News

Navigating the Unique Regulatory Challenges of Digital Health Technologies

With minimal regulatory barriers, developers can expedite product development cycles health and wellness apps. However, developers of health products need to be aware that market pressures may eventually lead to initial product designs being classified into new regulatory categories.

Published on:
August 19, 2024

This article was originally published in For the Record.

The realm of digital health has long been dominated by health and wellness apps. These applications typically focus on helping users monitor various health metrics, like blood pressure and blood  glucose levels, and providing reminders for medication schedules. However, their functionalities are limited to tracking and informing without offering diagnostic or treatment decisions, making them exempt from stringent regulatory oversight by authorities such as the FDA in the United States or the Therapeutic Goods Administration in Australia.

Since they don’t fall under the  classification of medical devices and are not subject to regulatory scrutiny, health and wellness apps enjoy significantly simpler development and market entry processes, contributing to their widespread  availability and global adoption. With minimal regulatory barriers, developers can expedite product development cycles, allowing for quicker market launches and widespread consumer access. However, developers of health products need to be aware that market pressures may eventually lead to initial product designs being classified into new regulatory categories.

Regulatory Variability and Product Evolution

Market demands and technological advancements can prompt developers to enhance the functionalities of their apps beyond basic data tracking. The growing demand for personalized, remote health care  has led to the advancement of telemedicine, defined as the use  of electronic information and communications technologies to deliver and support health care across distances. In recent years, the use of wearables in telemedicine has notably surged, bringing numerous advantages to the health care value chain and evolving to offer enhanced medical personalization, early  diagnosis, improved decision-making, and effective patient monitoring.

Digital health products may advance from merely supporting diagnosis to actively diagnosing medical conditions—a  progression that often results in reclassification into higher regulatory categories, for instance, from Class II to Class III in the US regulatory framework. An app that may have initially been designed for fitness monitoring  might evolve to incorporate features that support clinical decision-making or  health diagnosis. Such expansions in functionality could trigger reclassification under more stringent regulatory categories, such as Software  as a Medical Device classifications in the United States. With the increasing use of AI-powered technologies in health and wellness devices and apps, it is expected that regulations will soon catch up.

Although mapping out regulatory requirements for health and wellness applications may seem straightforward, given that they often don’t require stringent compliance, it’s essential to address these requirements during the product’s initial design phase. Developers must not only comply with existing regulations but also anticipate  potential shifts in regulatory frameworks as their products evolve.

Tackling this without a plan is not an efficient approach. Foresight is essential for integrating new features or  functionalities that may transition the product from a nonregulated status to a  more heavily regulated category, as in the previously mentioned example of a fitness app evolving to accommodate health diagnosis.

Navigating Country-Specific Regulatory Demands Amidst Cybersecurity Risks


Complicating things further, the  regulatory classification of these products varies from market to market around  the world. For example, while the FDA applies a risk-based  approach to software as a medical device, which resultantly excludes  many apps from regulation and oversight, Europe follows a function-based  approach based on the device’s intended purpose, regardless of outcomes.  Therefore, it’s extremely important that digital health product developers lay  out the country-by-country medical device-related regulatory requirements with  which their products will need to comply.

Moreover, global regulators have  intensified their security and expectations regarding data protection in  response to the  rise in cybersecurity threats in recent years. This makes ensuring  compliance with privacy and security standards essential for any digital health  regulatory roadmap. The fact that regulatory bodies now mandate that device  companies integrate security-by-design principles throughout the entire  lifecycle of digital health products reflects this reality. This includes  conducting thorough risk assessments and implementing threat modeling to  proactively address potential vulnerabilities. In the United States, this also  involves creating and maintaining a comprehensive and up-to-date software bill  of materials, as mandated by the 2023 US  Consolidated Appropriations Act.

Most digital health technologies will  incorporate some form of protected health information to provide personalized  and effective services, including accurate diagnosis, continuous patient  monitoring, and so on. This large demand for health care data is accompanied by  equally substantial vulnerabilities. Stricter regulations do not come as a  surprise when statistics reveal that nearly 1,000  security vulnerabilities were found across 966 tested medical  devices, which is a 59% year-over-year increase from 2022. Needless to say,  protecting the privacy of collected personal information is critical from a  regulatory point of view.

Balancing  Convenience With Regulation

The advancements in  digital health technologies have made health care convenient for many,  including those who don’t have easy access to on-site health care solutions. The  general public, for instance, has been encouraged to use wearables to promote a  healthier lifestyle. And digital health technologies have become popular among  older populations by offering real-time monitoring of potential problems,  giving them the confidence to carry on independently with reassurance. When  digital health technologies are designed with considerations for regulatory  compliance, security, and privacy, they not only avoid potential market  obstacles but also maximize benefits for users.

— Phyllis Meng,  cofounder and CEO of Pure Global, brings a diverse data analytics and  technology background to her role. With experience gained from positions as a key  data expert at Citadel Securities and technical team leader at Google, she  blends artificial intelligence and biomedical engineering to develop innovative  platforms for regulatory and compliance professionals.

Subscribe to newsletter
Subscribe to receive the latest blog posts to your inbox every week.
By subscribing, you agree to our Terms and Conditions.
Thank you for subscribing!
Oops! Something went wrong while submitting the form.
Read more

Latest News

Browse our news hub featuring company announcements, regulatory updates, and industry insights to keep you informed and ahead of the curve.

Regulatory Update
January 29, 2025

Wrapping up January 2025, medical device regulatory developments include new forms for NBs in Europe, new PMS guidance in the UK, an expedited approval partnership between China and Malaysia, and warnings of supply chain disruptions for pediatric patients in the US.

Regulatory Update
January 23, 2025

Medical device regulatory developments from the US and Thailand include: final FDA guidance on modular review for premarket approval applications and humanitarian device exemptions, and new expedited regulatory routes for low-risk devices and chronic disease prevention devices in Thailand.

Regulatory Update
January 16, 2025

This week, we are reporting on medical device regulatory updates from Canada, Europe, Brazil, and China. China's NMPA released registration review timelines, clarification on MDR and IVDR vigilance terms is now available, and Health Canada updated validation rules for non-eCTD transactions.

To kick off 2025, we bring you a round up of medical device regulatory updates from across Europe and the US, including a new position paper from TEAM-NB on MDR certification processes and numerous guidance updates from the US FDA.

Contact us
Request information

Let's Talk,
Anywhere You Are.

Whether looking for more information or ready to partner with us, we're here to guide you through every step of the regulatory process.

Our closest representative will get back to you within 24 hours.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Latest Blog Content

Explore our collection of articles, success stories, and regulatory updates, designed to help you take your product global.

Blog Article

The official IVDR transition period is here. IVDR expert Dr. Oliver Eikenberg discusses how IVD manufacturers should take action, starting with how to implement IVDR QMS requirements for the May 2025 deadline.

Kuala Lumpur Malaysia Skyline
Blog Article
Pure Global Team attends IMDEC 2024 in Malaysia

Pure Global participated in IMDEC 2024 in Kuala Lumpur to discuss the latest advancements in medical technology, regulatory efficiency, and the role of AI in transforming the industry. Highlights included updates from the Malaysian Medical Device Authority (MDA) that showcased their commitment to driving regional leadership in medical device regulation and innovation.

Pure Global 2024 Year in Review
Blog Article
Pure Global 2024 Year in Review

As 2024 comes to a close, Pure Global proudly reflects on a transformative year marked by substantial growth, cutting-edge innovation, and impactful collaborations.

Risk increases compliance chalenges under IVDR
Blog Article
What are the challenges under IVDR?

IVD manufacturers cite the new classification system, detailed definitions for intended purposes, and the need for verification of clinical evidence as key challenges under the IVDR.