You are here

TGA Internet site archive

The content on this page and other TGA archive pages is provided to assist research and may contain references to activities or policies that have no current application. See the full archive disclaimer.

Webinar: The role of the TGA in digital health, 7 February 2019

4 April 2019

Disclaimer

These presentation papers are provided on the TGA's website solely for the purpose of indicating or suggesting what TGA representatives spoke about to the various conferences and seminars to which it relates. The papers are not legislative in nature and should not be taken to be statements of any law or policy in any way.

The Australian Government Department of Health (of which the TGA is a part) advises that (a) the presentation papers should not be relied upon in any way as representing a comprehensive description of regulatory requirements, and (b) cannot guarantee, and assumes no legal liability or responsibility for, the accuracy, currency or completeness of the information contained in the presentation paper.

Webinar

  • Presented by: Dr Lee Walsh CPEng
  • Presented at: online
  • Presentation date: 7 February 2019
  • Presentation summary: This presentation discusses where the TGA fits in the broader digital health environment.

Presentation

Print version of presentation

How to access a pdf document

The role of the TGA in digital health

Dr Lee Walsh CPEng
Technical Lead (Digital Health), Devices Conformity Assessment Section, Medical Devices Branch, Medical Devices and Product Quality Division

TGA Webinar, 7 February 2019

Slide 1 - Housekeeping

  • Today's event will be recorded
  • To participate: type your question in the bottom left message box
  • Messages are privatised to moderator and speakers only
  • We will be conducting live polls throughout this event
  • Difficulties hearing sound from your computer? please feel free to listen to the event via your telephone:
    1. Dial 1800 896 32
    2. Enter Pass Code 1330247191
    3. If difficulties still continue please contact Redback services for support on 1800 733 416
  • This event will be published on the TGA website
    • News room
    • Presentations

Slide 2 - Website references and contacts

Medical device regulation basics

Regulation of Software as a Medical Device (SaMD)

Premarket medical device enquiries

The TGA's Digital Devices team

Upcoming TGA events and presentations

Slide 3 - March webinar

How the TGA regulates software, including apps

Thursday, 7 March 2019, 12:30pm.

Registration will open shortly, refer to our events and training page located on the TGA website.

Slide 4 - What is digital health?

The Australian Digital Health Agency says:

"Digital health is about electronically connecting up the points of care so that health information can be shared securely." 1

"Genomics, precision medicine, AI-based decision support, and epidemiological applications of "big data" are just some of the other aspects of digital health." 2

"Smart medical devices that incorporate digital health technologies to enable new and better ways of monitoring health and delivering care."

  1. https://www.digitalhealth.gov.au/get-started-with-... - 9 Oct 2018
  2. https://www.digitalhealth.gov.au/about-the-agency/... - 9 Oct 2018

Slide 5 - What is digital health?

The FDA says:

"The broad scope of digital health includes categories such as mobile health (mHealth), health information technology (IT), wearable devices, telehealth and telemedicine, and personalized medicine."3

  1. https://www.fda.gov/medicaldevices/digitalhealth/ - 9 Oct 2018

Slide 6 - What is digital health?

Wikipedia says:

Digital health "involves the use of information and communication technologies to help address the health problems and challenges faced by patients. These technologies include both hardware and software solutions and services, including telemedicine, web-based analysis, email, mobile phones and applications, text messages, wearable devices, and clinic or remote monitoring sensors.

Generally, digital health is concerned about the development of interconnected health systems to improve the use of computational technologies, smart devices, computational analysis techniques and communication media to aid healthcare professionals and patients manage illnesses and health risks, as well as promote health and wellbeing."4

  1. https://en.wikipedia.org/wiki/Digital_health - 9 Oct 2018

Slide 7 - What is digital health?

  • Sensors and wearables
  • Machine learning and AI
  • Quantified self
  • Mobile health
  • Phone and tablet apps
  • Connected medical devices
  • Telehealth
  • Electronic medical or health records
  • Medical software
  • Medical imaging
  • Big health data and analytics
  • Personal genomics
  • DIY medical devices
  • Smart medical device

Slide 8 - Are any of these regulated by the TGA?

  • Sensors and wearables
  • Machine learning and AI
  • Quantified self
  • Mobile health
  • Phone and tablet apps
  • Connected medical devices
  • Telehealth
  • Electronic medical or health records
  • Medical software
  • Medical imaging
  • Big health data and analytics
  • Personal genomics
  • DIY medical devices
  • Smart medical device

Slide 9 - Are any of these medical devices?

  • Sensors and wearables
  • Machine learning and AI
  • Quantified self
  • Mobile health
  • Phone and tablet apps
  • Connected medical devices
  • Telehealth
  • Electronic medical or health records
  • Medical software
  • Medical imaging
  • Big health data and analytics
  • Personal genomics
  • DIY medical devices
  • Smart medical device

Slide 10 - Are any of these medical devices?

41BD What is a medical device (1) A medical device is:

(a) any instrument, apparatus, appliance, material or other article (whether used alone or in combination, and including the software necessary for its proper application) intended, by the person under whose name it is or is to be supplied, to be used for human beings for the purpose of one or more of the following:

(i) diagnosis, prevention, monitoring, treatment or alleviation of disease;

(ii) diagnosis, monitoring, treatment, alleviation of or compensation for an injury or disability;

(iii) investigation, replacement or modification of the anatomy or of a physiological process;

(iv) control of conception; and that does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but that may be assisted in its function by such means; or

(aa) any instrument, apparatus, appliance, material or other article specified under subsection (2A); or

(ab) any instrument, apparatus, appliance, material or other article that is included in a class of instruments, apparatus, appliances, materials or other articles specified under subsection (2B); or

(b) an accessory to an instrument, apparatus, appliance, material or other article covered by paragraph (a), (aa) or (ab).

(2) For the purposes of paragraph (1)(a), the purpose for which an instrument, apparatus, appliance, material or other article (the main equipment) is to be used is to be ascertained from the information supplied, by the person under whose name the main equipment is or is to be supplied, on or in any one or more of the following:

(a) the labelling on the main equipment;

(b) the instructions for using the main equipment;

(c) any advertising material relating to the main equipment;

(d) technical documentation describing the mechanism of action of the main equipment.

(2A) The Secretary may, by notice published in the Gazette or on the Department's website, specify a particular instrument, apparatus, appliance, material or other article for the purposes of paragraph (1)(aa). The notice is not a legislative instrument.

(2B) The Secretary may, by legislative instrument, specify a particular class of instruments, apparatus, appliances, materials or other articles for the purposes of paragraph (1)(ab).

(3) The Secretary may, by order published in the Gazette or on the Department's website, declare that a particular instrument, apparatus, appliance, material or other article, or that a particular class of instruments, apparatus, appliances, materials or other articles, are not, for the purposes of this Act, medical devices.

Slide 11 - Where are the challenges?

Medical Devices:

  • Sensors and wearables
  • Machine learning and AI
  • Quantified self
  • Mobile health
  • Phone and tablet apps
  • Connected medical devices
  • Telehealth
  • Electronic medical or health records
  • Medical software
  • Medical imaging
  • Big health data and analytics
  • Personal genomics
  • DIY medical devices
  • Smart medical device

Slide 12 - Where are the challenges?

  • Software as a Medical Device (SaMD)
  • Security of connected medical devices
  • Distributed and backyard manufacturers
  • Empowered/participating patients/consumers
  • Medical devices that include machine learning or artificial intelligence

Slide 13 - What have we done?

Regulated

International Medical Device Regulator's Forum (IMDRF)

  • SaMD working group
    • SaMD – Key Definitions (2013)
    • SaMD – Possible framework for Risk Categorisation (2014)
    • SaMD – Application of QMS (2015)
    • SaMD – Clinical evaluation (2017)

CSIRO research and consultation on SaMD & cybersecurity

Slide 14 - What are we doing?

  • Public comment on cybersecurity guidance
  • IMDRF Cybersecurity working group
  • Changes to regulation (adoption, harmonisation)
  • Public consultation on regulatory changes
  • Produce SaMD guidance documents
  • Stakeholder engagement and collaboration
  • Capability development

Slide 15 - Future challenges

Artificial intelligence and machine learning

  • Software that changes itself
  • Devices that learn from their decisions
  • Centralised devices (cloud)

Slide 16 - Registration questions

Thank you

  • Helps speakers prepare
  • Identifies gaps and informs future activities

Slide 17 - Answers to registration questions

  • Does the TGA regulate products for mental health?
    • Yes
      • See the definition of a medical device (slide 5) regarding which ones.
  • Does this relate to products used in the pharmaceuticals sector?
    • Yes
      • If they meet the definition of a medical device (e.g. dose calculators).

Slide 18 - Answers to registration questions

  • How does the TGA view the interaction between digital health, digital medical devices, software, and cybersecurity?
  • What role does the TGA have with regard to the regulation of mobile health apps?
  • Will any categories of digital health be exempted from regulation?

In short, have a look at the legislated definition of a medical device (slide 5).

  • If the product is a medical device, the TGA regulates it.
  • For more about apps see Regulation of Software as a Medical Device
  • Current processes are the same as for other medical devices and IVDs.
  • Cybersecurity is one risk associated with medical devices, like other risks it is required to be minimised.

Slide 19 - Answers to registration questions

  • Is the TGA building a separate regulatory scheme for digital health?
    • No
      • The TGA's regulation of these products is, and will continue, under the existing framework.
      • However, the current framework is under review with regard to whether amendments are needed to appropriately capture some emerging digital health technologies.
      • Some other agencies are considering how to manage products that are not medical devices or IVDs.

Slide 20 - Answers to registration questions

  • Any tips for sponsors, manufacturers, importers, exporters, or developers?
  • When will guidance be provided or updated?
  • If your product is a medical devices or IVD, it is regulated as such.
    • The same requirements and processes apply as for other medical devices.
  • The framework is under review, and there is a program of consultation and engagement activities for 2019.
    • The goal is to provide new and updated guidance.
    • Please talk to us, respond to consultations and tell us which activities help you.

Slide 21 - Answers to registration questions

Slide 22 - Answers to registration questions

Slide 23 - Answers to registration questions

Will the TGA harmonise with, or recognise approval from other jurisdictions?

Bigger than today's topic. In summary:

  • We seek international harmonisation where possible.
  • We are a founder and active member of the International Medical Device Regulators Forum (IMDRF).
  • The TGA has recently released guidance on using evidence from overseas regulators: Comparable overseas regulators for medical device applications
  • Some products are regulated differently in Australia because our legislation is written to address the risks to Australian patients and consumers.

Slide 24 - Answers to registration questions

Can data collected by digital devices be used as evidence?

  • Yes
    • This is an important advantage of digital medical devices.
    • Feeds into the evidence dossier.
    • Can also be used for post-market monitoring.

Slide 25- Question time

Slide 26 - For more on TGA visit

Webinar recording

RACHEL: Now without further ado, I'll pass the time over to Dr Lee Walsh, our presenter for today and thank you very much.

DR LEE WALSH: My name is Lee Walsh and I work in the conformity assessment section of the TGA. Some of you may know me from post-market but I've moved across to conformity assessment recently and over here I'm the technical lead for digital health. So, there are a lot, obviously, new and novel technologies, and communicative devices these days. Many of them fit inside what we'd call digital health, which creates an uncertainty around which things TGA regulate and which things we don't.

So, this is part of a program of webinars which we'll run over the next 12 months and this first one's just intended to give some clarity to the question of does TGA regulate digital health or not? Up on the screen now, I've got some of the references that are relevant to digital health regulations. So, the first item is just the general medical device regulations link for those who might not be familiar with it. Software is a medical device is relevant to many digital health technologies.

So, that page is there, as well. And then we've got our two boxes. So, the general inbox or pre-market medical device inquiries and then we've also got a specialist inbox for the digital devices for those who specialise within the branch that work on these products.

Will it start? OK, thank you. So, I said this is a program of webinars; the next webinar is scheduled for the seventh of March, the same time. So, we're planning to make them the first Thursday of each month at 12:30. The next topic is up there and will be around how we regulate medical software including apps or medical tablets. Registration isn't open yet, but we expect to have that up in the next day or two. So, look out for that if you're interested.

So, onto the main presentation. I thought I'd start by talking about what digital health is. It's actually quite hard to define, but it's a term that's used very commonly these days and it's used to refer to a lot of different technologies. So, if we look at the commonwealth we have our own Australian digital health agency and this is the definition they have on their website at least when I checked back in October, and that's actually quite specific and you can see it relates to a couple of specific technologies.

If we look a bit deeper into the website we find...sorry, wrong aspect, we find that they do talk about some other technologies there, as well including genomics and AI based technologies, but they're still quite specific about a few technologies and that's understandable given the work that they do.

If we have a look at another regulator we see that the FDA gives this definition and they say there's a broad scope and then they include some specifics and obviously some are interesting in Australia like tele-medicine and tele-health, important here and in the US. They include wearable technologies and technologies connected to what we'd normally refer to as IT infrastructure.

If we look at the 'source of all knowledge' [Wikipedia], we see another definition that's broader again. I really like the second paragraph of this because it refers more to the principle of digital health which, I think, is really what it is. It's quite hard to define what is and isn't digital health and that's because really the whole concept of it is that it's about connecting medicine using information, digital technologies, smart devices, all these things to improve healthcare. And if you use a definition like that it becomes quite clear that a lot of technologies don't exist yet and haven't been conceived are included in digital health and this is a field that's growing and we've constantly got novel and emerging technologies. That can be challenging to regulate.

So, I started by pulling together a collection of digital health technologies. This is not intended to be exhausting, but it certainly captures the ones we get inquiries about and some of the others that are active in the academic environment or other sort of public or media environments where people are talking about. So, if we take this collection of digital health technologies and we ask the question, does the TGA regulate any of these? We then are looking at how does TGA decide what it regulates and really, TGA works under the legislation. So, we don't actually decide what is or isn't regulated. We have the therapeutic groups act to tell us that.

So, what we're really worried about is, are any of these products medical devices? Because when it comes to regulation, TGA regulates medicines, we regulate medical devices, and we regulate biologicals. So, fortunately the act is quite clear and this is the section of the act you want to read, if you want a legal definition of medical device. So, section 41BD of the Therapeutic Goods Act from 1989 has the definition of medical device in Australia. We see here that it's an instrument, appliance, apparatus, material or other article that does one of these things. So, we're really talking about things if they have a diagnostic or a treatment with therapeutic use. We've got prevention, treatment of disease, diagnosis of disease or disability or injury. We include monitoring and alleviation under this definition and also things that modify or replace the anatomy or physiology of the body.

That's the part you all can see on websites and in other people's definitions, but the second part of this section is also important because it relates to how we decide whether your device does one of these things. And we do that by the purpose that the manufacturer intends. So, there'll be many technologies out there that could in principle be used in medicine as a medical device, but are not manufactured with the intention of being used that way. You could think of something completely generic like, a set of headphones or a pen, to go down the ridiculous end just because doctors use pens to write medical records and diagnose patients or to poke them or write or mark the skin. It doesn't make them a medical device. They're not intended by the manufacturer to be used that way.

Similarly if you take a pair of high fidelity headphones and you use them for audiology, it doesn't make them medical devices if the manufacturer didn't intend them to be used that way. So, what happens here is you regulate under the purpose of what the manufacturer intends and you judge them on that based on how they label their product, instructions they put in their product and how they advertise their product. So, you can see here, if you're making a product and you are advertising it as diagnosing a particular condition or you use it in monitoring or treat a particular condition you've then captured that advertising that your product has a therapeutic use, and therefore it will be captured as a medical device. And then as with a lot of legislation, decisions can be made to include or exclude particular types of devices under this definition. And that helps deal with margin cases.

Now, if we come back to our collection of digital health technologies and ask the question, Are any of these medical devices? Do they fit under the definition I've just discussed?" The answer is that all of them do, at least some of the time.

Now, where something is a medical device by, you know, name or definition, a smart medical device is a medical device then all smart medical devices are regulated, but some of these other technologies may or may not be a medical device depending on how they're being used. So, something that contains a machine learning or AI technology might be a medical device if it's being used to help diagnose skin cancer, for example, but it won't be a medical device if it's not got that diagnostic, monitoring, therapeutic intended use. So, this means that really when you're coming to is digital health regulated by the TGA? Is this particular technology AI? Is AI regulated by the TGA? We don't look at it and say, Is it AI? Yes or no? Therefore we regulate it. We look and say, is this thing a medical device? And it could be any type of thing there. There would be articles that don't even exist yet or haven't been conceived, but when they come to life and come to market and they have a use that meets the definition of a medical device, they are captured under the legislation and we regulate it. So, that's really the question you'll want to be asking.

So, a lot of these technologies are new and they're emerging. They're not always straightforward to regulate. So, there are challenges around these products for the TGA, not just for the manufacturers. So, let's go through what some of those are.

I mentioned software as a medical device in the introduction and in our next webinar we'll focus on that. Software as a medical device from the TGA's perspective is a piece of software that runs on general computer platforms, for example a smart phone or a laptop computer. That meets the legislative definition of a medical device. So, all SaMD is a medical device, all SaMD is regulated by the TGA. But there is a bit of a misconception that SaMD is a new thing, a new technology, a new product. Medical software has existed for decades and it existed before the medical device framework was launched in Australia and it was around when the medical device framework was written, but what wasn't considered at the time was that there would be software products that would be installed on high powered computing platforms that everybody carries around in their pocket.

We go back to 2002 and the years before when the regulations were being written, computing platforms were quite different than what they are today, they had much less power, the iPhone hadn't been released yet and medical software was really in the domain of medical device manufacturers. Specialist companies, usually large companies who needed regulation. And one of the challenges these days is who is producing software? How easy is it to distribute? So, while software as a medical device is not new, the volume of products, how they produce and who's producing them, as well as what they can do is quite different to when the regulations were written.

Similarly, more and more devices are being connected to either internal networks within hospitals or you know, public networks like the internet. This, again, is not entirely new, but the number of devices that meet this category is rapidly increasing. And this includes SaMD products, but also traditional hardware products, which are now being connected to improve usability and improve healthcare outcomes. But it creates a new challenge for us when regulating digital products. I touched on this with SaMD, but the paradigm for developing software has changed a lot. Similarly with manufacturing, we now have manufacturing techniques which take manufacturing away from being restricted to large plants and specialised plants, to manufacturing being very easy in small facilities, small business and sometimes with individual people. Software is similar and probably more so...

These days medical software doesn't require a large company to develop it. Small businesses or individuals can develop a software and publish it very easily on one of the app stores or on their own website. So, how these products are developed and distributed means that we've got a lot of new stakeholders not meeting the regulation and capturing these people becomes quite important. Another challenge related to software development is distributed development.

Regulators need somebody to hold accountable. In Australia that is the sponsor of the device and the manufacturer who share their accountability to the regulator. With distributed development... So, this is why it's … open-source community, where you have a community developing a software, there isn't a legal entity a regulator can hold accountable in some of these cases, and so that can be quite challenging in how we ensure that product is safe and performing appropriately.

Consumers and patients are much more empowered about their health than they used to be and much more educated about their health and they're participating more and more. This is a good thing for them, it's a good thing in general that they're asking questions, that they're challenging their healthcare and, you know, taking interest, but it becomes a challenge for some of the other stakeholders in this sector because it's now more and more important that these people are getting information from appropriate sources. When their GP was their only source of information, that was easy to deal with. Now that they have access to information from people other than their GP and their physicians, it becomes challenging to make sure that when they're exercising their own decisions about their health that they're doing that based on good information.

And then we can get into some other specific technologies. So, machine learning and artificial technology... Artificial intelligence, I beg your pardon, is... There are more and more technologies coming into the health sector to improve healthcare, improve decision making, all of these things. This is going to be very powerful when it gets here, but there are some additional quirks in how these technologies work that create challenges for regulators and the regulatory frameworks.

So, on digital health broadly, when we get back to the slide with all the blue boxes I'm talking broadly about digital health technologies that are captured as medical devices. What has the TGA already done? So, while it's important to recognise that we have been regulating these products already and many of them are not brand new, what's happened is the ease of making them and the number of products has increased dramatically, but we're already regulating them. They are already examples of digital health products on the market and on the ARTG and they're captured under our existing medical device frameworks so they're regulated as medical devices.

The International Medical Device Regulator's Forum is a voluntary group of regulators from around the globe who get together and founded this organisation to accelerate harmonisation on medical device regulation. So, the TGA was a founding member of the IMDRF and we're an active member still. They have a specific working group based on software as a medical device. The TGA was part of that working group and they've been producing documents, internationally consulted documents, that provide some guidance around regulation of medical devices as well as the evidence that manufacturers need to produce and even just things like, how you can apply existing medical device standard around quality management to software products.

We've also engaged the CSIRO to do some research and consultation around software as a medical device and cybersecurity of medical devices. The CSIRO engaged early last year to start that project and they completed their research and open consultation components and that work is now going to be... I think on the next slide. Which is starting to produce some of the guidance and documentation that will help manufacturers understand what our expectations are here. So, the one that's open at the moment is our cybersecurity guidance has been uploaded and is up for public comment. If you haven't seen it yet, you can click on this link and go and read it and provide your comments. I think it's open for another week and a half. So, if you are interested and you haven't yet had a look, you should get onto that.

The IMDRF has recently formed a group focusing on cybersecurity of medical devices, which captures, obviously, many digital health technologies. This group has recently started a meeting and we can start to expect them to produce guidance documents similar to the other IMDRF working groups. And TGA is represented on that group.

Then we are reviewing the regulations and the framework. Like I said earlier, the framework was written before many of these applications of medical devices existed, before we even had smartphones in our pockets. So, we are going through a period of reform to look at what could be changed, what we could adopt from overseas or where we could seek harmonisation about the jurisdictions. And part of that whole process is consultation. Whenever we're going to change the regulations, we're going to consult to see the impact, but also to make sure that it's going to have the effect we all want, which is better and safe, effective medical devices available for the Australian public.

We will produce some guidance documents on software as a medical device. It's a particular focus point, it's quite a high profile amongst the sector and other jurisdictions are doing work here, as well. We will produce guidance, but now it's important to recognise that in Australia, SaMD doesn't require its own separate framework. It is captured under the medical devices framework. What we're really doing in the reforms around SaMD and around the medical software is making sure that it's appropriatly classified, making sure that the current regulations are clear about the expectations. Regulation of medical devices in Australia is based on risk. The idea being that medical devices represent a higher risk or a higher potential for harm to the patient, receive more scrutiny from your regulator and those products are obviously less.

We're not sure at the moment that the framework suits all the classification that decides what level of scrutiny correctly applies to all the novel technologies. Software as a medical device is one place where it doesn't really capture the fact that software can cause patients harm. The regulations were written and it was really only considered that medical devices could harm a patient through a physical interaction. So, software as a medical devices is a particular focus at the moment and you can expect consultation and more material coming from us over the next 12 months.

We're going to do more stakeholder engagement. So, this webinar series is part of that. There will be other activities, not just consultation, but we will be looking for more opportunities to engage with you, to understand what your challenges are, but also to explain our challenges and what our proposed solutions are for those. And related to all of this is us continually developing our capability. Obviously as the volume of digital health products increases in the market, we need to adapt as well and make sure that we are able to deal with products that we are going to include and register, but also the ones that we can see coming out of universities and start-ups.

There are a few future challenges that we're not focusing on right now, but we will. We've been thinking about how we're going to deal with them. One of those is AI and machine learning technologies. There's sort of a sub-part of the challenges around software, but they have particular quirks around the way they work that makes them a little bit of a challenge. One example is that they can change themselves in the market without supervision. So, regulation at the moment is sort of based on the idea that a manufacturer is certified to make a product, they make that product, they freeze the product in time and release it to the market. So, all that evaluation has been done on a … product. Someday it'll happen, a new feature and a new opportunity for improvement will come around and the manufacturer will make that change, re-evaluate it and notify the regulator, a certification is needed to do that, and then they'll release the changed product to the market, but again, that product is frozen, its behaviour is uknown and it doesn't change without a manufacturer. It doesn't change.

One of the challenges with AI technologies is that the product will get right into the market and it's going to change in the market without the direct intervention of the manufacturer. So, how do we as the regulator work with the manufacturer to make sure that those products are only changing for improvement and not going the other way. How are we going to take that? How are we going to work with the companies producing these products to make sure that those products remain safe and effective?

Related to that is devices learning from their own decisions. So, in this case, not just that they might change their performance, but how do we ensure that their learning can improve decisions in the group data sets so that we can make sure that they're improving and not going the other way?

Centralisation is not unique to AI machine learning, but it is a big component of those technologies. This is where the device they're using might not be actually doing an work. So, centralised service, the cloud, technologies where a server could be in another jurisdiction, could be in the same country, but in a different location than where they're using the product. So, I've got a smartphone application, which is really just a front-end, nothing is happening on my phone, it's being sent to a central server that does the work and then shows me the answer. So, how do we regulate a product that is centralised and actually oversees? We need to regulate the part doing the work and the manufacturers validating that product. How we regulate that is a different way of thinking than we are used to when this is the device right here that we're using. And then the digital health... There are some things on the horizon, but there are other things that we don't know about yet that haven't been conceived yet. So, really the future challenges in some ways are unknown.

So, that's the main content from me, but when you registered, you had the opportunity to ask questions, and thank you for using that opportunity. It helps us prepare when we're giving these webinars so that we can see where the gaps are, what you want to know, it also will impact future activities, so there might be questions you've asked that are outside the scope of this webinar or bigger than this webinar, we can use those to inform future webinars or future activities or guidance documents. So, today's answer to those questions is thank you, to everyone else, you know, on that registration page for future webinars, please do submit them. We are logging them all and using them to inform our activities. So, what I'm going to do now is just go through some of the questions, the more common ones that were asked during registration and then we can get onto if there's any other questions from you today.

So, this one is quite common. We get asked this a lot and the answer is yes. Mental health disorders and conditions are captured under the idea of clinical condition and therefore devices that work with those conditions are regulated and what you want to be doing is going back to the definition in section 41BD and see if your device does one of these things for mental health conditions.

So, this question... I've had this from a few places, but I suspect most of the time it comes from the companies who make medicines who are now producing support products for their drugs. They've got the technology to do that now and the answer is yes, if the product hits the definition of a medical device and it's being used to help deliver a drug or decide which drug will make a decision, the answer is yes, it's regulated. It's that definition. So, one example of a medical device relevant to the pharmaceutical sector is a dosage calculator. If you're developing products that help patients or physicians calculate their correct dose, they can be captured as medical devices.

I grouped a few questions together here, because I think they will have the same general answer. I think mostly this has been covered in the slides I've presented and I hope you have a better idea now which digital health technologies we regulate how phone apps and other mobile technologies fit into that and it's not really about whether any categories of digital health are exempted, it's about whether it's a medical device or not. That's the line we're interested in because that's what's in our legislation. So, in short, again, go back to the definition of a medical device regardless of what new technology you use, if it fits that definition, it's going to be regulated.

Have a look at this page if you're specifically working with software technologies and the other point I wanted to bring up here is that it's the same process we regulate medical devices and these technologies are currently captured under that framework. So, the processes, the applications that use all those things are the same.

Cybersecurity comes up a lot and the way it's seen is that it's one risk that needs to be managed.

There are a lot of different risks associated with medical devices and medical device manufacturers are very good at assessing risk and mitigating risk. Where cybersecurity fits in is it's now another risk we expect you to have considered. And that's really how we do it. So, it can be more challenging and the methods of negating it are quite different to what the sector's used to, but the way we see it is it's another risk associated with medical devices and under the regulations risks are required to be minimised and reduced as far as possible.

Are we building a separate regulatory scheme for digital health?

Hopefully from the previous answers you've already got a feeling of what the answer is, but it's no. There's no reason for that. Again, what we're interested in is it a medical device? Because that's what the legislations defines and that's where our abilities as a regulator come from. So, we're not planning to build something different for digital health. The way that the medical device framework has been written facilitates capturing the novel technologies, it gives freedom to manufacturers in how they can demonstrate compliance and so, there's really no need to be creating additional frameworks at this stage. That's not to say the current framework is perfect. As I've said before, we are reviewing it. And identifying where amendments or other changes or even guidance on our expectations might be made.

Some other agencies are looking at how to capture the products that are not medical devices. So, when something is a medical device or IVD stands for in vitro diagnostic for those unfamiliar with the term. Where something is a medical device or an IVD it's clearly regulated by the TGA. When things are not medical devices because they don't meet that definition there's discussions occurring about what sort of oversight they might need and at the moment that's happening within other agencies.

This is a common question. Tips particularly for people who are not familiar with the sector or the TGA or the medical device regulation. So, if it's a medical device it's regulated that way.

In a couple of the other questions in the slides, I said software are still a medical device we regulate the same way, digital health technologies at this stage. If you are captured look at the general advice on how medical devices are regulated, because they're the same process as you're going to be going through. The same requirements, which is these central principles, look those up on our website or in our regulations. They are the requirements of medical devices. They are the same requirements no matter what the medical device is.

They're written as principles which helps us capture novel technologies and it gives you the freedom on how you demonstrate compliance. So, have a look at the basics for medical device regulation, have a look at the central principles. Then come and talk to us if there are challenges with your new technology or your product, let us know in the consultation and when we're out and engaging in other activities. Cause this is how we identify which sections need review or more.

Clinical Trial Notification have come up a few times. This is the link with more information about notifying clinical trials. Again, I'm repeating myself a bit, but software is a medical device. So, yes, if you've got a software product, software is a medical device or some other software that's captured under the medical device framework you'll look at the rules for medical devices when it comes to declaring clinical trials. If you need more information on how your particular medical software is regulated, whether it's software as a medical device or some other category, look at this page.

The answer to this is, yes, we take pre-submission meetings on digital health products like we do with other therapeutic groups. So, the answer is yes, and have a look at this page for more information on how to get those meetings.

Harmonisation is bigger than today's topic and we can't cover that in the time I have to answer your question, but in summary the TGA seeks international harmonisation where it's possible. I mentioned earlier that we founded with some other regulators the IMDRF and remain active in the organisation. We've also recently released guidance on how you can use evidence from overseas regulators to apply for inclusion on the ARTG to get market access in Australia. But keep in mind that there are cases where some products are regulated differently in Australia because there are risks that are unique to Australia and because our legislation is written to protect Australian patients and consumers.

So, your device, your digital health technology is connected and collecting evidence and measurements all the time. Can you use that to demonstrate your compliance? Absolutely! That is one of the big advantages of digital health technologies that it can collect data more frequently, you know, data collection is one of the benefits of these technologies. So, feed it into your evidence dossier with the other evidence you've collected. There will still be cases where you have to go away and do specific studies with some of your products, but just bring it with your other evidence and present it as part of your case for compliance. Another big advantage is that it facilitates ongoing post-market monitoring. And you can expect that your product is capable of collecting data and you demonstrate it to us and use it as part of your evidence that we're going to expect you to also utilise that technology to improve your post-market monitoring.

So, thank you for the pre-registration questions. It gives us time to research and identify how to structure the presentations. We've still got some time left for other questions if you have them.

RACHEL: So, while we go through that, you might just put it on mute and I'm going to put some more polls up so we can read a few of those. So, just stay with us for a moment and we'll be back.

DR LEE WALSH: OK, so the polls are closed. I'll start answering some of these questions. So, thank you, again, for asking questions. I'm just going to work through them until we run out of time. So, one question is, what about software in a medical device? So, one of the links I put up, regulation of software as a medical device, and if you go to the TGA website and search for regulation of software, you'll find the page. It tells you how we capture software in a medical device. So, again, this is not something that's new. Medical devices have had software for a long time. Most active devices that are making any sort of decision all have software in them. When that's the case, it's regulated as part of the device. So, an example would be a pacemaker, they have a firmware on board that helps the device make decisions about whether this is the time to shock or not.

That software is part of the pacemaker, part of the pulse generator, it's not regulated separately and that's true of any other software that's on board a hardware medical device. It's part of the hardware, it's just another component, but we still expect to see the same standards of how that software is developed and produced like the other components.

So, this material could be your web page and prevention could be broad. So, on your web page, yes, that's a platform. Web browser, software that runs on a web browser or a web page, can you capture it? Yes, prevention on many of the other things the definition can be taken quite broadly and that's where the intended use of the manufacturer can help and can help you decide what do we actually intend it to do? What are we going to market it to do? What are we going to tell doctors to use it for? That's what we're looking at. How you intend.

Does the TGA regulate 3D printing medical devices?

So, by putting the word medical device, you can answer the question yourself. If it's a medical device we regulate it, yes. The way we see 3D printing is a manufacturing technology. How you manufacture a medical device is not particularly relevant in terms of whether it's regulated or not. If it's a medical device it's regulated and we're going to look at your manufacturing processes as part of the certification. So, like with any other manufacturing technology, you're going to have to validate your device. So, prove that you've designed something that does what you intend and you're going to need to verify that you manufactured that design. That changes depending on the manufacturing technology, but we certify manufacturing, it's a big part of regulation.

Four class 2B medical devices, do we need to notify the TGA with any software updates or new version at the moment? After PC notification approval?

So, the way we're doing software updates is around any other change, it's just another change to the device. So, the same sorts of decisions apply. The uniform recall procedure for therapeutic goods applies in some cases where the change is in response to an incident and those transactions are required, so look at that document for guidance there. In terms of changes to the entry and the register, the same decisions processes are used. So, what is the impact of the change and how is it captured? This is already down under medical devices and software updates are another design change, it's just what we call a design change to a piece software. When can we expect SaMD guidance?

Soon, I hope. We have the web page I cited a few times, which is now our landing page for SaMD. So, bits and pieces of new information and guidance material will go up there or be linked there. In terms of a formal TGA guidance document... Excuse me. We're consulting on SaMD on how the regulation could be reformed to improve it. That's expected within the next couple of weeks and that's a part of the process. So, until we sort of know what the regulation of the future will be we won't be producing guidance. So, once the process of consulting and changing has been through then we'll start producing specific guidance.

So, I'm being asked to emphasise the question. So, the question, does the TGA have a definition for who should be responsible for digital medical device management by a hospital?

The TGA regulates sponsors and manufacturers of devices. So, we have control over the manufacturer and the manufacturing processes and some control over the devices. However, our powers and regulatory abilities are all related to how we work with sponsors and manufacturers. Uses of devices, which is where hospitals, clinics, doctors, patients and consumers fit in, we don't regulate any of those people.

So, I understand that the question is probably more related to do we have any idea, any guidance there, but it's not something we have control over. We can't mandate there because we don't regulate hospitals and we don't regulate users. Certainly, with regards to the devices and instructions for use, there are regulations around what the manufacturer needs to tell users and we can exercise regulation over that and encourage manufacturers to provide whatever information is needed for the device to be used safely and effectively. And one of the things you'll see in a consultation paper and the guidance documents is coming up on these topics. Over the next weeks and months we'll be around this issue of what information should manufacturers be providing to their users around things like cybersecurity, IT environments, connections, even things around home networks where the devices are intended to be used by a patient at home.

So the question is, for mobile apps, do you foresee the TGA recertifying each SaMD version as OS versions change? The iPhone changes, the iOS.

This really comes down to the risk. Changes to medical devices are a new risk assessment. So, manufacturer would have done this in producing the update and changing the version. What it comes down to is has the risk profile changed for the patient and the user? Will who's using the device need something different?

If the manufacturer can demonstrate that the change has no risk change for the patient or reduces it, generally changes go through easily. Where the TGA turns its scrutiny is to changes where there might be increased risk. So, part of your responsibility as a manufacturer producing a product that lands on a general public platform like an iPhone, is monitoring that platform or how it changes and how the changes to that product affect your product. It's then down to you to reassess the risk and now where you're going to want to see is how has the risk changed? And how do you address it? In regards to whether we are going to certify every single software update will require assessment. We won't do that now, there are already software products on the market. We don't mandate assessment on every single software out there. It's done on a risk based process like everything else.

Question is are products such as FitBit or an Apple Watch regulated by the TGA? This comes back to the definition of a medical device. General purpose health well-being fitness products are not regulated by the TGA. So, a FitBit is not a medical device, it doesn't meet that definition. It's not regulated. The Apple Watch is trickier because there are multiple products around at the moment. You might have seen press releases around an Apple Watch receiving certification by the FDA, that's because that particular Apple Watch is a medical device and therefore it is regulated. So, there are examples of products that have been health and well-being that are crossing into the medical device space and they do become regulated.

OK, so I'm noticing that we've run out of time. So, all the questions have been recorded even if I haven't had a chance to answer them. They're going to helping us inform our activities. There's a question here about what you do if you have other questions about digital devices. The address for the specialists is digital.devices@tga.gov.au that will get you through to the team focusing on digital health, but if you just got general questions about how medical devices are regulated or the processes you need to go through, the better inbox would be devices@tga.gov.au. Because they're the ones who deal with those inquiries more often. So, thank you, for the digital devices and Rachel's just put that up for me in chat. And the second one is for general inquiries about how you get your device on the system. So, thank you very much for attending and we look forward to doing more of these webinars. Please let us know your feedback and which topics you'd like covered in the future.