apps are function-specific and apply to all the platforms.

The FDA uses a risk-based approach to ensure the effectiveness and safety of medical devices and medical apps. Therefore, the functions of medical software are categorized by their potential risk. For example, there are moderate-risk software functions (Class II) and high-risk software functions (Class III). The guidance also mentions software functions that:

• are medical devices but don’t require enforcement discretion from the FDA;
• are not medical devices;
• are medical devices overseen by the FDA.

What Functions the FDA Focuses On

There is a wide range of software functions that the FDA considers in the context of their possible risks. Some types of software are associated with minimal risk, while others may cause a significant risk to patients and therefore require FDA review. The FDA asks software developers to contact them as soon as possible to get the necessary information about the level of risk. The FDA also provides examples of approved premarket submissions and examples of regulated device software functions. If you visit these links, you’ll find a detailed list of apps that are considered medical devices and therefore require FDA review.

Developers and manufacturers can also check out the public database of existing classification to determine the type of their software. You can also find a list of cleared and approved device software functions in the FDA’s PMA and 510(k) databases, as well as on the Registration and Listing Database. If developers make minor changes to their products, they don’t need to be re-evaluated by the FDA.

The FDA exercises enforcement discretion for various software functions that meet the definition of a device but are associated with minimal risk to patients. However, developers of such apps don’t need to register their software or to submit premarket review applications. For example, these are functions that:

• automate simple health care tasks (usually, such apps are intended for health care providers);
• help patients manage their medical conditions without offering any specific suggestions on treatment.

You can check out the examples of functions that require the FDA’s enforcement discretion for more detail.

It’s important to point out the fact that the FDA doesn’t regulate the consumer use or sale of tablets and smartphones. The FDA’s policy doesn’t focus on mobile platforms or companies that distribute mobile medical apps, such as Google Play or App Store. The reason is that these entities don’t fall into a category of medical device manufacturers. Therefore, the FDA’s guidelines only apply to medical apps, not to mobile device manufacturers or platform developers.

Final Thoughts

The FDA’s regulations focus on mobile apps used by patients and health care providers that can pose potential risks. All the medical software is classified based on its risk level, from Class I (low risk) to Class III (high risk). Some medical apps may pose risks associated with the features of the platform or with the characteristics of the mobile device. For example, small screen size or ambient light can affect the accuracy of the interpretation of medical images.

Therefore, medical app developers are encouraged to read the FDA guidelines to determine the type of their software and to ensure compliance with the necessary regulations.