iSpeak Blog

A Risk Based Approach to Regulated Mobile Applications



According to industry estimates, 50 percent of the more than 3.4 billion smartphone and tablet users will download mobile health applications by 2018. With the development of mobile computing, a large proportion of the population can now carry considerable computing power in smartphones and tablets which puts regulated applications (also known as apps) that may be classified as medical devices into the pockets of the public. Given the availability of such computing power, it was inevitable that the life sciences industry would attempt to leverage it, and in some cases leading to regulatory implications. After the FDA approval of the iPhone-based electrocardiograph mobile app, the FDA responded to the increase use of mobile medical apps with a publication of guidance in 2013. However, there are a couple of challenges to take into account including:

  1. A mobile phone platform used casually by consumers does not present a traditional validation process and the control of the platform becomes a significant challenge.
  2. The difference between regulated and unregulated apps can be quite subtle. For example, FDA notes in the 2013 guidance that a dosage calculator that considers only weight and gender is not a medical device, but if information related to disease state is entered (e.g. blood pressure, blood glucose levels, etc.) then the software would be regarded as a medical device.

To address these challenges, ISPE’s new GAMP® Good Practice Guide - A Risk Based Approach to Regulated Mobile Applications provides a risk-based approach to implementing and supporting regulated mobile apps for both regulated organizations and mobile app suppliers. The guide focuses on the unique issues related to mobile app software and offers an approach to validation of a variety of application types to maintain compliance and control throughout the lifecycle by applying GAMP principles. The document provides guidance on two basic types of mobile apps:

  1. Mobile medical apps, which are defined by FDA as: a mobile app that meets the definition of device in section 201(h) of the Federal Food, Drug, and Cosmetic Act (FD&C Act) 4; and either is intended:
  • to be used as an accessory to a regulated medical device; or
  • to transform a mobile platform into a regulated medical device

Mobile apps that are integrated into standard GxP operations at a regulated company, e.g. as an element of a regulated computerized system, such as an interface to an instrument or control system. To learn more about the GAMP® Good Practice Guide - A Risk Based Approach to Regulated Mobile Applications, you can review the table of contents on the society’s website.