Simmons & Simmons, a respected law firm headquartered in the City of London, have published an article on their interpretation of the regulation of health apps currently in force in the UK, as well as where future EU regulation could be heading. The full article, titled The Regulation of Smartphone Medical Software Applications as Medical Devices, has been published in Pharma magazine in three tranches (Part I, Part II, Part III).
At first glance, this looks to be consistent with our report – Regulation of health apps: a practical guide – published January 2012. Simmon & Simmons views on a potential new Medical Device Regulation that would replace both the MDD and AIMDD are particularly intriguing, and highlight two potential requirements ahead for developers and app stores alike.
One likely ramification of this is that marketers of apps whose products are classed as “medical devices” will have to ensure that they collect detailed information, at point of sale, on the identity and location of consumers purchasing their apps. At present, it is not clear whether such information is routinely gathered through online app market-places, or whether it is made available to manufacturers and suppliers. Further, each medical device would, under the proposed MDR, have to bear a unique device identifier in order to facilitate its traceability, and which will form part of the public domain by virtue of being recorded on the Commission’s database.
Regarding the first requirement, whilst app stores have long been reticent to provide a service that allows developers to identify customers directly, this is clearly technically possible through separate in-app registration processes, such as those employed by banks. However it does simply add another burden on manufacturers, particularly when you consider the EC data and privacy challenges that accompany such a requirement.
The second requirement is more trivial and just plain common sense. The provision of a central EC database and unique identifier per medical device is long overdue. Currently an end user would need to check the database of each member state’s Competent Authority by manufacturer’s legal name in order to validate whether a CE mark has been correctly applied to a medical device to signal its conformance – a highly laborious task. In light of the PIP breast implant scandal, there is hopefully now more political will to see this important service realised, to the benefit of patient safety, and improved end user confidence in the devices themselves.