Published on 18.08.17 in Vol 2, No 1 (2017): Jan-Dec
Heart Rate Monitoring Apps: Information for Engineers and Researchers About the New European Medical Devices Regulation 2017/745
Background: After years in the making, on April 5, 2017, the European Parliament and Council finally adopted Regulation (EU) 2017/745, the new Medical Devices Regulation (MDR), repealing the existing Medical Device Directive (MDD) 93/42/EEC. Though long anticipated, this shift in policy will have strong and lasting effects in the medical devices industry.
Objective: This paper focuses specifically on the classification of software as a potential medical device under MDD and MDR and examines whether or not the regulatory framework for health apps has changed substantially and what, if any, impact is to expected. A particular emphasis will be on the issue of classification uncertainty raised by borderline cases such as heart rate monitoring and well-being apps. The paper primarily targets researchers and engineers unfamiliar with regulatory requirements for medical devices and aims to provide a concise, yet accurate, overview of the European regulatory framework. This is of particular relevance as with the exponential growth of fitness and health-related apps, the lines between toys, lifestyle products, and medical devices have increasingly blurred.
Methods: The recently published European Medical Device Regulation is analyzed and compared to the preceding MDD.
Results: The previous regulatory framework already provided for the possibility of apps to fall under the definition of medical devices, in which case classification rules for active medical devices applied. However, while applicability of the new regulatory framework still hinges on whether the intended purpose is medical or not, the threshold for classifying as a medical device has been considerably lowered due to a broader interpretation of what constitutes a medical purpose.
Conclusions: The adoption of the new European regulation on medical devices entails the risk that manufacturers previously unaffected by the medical devices regulatory framework may now unwillingly and unwittingly find themselves in the arena of medical device manufacturing.
JMIR Biomed Eng 2017;2(1):e2
- European Medical Device Regulation;
- (EU) 2017/745;
- heart rate monitoring;
- health apps;
We live in interesting times. In fact, in the last 10 years or so, our already technology-driven lives became even more reliant on modern technology. Gradually and subtly we have witnessed not only our mobile phones but everyday objects become “smart.” That is, they increased in terms of functionality, connectivity, and interoperability as they evolved from common appliances to entities of what is now commonly referred to as the “Internet of Things”. Modern mobile phones harness tremendous computational power and a whole plethora of advanced sensors in the palm of a hand. Arguably, nowhere is this technological revolution more evident than in the healthcare sector where mHealth is increasingly gaining momentum [- ]. On the other hand, it has become increasingly challenging to accurately differentiate between apps for lifestyle and well-being purposes and actual medical apps [ ] (ie, apps which by virtue of their intended purpose are to be considered medical devices). While there certainly exists a risk of stifling innovation, especially in a relatively young and dynamic field such as mHealth with its many start-up companies, certainty pertaining to legal requirements and product safety classification is paramount to succeed in this highly innovative and competitive arena. Acknowledging the fast pace of innovation, it becomes increasingly important to remain up to date with the entire spectrum of legal requirements, keeping in mind that a failure to do so may likely spell the untimely demise of otherwise viable and innovative manufacturers.
This paper begins with a brief summary of the existing European Directive on medical devices, namely 93/42/EEC, its relevant amendments, and the classification of software under the Medical Device Directive (MDD). The paper then proceeds to provide an overview of the newly adopted Medical Devices Regulation (MDR) and discusses changes with respect to the MDD. The paper concludes with an assessment of the impact the new regulatory framework is likely to have on the health app sector.
The Existing European Medical Device Directive 93/42/EEC
Medical devices legislation in the European Union has been fully harmonized under Directive 93/42/EEC , last amended by Directive 2007/47/EC [ ] in September 2007.
Classification of Software as Medical Device Under the Medical Device Directive
Article 1(2)(a) MDD, as amended by 2007/47/EC, defines a medical device as:
any instrument, apparatus, appliance, software, material or other article, whether used alone or in combination, including the software intended by its manufacturer to be used specifically for diagnostic and/or therapeutic purposes and necessary for its proper application, intended by the manufacturer to be used for human beings for the purpose of:
• diagnosis, prevention, monitoring, treatment or alleviation of disease,
• diagnosis, monitoring, treatment, alleviation of or compensation for an injury or handicap,
• investigation, replacement or modification of the anatomy or of a physiological process,
• control of conception,
and which does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but which may be assisted in its function by such means.
Accordingly, the MDD already provides for software to be classified as a medical device if said software is intended to be used for one of the above listed medical purposes (eg, diagnosis, treatment). This is emphasized by Recital 5 in 2007/47/EC , which states:
It is necessary to clarify that software in its own right, when specifically intended by the manufacturer to be used for one or more of the medical purposes set out in the definition of a medical device, is a medical device. Software for general purposes when used in a healthcare setting is not a medical device.
Thus, given the intended medical purpose, standalone software such as (but not limited to) mobile phone apps constitutes an active medical device according to Definition 1.4 Annex IX MDD, as amended by , which further provides classification criteria to determine the adequate risk category within an incremental system of four classes, namely I, IIa, IIb, and III with I being the lowest and III being the highest risk class.
In particular, having established standalone software to be a medical device, Rule 10 MDD becomes fully applicable and provides that:
active devices intended for diagnosis are in Class IIa:
• if they are intended to allow direct diagnosis or monitoring of vital physiological processes, unless they are specifically intended for monitoring of vital physiological parameters, where the nature of variations is such that it could result in immediate danger to the patient, for instance variations in cardiac performance, respiration, activity of CNS in which case they are in Class IIb.
Accordingly, apps for the mobile phone‒based detection of atrial fibrillation have already been classified as Class IIa under MDD, since atrial fibrillation is generally not an acutely life-threatening condition. If the above does not apply, apps are generally classified as Class I devices (Rule 12 MDD), assuming they are medical devices in the first place.
Note that classification as a Class I device is particularly attractive because the manufacturer can self-certify (see Annex VII MDD), avoiding the additional burden of certification through a Notified Body.
With the rare exception of a few Class IIa apps (eg, “FibriCheck”  for the detection of atrial fibrillation), fitness and healthcare-related apps on the market to date are almost entirely not labeled as medical devices due to their intended purpose, as stipulated to by the manufacturer, not being one of the medical purposes listed in Article 1(2)(a) MDD. Whether or not this will hold under MDR as well is examined in the following section.
The New Medical Devices Regulation (EU) 2017/745
As the identifier 93/42/EEC implies, the MDD regulatory framework is a couple of decades old, with the respective first drafts actually dating back to the mid-80s. The proposal for a new Medical Devices Regulation was first published in September 2012 , setting in motion a lengthy negotiation, review, and amendment process. The MDR was eventually adopted on April 5, 2017, published in the Official Journal of the European Union on May 5, 2017 [ ], and entered into force on the 20th day following its publication (ie, May 26, 2017). However, there is a transitional period of approximately 3 years (Article 120 MDR).
Regulation Versus Directive
Note that as opposed to the MDD, the new MDR is a regulation rather than a directive. The two differ in that a regulation is directly enforceable in all member states, whereas a directive first requires an implementation into national law. The German Medical Devices Act (Medizinproduktegesetz, MPG) can be seen as Germany’s implementation of the MDD.
While similar at first glance, the new MDR in fact substantially differs from the MDD it repealed. The following appraisal will be limited to selected changes relevant to the discussion at hand since an analysis of further aspects would be beyond the scope of this paper.
A first (and arguably easily overlooked) important difference arises in the very definition of “medical device”, defined in Article 2(1) MDR as:
any instrument, apparatus, appliance, software, implant, reagent, material or other article intended by the manufacturer to be used, alone or in combination, for human beings for one or more of the following specific medical purposes:
• diagnosis, prevention, monitoring, prediction, prognosis, treatment or alleviation of disease
Note the expansion of the definition of medical device (further expansions of the definition by Article 2(1) MDR will be disregarded here) to devices engaging in the prediction and/or prognosis of diseases. Accordingly, an app that collects and possibly aggregates data from various sensors and the subject’s input (think of big data and analytics) to assess a subject’s risk of developing a specific disease or condition or the likelihood of worsening or improvement of an existing disease or condition may have to be classified as a medical device under Article 2(1) MDR. However, this would require said device to be explicitly intended for the prediction and/or prognosis of disease. As discussed in more detail below, the MDR provides for an exemption for devices whose intended use lies in nonclinical arenas such as lifestyle or general well-being. However, a manufacturer is obliged to accurately and unambiguously indicate the device’s intended use without acting arbitrarily for the sole purpose of circumventing the (perhaps unfavorable) medical device classification.
Classification of Software as Medical Device Under the Medical Devices Regulation
Similar to MDD, MDR provides an extensive list of classification criteria (Annex VIII MDR). The significant change lies in the adoption of a specific classification rule for software not encountered previously in either the original MDD or its amendments. Rule 11, Annex XIII MDR states:
Software intended to provide information which is used to take decisions with diagnosis or therapeutic purposes is classified as class IIa, except if such decisions have an impact that may cause:
• death or an irreversible deterioration of a person’s state of health, in which case it is in class III; or
• a serious deterioration of a person’s state of health or a surgical intervention, in which case it is classified as class IIb.
Software intended to monitor physiological processes is classified as class IIa, except if it is intended for monitoring of vital physiological parameters, where the nature of variations of those parameters is such that it could result in immediate danger to the patient, in which case it is classified as class IIb.
All other software is classified as class I.
While the classification criteria of MDD and MDR as previously discussed are virtually identical, the broadening of the definition of “medical purpose” in Article 2(1) MDR in combination with Rule 11 MDR has far-reaching implications. While under MDD (among others) an emphasis on diagnosis or monitoring of treatment of disease is required to fall into the scope of the Directive’s definition of medical device, under the new MDR (as previously discussed) the scope has been broadened by the addition of “prediction and prognosis” of disease. This means that many apps, which did not constitute medical devices under MDD, now become medical devices, most likely Class IIa.
With the adoption of the new European regulation, health apps are now more likely to fall under the definition of medical device and thus become subject to the provisions of MDR.
With the inclusion of “prediction and prognosis of disease” in Article 2(1) MDR, a heart rate monitoring app for instance may now be subject to MDR as soon as the heart rate monitoring functionality itself is enhanced by health assessments (ie, inferring the subject’s cardiovascular health on the basis of heart rate or heart rate variability measurements) and the like, which would have to be interpreted as a prediction and/or prognosis of disease.
However, the applicability of the new regulatory framework still hinges on whether the intended purpose of the app, as stipulated to by the manufacturer, is medical or not. Apps solely intended for lifestyle or well-being purposes represent an important exception, for they do not constitute medical devices (see Recital 19 MDR). However, it has arguably become much easier to cross from being a lifestyle product to being a Class IIa medical device, a fact that engineers and researchers must recognize.
ML was supported by the “Excellence Initiative” of the German Federal and State Governments and the Graduate School of Excellence Computational Engineering at Technische Universität Darmstadt. The views expressed in this paper are solely those of the author in his private capacity and do not necessarily reflect the views of Technische Universität Darmstadt or any other organization.
Conflicts of Interest
- Martínez-Pérez B, de la Torre Diez I, López-Coronado M, Herreros-González J. Mobile apps in cardiology: review. JMIR Mhealth Uhealth 2013;1(2):e15 [FREE Full text] [CrossRef] [Medline]
- Shen C, Wang MP, Chu JT, Wan A, Viswanath K, Chan SSC, et al. Health App Possession Among Smartphone or Tablet Owners in Hong Kong: Population-Based Survey. JMIR Mhealth Uhealth 2017 Jun 05;5(6):e77 [FREE Full text] [CrossRef] [Medline]
- Dorsey ER, Yvonne CY, McConnell MV, Shaw SY, Trister AD, Friend SH. The Use of Smartphones for Health Research. Acad Med 2017 Dec;92(2):157-160. [CrossRef] [Medline]
- Quinn P. The EU commission's risky choice for a non-risk based strategy on assessment of medical devices. Computer Law & Security Review 2017 Jun;33(3):361-370. [CrossRef]
- OJ L 169, 127. Council Directive 93/42/EEC of 14 June 1993 concerning medical devices URL: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:31993L0042 [WebCite Cache]
- Council Directive 93/42/EEC concerning medical devices Directive 98/8/EC concerning the placing of biocidal products on the market, OJ L 247, 219. Directive 2007/47/EC of the European Parliament of the Council of 5 September 2007 amending Council Directive 90/385/EEC on the approximation of the laws of the Member States relating to active implantable medical devices URL: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32007L0047 [WebCite Cache]
- FibriCheck - Physicians. URL: https://fibricheck.com/physicians [accessed 2017-08-03] [WebCite Cache]
- Proposal for a Regulation of the European Parliament and the Council on medical devices, and amending Directive 2001/83/EC, Regulation (EC) No 178/2002 and Regulation (EC) No 1223/2009, 26. 2012. 9 URL: http://eur-lex.europa.eu/procedure/EN/2012_266 [accessed 2017-08-03] [WebCite Cache]
- Regulation (EC) No 178/2002 Regulation (EC) No 1223/2009 repealing Council Directives 90/385/EEC93/42/EEC. Regulation (EU) 2017/745 of the European Parliament of the Council of 5 April 2017 on medical devices amending Directive 2001/83/EC URL: http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=OJ:L:2017:117:TOC [WebCite Cache]
|CNS: central nervous system|
|EU: European Union|
|MDD: Medical Device Directive 93/42/EEC|
|MDR: Medical Devices Regulation (EU) 2017/745|
|mHealth: mobile health|
|MPG: Medizinproduktegesetz (German Medical Devices Act)|
Edited by G Eysenbach; submitted 09.06.17; peer-reviewed by S Wende, A Alesanco; comments to author 12.07.17; revised version received 03.08.17; accepted 04.08.17; published 18.08.17
©Michael Lang. Originally published in JMIR Biomedical Engineering (http://biomedeng.jmir.org), 18.08.2017.
This is an open-access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in JMIR Biomedical Engineering, is properly cited. The complete bibliographic information, a link to the original publication on http://biomedeng.jmir.org/, as well as this copyright and license information must be included.