More safety, or less innovation?
On 25 May 2017, after a clear "Yes" vote in the European Parliament, the European Directive on medical devices (MDD) and the European Directive on medical implants were replaced by the new European Medical Device Regulation (MDR). The transition period will be three years, and will end on 26 May 2020. The reality is more complex though. Transition periods for certain aspects of the MDR are longer. By 2024 at the latest, everything should be settled.
As a regulation for medical devices, the MDR is largely about classical medicinal products, of course. It thus affects predominantly companies that produce pacemakers, syringes, imaging equipment, contrast media and the like. But there are also chapters that will become highly relevant for healthcare IT providers.
Medicinal product or not? Why the new MDR won't help.
What is the status quo? Up until recently, software that was directly related to or used for diagnosis or therapy was considered a medicinal product. The relevant question was whether the healthcare IT provider defined the purpose of its product as being "diagnostic" or "therapeutic". If so, the software – including stand-alone software solutions – had to be classified medicinal products. It didn’t really matter what the software was actually used for in daily routine. What was relevant was the purpose given by the healthcare IT provider.
This is something that will not change with the new MDR, says Christoph Isele from the German industry association BVITG. "The new MDR is about software that is classified as a medicinal product by the provider. It doesn’t offer any help concerning the question of when to classify a software as a medicinal product." Today’s reality is that a provider who has decided that their software or parts of it fulfil a diagnostic or therapeutic purpose has to decide whether to classify the IT solution in total as medicinal product, or to encapsulate parts of it and classify this module separately.
There has been a trend in recent years to classify healthcare IT solutions in total. Radiology information systems, for example, are usually medicinal products, as are digital picture archives and IT solutions for critical care wards. The same is true for more or less all software that is used in the operating room. And certain types of digital health apps, too, tend to claim diagnostic or therapeutic purposes and thus become medicinal products. However, with very few exceptions, most healthcare IT providers went for a class I classification in the past, i.e. for the lowest classification level, and the easiest to reach.
Rule 11 will make medicinal product classification much tougher
Here is where it becomes interesting with respect to the new MDR. While the MDR doesn’t really help with deciding what software solutions to classify as medicinal products, it does provide guidance on how to classify a software solution once the decision to go for classification has been taken. This is what the notorious ‘Rule 11’ of the MDR is about, to be found in chapter 3 of the MDR’s Annex VIII.
‘Rule 11’ says that "software [that is] intended to provide information which is used to take decisions with diagnostic or therapeutic purpose is classified as class IIa, except if such decisions have an impact that may cause death or an irreversible deterioration of a person’s state of health, in which case it is in class III; or a serious deterioration of a person’s state of health or a surgical intervention, in which case it is classified as class IIb. All other software is classified as class I."
If taken literally, ‘Rule 11’ will leave healthcare IT providers that decide in favour of classification as a medicinal product in the vast majority of cases little choice other than to go for at least a class IIa classification, says Professor Christian Johner from the Johner Institute for IT in Healthcare. "I have not heard any plausible scenario, in fact, that would justify a class I certification," Johner says. Given the ‘Rule 11’ definition, many healthcare IT solutions could in fact rather be class IIb, since it will be pretty easy to imagine a worst-case-scenario for whatever software that might in rare cases, lead to a surgical intervention, for example.
Digital health could become much more expensive
The key message is that classification of healthcare IT solutions will likely become much tougher in the years to come, and much more expensive. To get a class I classification, all that is necessary is a technical documentation and a standardised declaration of the healthcare IT provider. Class II, in contrast, requires a certified quality management. Class II medicinal products are also audited and tested by the ‘notified bodies’. Johner estimates that this alone will require an additional €20,000 or so on top of what is necessary for a class I classification.
Another €20,000, Johner says, will likely be necessary for the clinical evaluation. In the case of software, this is usually done by external experts. The clinical evaluation is not a novelty that comes with the MDR. It was introduced some years ago already by way of the EU Guideline MEDDEV 2.7.1. But since the clinical evaluation is tougher for class II products than it is for class I products, the MDR could well mean that a rather tough clinical evaluation will become necessary for more or less all software solutions that run for classification. "It will become much more complex and much more expensive," says Johner.
Proponents point to increase in patient safety
Given this background, many in the industry fear that the new MDR will disadvantage smaller, innovative healthcare IT companies, and in particular healthcare IT start-ups that run on tight budgets. "I am really worried that bigger software providers increasingly acquire smaller companies and their products and start to offer bundled solutions. This is something that has to be seen very critical from a user perspective," says Aladin Antic, CIO of Germany-based KfH, a market-leading provider of renal dialysis clinics in Germany.
Proponents of the new MDR, on the other hand, argue that it will increase the safety of medicinal products including healthcare IT solutions considerably, and that it brings more clarity with respect to what requirements are necessary for healthcare IT providers that decide to go for solutions with an explicit diagnostic or therapeutic purpose.
"US policy-makers instructed the FDA to back away from medical software that poses a low risk to patient health. In Europe however there was no room for a similar scope decrease."
The European Coordination Committee of the Radiological, Electromedical and Healthcare IT Industry (COCIR) is in many ways very critical of the new MDR. COCIR, too, is convinced that while 80% of medical software or web applications fell into class I under the old MDD, now more or less all software or web applications will score class IIs or higher.
Secretary General Nicole Denjoy points to the fact that Europe handles healthcare IT regulation far stricter than the US: "US policy-makers instructed the FDA to back away from medical software that poses a low risk to patient health. In Europe however there was no room for a similar scope decrease." On the contrary, Denjoy argues, there is a clear mandate now to toughen the requirements in order to improve product safety, performance and traceability. "Faced with a tsunami of health apps and in light of government resource constraints, European policy-makers chose to lift medical software into the higher regulatory classes, so that the direct supervision of the manufacturers and their products moves from the competent authorities to the notified bodies." This, COCIR is convinced, will result in product price increases, and it will likely increase the cost of healthcare provision a few per cent.
View Insights 6.1 eBook - More safety, or less innovation?