Companies with digital health solutions are drivers of innovation in the healthcare industry. However, they are also subject to complex regulations. One of the most important is the Medical Device Regulation (MDR) - especially for EU digital health tech adoption. This article provides an overview of the key information and challenges of the MDR, as well as tips on what eHealth companies should consider when developing a digital medical device.
Current development and significance of the Medical Devices Regulation
The digitalization of healthcare is accompanied by new regulations to protect patient safety. In April 2017, the EU Medical Devices Regulation was adopted; and was to be applied in full from May 2021.
A reason to breathe a sigh of relief: On March 7, 2023, an extension of the transition period was decided. For medical device manufacturers whose certificate or declaration of conformity was issued before May 26, 2021, the transition period will be extended until December 31, 2028, at the latest, depending on the classification.
The MDR has a significant impact on the medical technology industry. Effort aside, it also offers clear benefits: by understanding the requirements and implementing confidence-building processes in the software and hardware development cycle, companies can ensure that their products meet these standards, improve health outcomes and remain compliant. At the same time, they increase brand awareness, competitiveness and credibility with potential customers.
What is the EU Medical Devices Regulation?
The EU Medical Device Regulation (MDR) is a regulation of the European Union (EU). As a European supranational set of regulations, the MDR imposes strict safety, quality and risk management requirements in connection with all medical devices.
Note: The MDR must be distinguished from the Medical Devices Implementation Act (MPDG), which supplements the EU medical device regulations with specific national requirements and replaces the German Medical Devices Act (MPG).
What does the European Medical Devices Regulation regulate - and for whom?
The regulation governs the approval, placing on the market and monitoring of medical devices in the EU by independent testing bodies and regulatory authorities. By setting uniform standards and requirements for different markets, the MDR aims to improve the safety, quality and efficacy of medical devices and create more transparency.
In addition to manufacturers, importers and distributors of medical devices in the EU, the new regulations are also relevant for compliance or quality management professionals for example.
Examples of digital medical devices – DiGAs and DiPAs
A wide range of terms and definitions circulate for digital medical devices. Not every piece of medical software or hardware is automatically a medical device.
Digital medical devices include:
Digital health apps (DiGA) such as digital therapeutics (DTx) or sleep apps. DiGA denotes low-risk class applications that serve medical purposes and can be used by the patient.
Digital care apps (DiPA) such as senior tablets or memory training apps. DiPA denotes applications that are used in care and support or improve care processes.
Wearables with sensors such as fitness trackers or chest straps
Both DiGA and DiPA application classes have to undergo a special certification procedure in the EU countries since January 21, 2021, in order to be recognized as a medical device and approved for the market.
The difference between SaMD and SiMD
Medical software is basically divided into two categories:
- Software as a Medical Device (SaMD) SaMD includes stand-alone software usable on non-medical devices such as smartphones, tablets or wearables, e.g. apps to improve sleep quality or blood glucose levels.
- Software as part of a medical device (Software in a Medical Device, SiMD). SiMD refers to embedded software that is part of a medical device.
The following figure illustrates the process of classification.
Product classification in the EU vs. the USA
You want to distribute your SaMD in the USA as well? The MDR only applies to the EU market, and the US healthcare market and public health matters are regulated by the Food and Drug Association (FDA). As a result, different regulations apply - for example, to the product class, albeit developing a global strategy based on knowledge of both is usually possible.
In the EU (MDR) the classification is made in four classes (I, IIa, IIb and III) and is based on the intended purpose and the potential risks of the respective medical devices. The intended purpose refers to the intended use according to the manufacturer's specifications, instructions for use, advertising or sales material, and clinical evaluation.
In the USA (FDA) SaMD is classified into three classes I, II and III. The classification is based on the controls on effects and functionality required to demonstrate safety and efficacy.
What does the MDR change compared to the old directive?
|Old specifications||New specifications|
|Medical Device Directive (93/42/EEC, Medical Device Directive or MDD)||EU Medical Device Regulation (2017/745, Medical Device Regulation or MDR)|
|Directive on Active Implantable Medical Devices (90/385/EEC, Active Implantable Medical Devices or AIMD).|
|Directive on in vitro diagnostic medical devices (98/79/EC, In Vitro Diagnostic Device Directive or IVDD).||In Vitro Diagnostic Medical Devices Directive (2017/746, In Vitro Diagnostic Medical Devices Regulation or IVDR).|
The IVDR defines the requirements that in vitro diagnostic devices such as laboratory equipment must meet in the EU. The amendments to the MDR and IVDR impose stricter requirements on manufacturers and stakeholders.
The most important innovations of the MDR Regulation:
Expanded definition of a medical device
Introduction of a unique product identifier (UDI)
Strict post-market surveillance (PMS)
Designation of a person responsible for MDR compliance
New product classification according to risk, contact duration and invasiveness
Stricter clinical evidence requirement for implantable medical devices and class III medical devices
More rigorous clinical evaluation of Class IIa and Class II medical devices.
What impact will MDR have on the development of digital health solutions?
The MDR places stricter requirements on the development and distribution of digital medical devices. As a result, many companies will have to adjust their planning, revamp processes, or invest more time and money in their projects.
Risk management, intended use and compliance
One of the biggest impacts on development is the risk management system. It is designed to ensure that the risks of the application are controlled and minimized throughout the life cycle, from risk identification to risk mitigation measures. The MDR also requires careful clinical testing to assess the safety and performance of the digital medical device. This requires a comprehensive analysis of clinical data.
In addition, a conformity assessment must be performed, with the procedure depending on the particular risk class and product characteristics. In addition, the MDR affects product liability: The regulation requires medical device manufacturers to have liability insurance to cover patient claims for damages.
Typical challenges in the implementation of the MDR
Especially for small and medium-sized companies with health tech solutions, the MDR can be a challenge. There are a number of stumbling blocks on the path to approval that can delay the market launch or cause additional costs.
The stricter requirements mean that costs are rising – whether due to the higher requirements for documentation, systems for UDI product labeling, the obligation to appoint a compliance officer or the re-approval of products already approved under MDD.
More stringent requirements apply to product types such as medical device software or software-containing products: Some apps are classified in Class IIa and higher, which requires a Notified Body and incurs additional time and costs.
If the new specifications change the class and thus the conformity assessment procedure, manufacturers and stakeholders must meet other requirements. This can delay product approval.
Some specifications, such as the procurement of clinical data, leave room for interpretation and are a subject of controversy in health care.
The requirements for clinical evaluation are significantly higher due to the new MDR. On the one hand, companies must conduct more extensive clinical studies. On the other hand, the clinical evaluation report (CER) poses a challenge for many companies.
On the one hand, not all notified bodies serve all specialist areas. On the other hand, bottlenecks are to be expected in the coming years concerning the recertification of existing digital medical devices.
The European Medical Device Regulation is one of the most important sets of regulations for digital health companies that want to market their applications in the EU. It determines what is considered a medical device and regulates the approval, placing on the market and monitoring of medical devices.
The strict requirements of the MDR can put pressure on small and medium-sized companies in particular. Complex processes such as clinical evaluation or post-market surveillance can delay the market launch, lead to violations or cause additional costs.