With the coronavirus (COVID-19) pandemic showing no signs of abating, many digital health developers have refocused their technical expertise to develop products for use in the pandemic, including software apps for COVID-19 screening and risk assessments, digital therapeutics, and remote patient monitoring systems. The Food and Drug Administration (FDA) also has focused on the use of digital health technologies to address pandemic-related issues by issuing several new guidance documents on various types of digital health devices. In addition, FDA has approved multiple Emergency Use Authorizations (EUAs) for software intended for use in screening COVID-19 patients, remote monitoring systems, and wearable device technologies.
Companies developing digital health technologies for use in the COVID-19 pandemic should be mindful of FDA’s quickly evolving policies and guidance and should consider what, if any, FDA requirements may be applicable to their products.
Since the start of the pandemic, FDA has issued several guidance documents on digital health and digital therapeutic devices intended for COVID-19-related purposes. These include, for example, guidance documents for non-invasive remote monitoring devices, remote digital pathology devices, medical imaging systems, non-invasive fetal and maternal monitoring devices, digital health devices for treating psychiatric disorders, and remote ophthalmic assessment/monitoring devices. These FDA guidance documents generally describe policies of enforcement discretion intended to reduce certain premarket and/or postmarket requirements. However, the scope and nature of the enforcement discretion policies described in these guidance documents vary significantly.
For example, FDA’s guidance document, Enforcement Policy for Digital Health Devices for Treating Psychiatric Disorders During the COVID-19 Public Health Emergency, exempts certain Class II devices from the following FDA requirements under a policy of enforcement discretion: 510(k) premarket notification, reporting of corrections and removals, registration and listing, and unique device identification (UDI). In contrast, FDA’s guidance document, Enforcement Policy for Non-Invasive Remote Monitoring Devices Used to Support Patient Monitoring During the COVID-19 Public Health Emergency, covers remote monitoring devices that have been already cleared by FDA, and allows manufacturers to make certain limited modifications to their devices without submitting a new 510(k) premarket notification.
Pre-pandemic guidance documents issued by FDA also may impact how or whether COVID-19 apps and other digital health solutions are regulated. FDA’s draft guidance on the clinical decision support (CDS) software exemption under the 21st Century Cures Act, which was reissued in September 2019, is likely the most relevant guidance for most COVID-19 apps. We previously described this draft guidance in a prior Lawflash. Also of significance is FDA’s recently updated guidance document, Policy for Device Software Functions and Mobile Medical Applications, which describes categories of software apps that are either actively regulated by FDA, subject to enforcement discretion, or are not within FDA’s regulatory purview.
Given the high-risk nature of COVID-19, digital health developers also should consider the product liability risks associated with their technologies and whether liability immunity under the federal Public Readiness and Emergency Preparedness (PREP) Act may be applicable. As described in our prior Lawflash, the PREP Act provides immunity from personal injury, business disruption, or property damage claims, except willful misconduct. Such liability immunity may be available to individuals or organizations that develop, manufacture, or distribute devices – including software and other digital health devices – intended to treat, diagnose, cure, prevent, or mitigate COVID-19. However, there are a number of criteria that must be met to qualify for PREP Act immunity. For example, the digital health device must be cleared, approved, or otherwise authorized by FDA for COVID-19 purposes. Thus, digital health developers that want to take advantage of PREP Act liability immunity will, at a minimum, need to obtain FDA authorization or clearance for their digital health device – e.g., via an EUA, 510(k), investigational device exemption (IDE), premarket approval application (PMA), or de novo request. As noted above, multiple companies have already sought and received EUA authorization from FDA for digital health products, including COVID-19 software apps, remote monitoring systems, and wearable devices.
Morgan Lewis helps companies around the world and across industries assess the impact of the legal and regulatory issues described above. We have assisted numerous clients with navigating FDA policies and guidance related to medical device and digital health products, both before and during the COVID-19 pandemic, including support for evaluating how or whether such technologies are regulated by FDA, the preparation and submission of EUAs and other premarket submissions, and counseling on postmarket compliance issues.
For our clients, we have formed a multidisciplinary Coronavirus COVID-19 Task Force to help guide you through the broad scope of legal issues brought on by this public health challenge. Find resources on how to cope with the post-pandemic reality on our NOW. NORMAL. NEXT. page and our COVID-19 page to help keep you on top of developments as they unfold. If you would like to receive a digest of all new updates to the page, please subscribe now to receive our COVID-19 alerts, and download our COVID-19 Legal Issue Compendium.
If you have any questions or would like more information on the issues discussed in this LawFlash, please contact any of the following Morgan Lewis lawyers: