FDA Draft Guidance: Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices

On January 26, 2016, the U.S. Food and Drug Administration (FDA) released draft Guidance on interoperable medical devices. This provides important direction for medical device manufacturers to consider in the design of their products. Comments on the draft Guidance will be accepted by FDA for 60 days. 

The draft Guidance is directly aligned with the Department of Health and Human Service's (HHS) continuing efforts to promote interoperability for health information and technology innovation in order to improve the efficiency and effectiveness of health care delivery, as outlined in the HHS Interoperability Roadmap. As FDA noted in the draft Guidance, when done right, interoperable medical devices can "foster rapid innovation at lower cost." It also extends FDA's emphasis on software verification and validation to ensure patient safety and product reliability, which the agency highlighted in its 2005 Guidance on software in medical devices, and its 2014 Guidance directed at mobile medical app makers.

The latest draft Guidance focuses on the availability of safe and effective medical devices and the exchange and use of medical information from these devices. Its principal concerns, of course, relate to patient safety and effectiveness, and in particular that the exchange and use of medical device information is accurate, timely, and not misleading. The draft Guidance provides manufacturers with design considerations for interoperable medical devices, and describes the information the FDA will expect to see in pre-market submissions to show that safety features on interoperable devices have been carefully addressed.

Specifics of the draft Guidance

Definition: In the draft Guidance, FDA defines an interoperable device as a medical device having "the ability to exchange and use information through an electronic data interface with another medical device, product, technology, or system."

Product Development Considerations: To mitigate potential safety concerns from such cross-device data exchanges, the agency encourages careful consideration of the following during product development:

• What is the purpose of the device's electronic data interface?
  
  Specifically, manufacturers should think through and identify the types of devices their product will connect to, how that connection will be made, the type of data the device will exchange and the method of transfer, the frequency of data exchanges, and how receiving devices will use that data.

• Who are the anticipated users of the data?
  
  Specifically, manufacturers should identify expected users of shared data. For example, will it be used by professional care givers or information technology experts? Manufactures should also think about how recipients will use the shared data.

• What security risks might flow from intended and unintended access to the data?
  
  Specifically, manufacturers should consider whether unintended access to the device might compromise the device's safety or the safety of other integrated devices. They should evaluate whether adequate security features are in place, and whether the device can handle and dispose of data that is corrupted. They should also evaluate whether the device can deal with and move past basic failures and malfunctions.

• Does the device have appropriate user verification and validation controls?
  
  Specifically, manufacturers should consider whether controls are necessary to limit access to authorized users, and if so, whether such restrictions are adequate.

• Is the device appropriately labeled, with adequate directions for use?
  
  Specifically, manufacturers should ensure that the product labeling is sufficient to ensure proper use of the product.

Premarket submissions: The draft Guidance describes the information FDA will look for in pre-market submissions for devices that claim interoperability. The requested information is largely to ensure that manufactures have given thorough consideration to the questions listed above. Those include:

• A device description that discusses in detail the electronic data interfaces found on the device, including the purpose and use of each interface and an explanation of how data will be exchanged.
• A risk analysis that considers risks associated with interoperability, including risks from reasonably foreseeable misuse of the device's interoperable capabilities.
• Results from verification and validation testing for the electronic data interfaces.
• Labeling that enables users to connect and use the interoperable features of the device.