Contributing Experts at Medrio: Tina Caruana, Director of eClinical Solutions
According to McKinsey’s 2024 MedTech predictions, the MedTech industry is poised to deliver a banner year in 2024. To do so, the industry is leaning into innovation. However, regulatory uncertainty continues to cause apprehension.
Regulatory bodies are focusing on four key areas in MedTech to keep up with new technologies and their complexities:
- Holistic evidence
- Artificial intelligence (AI) and machine learning (ML)
- Cybersecurity
- Participant diversity
1. Holistic Evidence
MedTech organizations face increasing pressure to collect more holistic evidence showing efficacy, safety, and cost-effectiveness.
To this end, many advances in real-world data (RWD) and real-world evidence (RWE) allow for better monitoring and evaluation for postmarket safety. According to the FDA, these strides have “increased the potential for generating robust RWE to support FDA regulatory decisions.”
In December 2023, the FDA released draft guidance regarding the use of RWE in medical devices. The guidance proposes expanded and updated recommendations to the 2017 RWE guidance.
The latest draft guidance includes:
- New real-world data collection examples
- Fit-for-purpose data determinants
- Methodologies for real-world data collection
- Real-world data analysis techniques to generate real-world evidence
2. Artificial Intelligence and Machine Learning
Regulators are adapting to faster AI and ML innovation with appropriate oversight.
In April 2022, the FDA issued draft guidance tailored to AI/ML-enabled devices that “provides recommendations on the information to be included in a Predetermined Change Control Plan (PCCP) that may be provided in a marketing submission for ML-DSF.”
In late 2023, the European Medicines Agency published a reflection paper on the use of Artificial Intelligence (AI) in the medicinal product lifecycle. The paper explored issues such as governance, data protection, integrity, and ethics.
The FDA reports increasing pre-submissions and marketing submissions for AI/ML-enabled medical devices, with more anticipated.
Despite this progress, implementation may be slow. “Because of regulatory requirements, the deep integration of AI in medical products and services remains years away,” according to McKinsey.
3. Cybersecurity
Medical device cybersecurity is crucial amid cyber attacks and rising AI. Regulators now prioritize data security, integrity, and privacy alongside safety and efficacy.
Leaning into data security is a major way MedTech companies can protect their data.
In the US, the FDA expects manufacturers to lessen cybersecurity risks by taking a total product lifecycle approach. In September 2023, the FDA released a cybersecurity medical device guidance document outlining quality system considerations and the content of premarket submissions.
The guidance document provides recommendations to:
- Promote consistency
- Facilitate efficient premarket review
- Ensure medical device resilience to cybersecurity threats
In Europe, manufacturers should closely review several documents offering specific guidance on cybersecurity requirements for medical devices.
These guidance documents include:
4. Participant Diversity
Historically, clinical research often relied on a narrow group of participants. However, a study population should be representative of the distribution of the disease. Fortunately, change is underway.
In April 2022, the FDA issued a new draft guidance to help “increase enrollment of underrepresented populations in their clinical trials.”
Meanwhile, the Food and Drug Omnibus Reform Act of 2022 (FDORA) requires that all marketing applications include a “diversity action plan” to meet enrollment goals.
The Office of Minority Health and Health Equity supports the FDA’s diversity efforts through the “Diversity in Clinical Trials Initiative,” featuring ongoing public education and outreach.
Using the Right Tech for MedTech Regulatory Compliance
A company’s data assets are equally important as its therapeutic assets. Therefore, MedTech organizations need to work with vendors who are up-to-date on regulatory changes and industry best practices.
MedTech organizations should seek ISO 13485 certification and remain vigilant in maintaining compliance with:
- FDA (US Food and Drug Administration)
- MDD (Medical Device Directive)
- MDR (Medical Device Regulation)
- Other regulations, depending on the markets being served
They should also look for vendors that meet or exceed data security standards for the industry, including SOC 2 Type II, ISO/IEC 27001, ISO/IEC 27701, GDPR, ISO 9001 Certified, E6 (R2) GCP, and more.
Want to learn more about choosing the right technology amidst this shifting regulatory landscape? Check out our eBook “How to Choose the Right eClinical Technology to Power Your Studies.”