PICASO will deploy a home-monitoring solution where the involved patients will be asked to use and test at least three different devices to monitor specific health parameters. The devices used in the project have been carefully selected to ensure that they fulfill the necessary security and quality requirements in order to protect patients, and clinicians, in the trials from harm.

Paul Quinn, representing the project’s legal expert partner, VUB, has published an article in Computer Law & Security Review that discusses the regulation of mHealth devices in the context of the EU Medical Device Framework (MDF) and the how the concept “intended purpose” is used to determine if a device or mobile app have to comply with the MDF.  The article entitled “The EU commission’s risky choice for a non-risk based strategy on assessment of medical devices” questions if this key concept is really adequate to protect patient safety.

Article abstract

Regulation of medical devices has been one of the most notable regulatory initiatives of the European Union. The need to ensure that medical devices are of a high quality is self-evident in nature. This is demonstrated by the lack of willingness of both healthcare institutions and professionals to use medical devices that have not properly been certified. In determining which devices are medical devices and should therefore meet the requirements of the regulatory framework, both the current and the proposed frameworks foresee a central place for the concept of ‘intended purpose’. This means that only those manufacturers that have explicitly stated that their device is to be used for a medical purpose should have to comply with the medical device framework. Unfortunately, however, this concept has become increasingly problematic given the rise in mHealth (mobile health) practices and ‘appification’ (shift to mobile devices) in particular, arguably posing potentially serious risks to human health in certain cases. This article discusses the problems that are created by the ever-increasing amount of ‘well-being’ apps and the fact that most will not be classed as medical devices. Despite apparently being aware of these problems, the EU Commission has opted to maintain its current approach in the newly proposed regulation, choosing not to employ other approaches as the FDA has for example done in opting to use a ‘risk based case-by-case approach’.

The Computer Law and Security Review (CLSR) is an international journal of technology law and practice providing a major platform for publication of high quality research, policy and legal analysis within the field of IT law and computer security. The article is available online at www.sciencedirect.com.

The EU commission’s risky choice for a non-risk based strategy on assessment of medical devices