Smart, connected devices are an increasing reality of daily life. It is estimated that by 2020, there will be 33 billion internet devices in the world—enough for 4 connected devices per person, according to research by Strategy Analytics, Inc. This growth will inevitably lead to an increase in connected medical devices and mobile health (mHealth) applications. Yet this new frontier presents many challenges for the industry, as there is often a lack of clarity as to how to design, develop, and follow regulatory requirements for products. Instead, it is up to the industry to determine best practices for developing safe, secure products that will fulfill a need. When it comes to the future of connected medical devices, consider two things: protecting patients and following regulations. (See Figure 1)
Protecting Patient Safety and Security
Patient safety and essential performance are important to keep in mind when designing connected devices. This could include shape, weight, or the materials used in its creation. There may also be concerns about chemicals or other materials in a device, and environmental aspects, such as reactions to vibrations, climate issues, or repeated use, may also come into play. Additionally, a product’s scope of use may go beyond its original intention in the real world, being used in settings you didn’t intend or plan for.
Once the basic design is set, any medical electrical device must be tested for electromagnetic compatibility (EMC) to IEC 60601-1-2 or an equivalent national standard. It is inevitable that these devices will be used in settings with other medical equipment, so it’s essential to ensure that the electromagnetic (EM) emissions from the device do not interfere with other equipment. On the other hand, it’s also important to make sure that the device isn’t susceptible to EM fields being given off by other devices, like monitors, WiFi signals, phones, or other radio-frequency identification (RFID) devices in the area. This type of testing is called wireless coexistence testing.
Security is also a major concern for connected devices, as patients (and health care providers) seek peace of mind that personal data and sensitive medical information like health readings, monitoring information, diagnoses, medications, and vital statistics remain protected. The security of a device or app itself must be considered. Where is information stored? How is it protected? How might it be compromised by other devices that interact with it? For example, if a device is Bluetooth enabled, how do you ensure that a second Bluetooth device can’t somehow take control or syphon information? Whether through PINs, passwords, timeout features, or firewalls, it is imperative that methods are employed to balance the need for user control, security, and interaction.
Rules and Regulations
Medical devices are subject to standards and regulations from several organizations, including the U.S. Food and Drug Administration (FDA), the International Electrotechnical Commission (IEC), and the American National Standards Institute (ANSI), to name a few. Apps may be subject to the FDA and the Federal Trade Commission (FTC). If the device includes a transmitter or wireless charger, the Federal Communications Commission (FCC) and other spectrum regulators in target markets will get involved. Products that are diagnostic in nature have different requirements than ones that simply store data or are used for treatment. The types of regulations in place depend on the specific device or app in question.
In general, there is not a lot of FDA-specific guidance or official standards surrounding wireless devices. The FDA does not have specific requirements for coexistence testing. The organization has only issued guidance for staff of healthcare facilities to ensure the safety of devices they use and reduce EMI as well as a general guidance document titled, “Radio Frequency Wireless Technology in Medical Devices”, issued August 14, 2013. Manufacturers should be prepared to test to IEC 60601-1-2 standards and when radios are incorporated into medical devices coexistence and cybersecurity may need to be addressed, but specific guidance on how to perform the testing and specific test requirements is sparse. ANSI is still developing standards for wireless devices under ANSI C63.27.
Outside of the EMI safety issue, devices may be subject to chemical restrictions, certification criteria for electronic devices, or certain performance and safety protocols for any electronic wireless devices. Additionally, any diagnostic tools must get FDA 510(k) clearance and devices used in treatment may be subject to clinical trials and other standards and regulations.