Strategies for mHealth Companies Wishing to Avoid FDA Regulation
(I would like to thank Leah Kendall of EpsteinBeckerGreen and Dane Stout of the Anson Group for their comments on a draft. The views expressed, right or wrong, are only the author’s and should not be attributed to anyone else.)
Most people know the difference between tax avoidance and tax evasion. Tax avoidance is the lawful planning of such things as charitable contributions to minimize taxes, while tax evasion is the unlawful and usually deceitful actions taken to hide income. In this article, I will share some tips for the avoidance of FDA regulation, not the evasion of FDA regulation.
This article is the fifth in a series of seven planned articles. The first three articles dealt with understanding the scope and nature of FDA regulation for mHealth, and the fourth article advanced the notion that IT companies wanting to make money in health ought to consider entering the FDA-regulated zone. Nonetheless, subjecting your company to FDA regulation is not for everyone, so this article is designed to help those who have decided to stay out of the production of FDA-regulated finished medical devices. In particular, I explain four ways to connect to health markets, and the pluses and minuses of each such approach.
The Binary Misunderstanding
Some IT companies new to the health field seem to misunderstand the nature of FDA regulation, and think of it as all or nothing. In other words, a company is either a manufacturer of medical devices and subject to the full panoply of FDA requirements, or they're not and likewise are not subject to any FDA restrictions. But that's not an accurate depiction.
Instead, companies should think of FDA regulation as a continuum. Diagram 1 below illustrates the two extremes and a few of the cases in between.
On the far right side, the diagram depicts the traditional manufacturer of finished medical devices that is indeed subject to all of the FDA requirements for medical devices. Even here, though, there are different levels of FDA requirements depending on the novelty and risk associated with a particular device. As outlined in the second article, devices are classified into three different classifications, and the types and burdens of FDA regulations vary considerably. Class III medical devices include such things as pacemakers, embody the greatest risk and thus must meet the most demanding requirements. Class I devices include such things as tongue depressors and have very minimal FDA requirements. Indeed, most class I devices do not even need to be approved by FDA, and the quality system requirements might be very basic. Many mHealth devices might fall into class I or class II. All of this was covered in much greater detail in the second article in this series.
On the far left side, the diagram includes unregulated articles such as personal computers that contain no medical references at all and over which FDA has no regulatory authority. It's the stuff in the middle that is interesting for mHealth purposes.
The cases in the middle include, for example, companies that merely make components for others to use in manufacturing medical devices, distributors of finished product that have no control over the promotional claims or the design specifications of the device, and contract manufacturers that make finished medical devices at the direction of another company. These different functional responsibilities all have narrower sets of FDA requirements that apply to them, directly or indirectly. It's important to understand the range of possible relationships before talking about ways to reduce or avoid FDA requirements, and exactly what that means.