Quality Management Strategies
Tectonic technological shifts often cause great change or dissatisfaction. People either identify directly with technological change or naturally take a more conservative stance.
By and large, however, the Life Sciences and the Healthcare sector have both seen a tremendous amount of growth and productivity thanks to the evolution of Software embedded into Devices.
Innovation in Connected Health, in particular, has meant Medical Devices have become increasingly software-driven through various feature-enriched capabilities. Determined efforts within the industry have transformed value-based healthcare through digitisation which has resulted in the production of software either being used in combination, separately or embedded.
This has led to an abundance of acquisitions and mergers across both European and International markets in the Life Sciences sector. Artificial Intelligence (AI) platform rights holders in recent years have made various attempts to link arms with corporations in the quest for more efficient drug discovery albeit, some of these attempts being of little success.
As expected, EU standards have accumulated labels or terms to best define software-driven medical devices. The current EU MDCG 2019-11, has forthwith labelled any software driving a Medical Device as Medical Device Software (MDSW). Section 2 Definitions and Abbreviations states:
Medical device software [...] is [...] intended to be used, alone or in combination, for a purpose as specified in the definition of a ‘medical device’ [...].
This definition is somewhat murky.
The following definition in the IMDF Key Definitions - 2013 standard, appears to be more clear:
the term ‘Software as a Medical Device’ (SaMD) is defined as software intended to be used for one or more medical purposes that perform these purposes without being part of a hardware medical device [...].
SaMD has since been the terminology of preference albeit continuous innovation of the definition will have to be accommodated.
With contemporary attitudes changing, definitions maturing, manufacturing and marketing regulatory activities continue to be exceptionally sensitive and volatile for organisations to manage. Especially for organisations or businesses who have yet to embrace such change.
Quality Management System (QMS) Frameworks
One of the main concerns across the Life Sciences, in particular, is that there appears to be lack of a unified framework for uniting all of the best practices involved for SaMD development in addition to contemporary regulatory activities.
These concerns are not irrational. Many organisations within the Life Sciences acknowledge the possibilities of technological innovation but are cautious in advocating new technology (AI or not) unless there is a proven tangible benefit to their operations and performance.
The use of technology within many in-house departments of large organisations, as it stands, is often unevenly distributed from country to country, department to department.
This makes it exceedingly difficult to balance digital transformation without overturning an organisation’s operational choreography. It’s easy to acknowledge why organisations of significant size are sceptical about the practical benefits involved.
At the same time, it would be naive of experts to advocate the practical benefits with absolute certainty. According to the Biomedical Instrumentation Technology Journal (Simone, 2013) between 2005-2011, approximately 19.4 per cent of medical device recalls were related to software issues.
This was just the beginning. Medical Device Software manufacturers have since faced more challenges with patients and users becoming closer to a given device or software. This has, in turn, distinguished new safety-critical operation sectors, additional risk and data assessment divisions in addition to significant changes to device-to-market regulation and compliance.
Considering that SaMD solutions often contain vital information or data besides explicit direction and interaction with patients, for example, personalised medication dosages - regulation plays a vital role in governing the complete software lifecycle in delivering software products and services to international markets.
Such regulatory demands have meant that organisations and manufacturers can no longer accommodate “checklist-to-clipboard” routines at a later stage of the development lifecycle. It has become increasingly important that conformity and regulatory activities ought to occur incrementally throughout. Although regulation holds a central position, market interests also drive organisational imperatives which in return, cause internal pressure.
Balancing Innovation & Pursuing Regulatory Requirements
Common challenges Healthcare Technology organisations and manufacturers face are either highly specific or generally concentrated upon leveraging the state of the art. Contemporary software development processes or lifecycles in addition to balancing continuous administrative, regulatory and financial demands, dominate this space.
Strategically, organisations may want to opt for a unified Quality Management System (QMS) framework to incorporate internally across all operations.
The objective of a QMS is to operate and execute a framework alongside software development lifecycles to warrant regulatory conformity and ensure market-assessment activities remain consistently visible from end to end.
The QMS framework embodies a large amount of documentation in the form of Standard Operating Procedures (SOP) and regulatory, legal and medical industry specific formulae or deliverables.
QMS frameworks have become a powerful strategy to employ albeit difficult to sustain. Organisations must not underestimate the scale of the undertaking.
Efforts can easily become lost when trying to implement a universal QMS across large international organisations. Even though the QMS is itself a framework that enables continuous feedback and synchronisation, as a matter of practical reality, maintaining a pre-existing QMS is in itself, a difficult task. Yet, if organisations are willing to commit, then a QMS framework becomes an organisations contingency plan during medical device software auditing.
The objectives behind a QMS is twofold: one is to ensure regulatory and compliance activities sustain a required level of visibility throughout a development lifecycle; secondly to ensure efficient document control and change control management in addition to employee training is maintained.
Both objectives are to assist compliance operations throughout the development of SaMD/MDSW products by the classification and desired international market route.
To what extent regulation plays a role within an organisation QMS framework is inevitably determined from both the desired scope involved and of internal judgment.
The Closer the Patient, Higher the Threshold
As a rule-of-thumb, the closer a patient is to SaMD and its intended medical purpose, the more compliance must be adequately covered. Organisations mustn’t simply supervise from a distance.
The closer a patient or user is to the software, the more influential regulatory maintenance becomes. Certain matters can no longer be left undefined or within a limited scope, especially with regards to the representation of personal data.
To ensure organisations do not fall well short of the minimum demands required for regulatory compliance, a QMS strategy for the development of SaMD or Non-SaMD (Cloud Native Platforms), per se, helps to cover such topics whilst maintaining alignment with international data protection directives and standards besides the state of the art software development methodologies.
Regulatory Compliance: Where Are We Now?
There has been a substantial increase in medical regulatory standards for cybersecurity, in particular, a hot topic for both the international courts and industry over the last 5 to 10 years. The debate will continue for some time, especially with regards to the design, development and verification of digital health solutions.
Historically, human rights initially played out in a vertical relationship between the state and its citizens, horizontal relations between private parties and their services, were less concentrated. With the introduction of modern technology, the dynamics have overturned.
The horizontal space is now manifesting in significant ways throughout businesses, organisations. Everyday technology has changed the citizen-to-state relationship dramatically.
As a direct result, the right to privacy plays a crucial role throughout the software development lifecycle across different industries. For SaMD in particular, interest in regulatory compliance has consequently dominated the innovation landscape.
The conditions now organisations are now facing are very different from those at which they had contemplated several years ago. The markets have changed, technology (with Artificial Intelligence (AI) I playing an embryonic role) and in particular Connected-Health, has blossomed.
Directives such as the IEC-62304 and the AAMI TIR45 have enabled those bold enough to sidestep the larger well established corporate players in half the time - which has significantly displaced both the Healthcare and Life Sciences sector’s north-star.
In any event, there are still immediate questions to be answered. What boundaries are involved or to be established for Personal Patient Data or Personal Health Data? Can these boundaries be re-constructed at will? When does personal data no longer become classified as personal data under the confinements of law and legislation?
Who is liable for data damage when transferring data back and forth from other international jurisdictions? Who shall be held liable if an AI system, which has the initiative to operate on its own, provides inaccurate information to a patient? How to safely combine personal devices with other medical devices?
These questions have highlighted not only new market routes and overlaps but in turn, have caused a decisive transformation in how organisations are to foster innovation and ensure regulatory compliance.