The NMPA released three guidelines in a single day, March 9, 2022 in an effort to regulate and support the rapid development in digital health:
- Guideline for Artificial Intelligence in Medical Devices Registration
- Guideline for Medical Device Software Registration
- Guideline for Medical Device Cybersecurity
Referencing to FDA and IMDRF guidance, these guidelines aim to harmonize with international standards, with focuses on risk factors and product total life cycle management.
For the English copy of the three guidelines, please email info@ChinaMedDevice.com. We charge nominal fees for the translation.
Check out our technical review on AI-aided Software Guideline. The article was published on BioWorld, a Hong Kong-based biotech magazine.
Guideline for Artificial Intelligence in Medical Devices Registration
This guideline, replacing “Technical Guideline on AI-Aided Software” issued in June 2019, applies to AI devices, including the Class II and III stand-alone software (SaMD), medical devices and IVDs containing AI software components. The components are not used for external software environments.
AI medical devices can be divided as assisted decision-making and non-assisted decision-making. The risk of former devices is usually higher than the latter.
- Assisted decision-making:
auxiliary triage, auxiliary detection, auxiliary diagnosis, and auxiliary treatment are carried out through the identification of lesion characteristics, determination of the nature of lesions, medication guidance, and treatment plan formulation.
- No-assisted decision-making:
simplified imaging process, simplified diagnosis and treatment process, improved imaging quality, increased imaging speed, automatic measurement, automatic segmentation, 3D reconstruction.
Outline of the Digital Health NMPA AI Guideline:
1. Application scope
2. Main concepts
(1) Artificial Intelligence Medical Devices
(2) Types of artificial intelligence medical devices
(3) AI algorithm update
3. Basic principles
(1) Based on the characteristics of the algorithm
(2) Risk orientation
(3) Quality control of the whole life cycle
4. Artificial intelligence medical device life cycle process
(1) Demand analysis
(2) Data collection
(3) Algorithm design
(4) Verification and confirmation
(5) Update control
5. Technical considerations
(1) Registration unit and detection unit
(2) Network security and data security
(3) Mobile computing and cloud computing
(4) Human factors and usability
(5) Stress test
(6) Confrontation test
(7) Third-party databases
(8) White box algorithm
(9) Integrated learning
(10) Transfer learning
(11) Reinforcement learning
(12) Federated Learning
(13) Generative Adversarial Networks
(14) Continuous Learning/Adaptive Learning
(15) AI algorithm programming framework
6. Algorithm research data
(1) Algorithm research report
(2) Algorithm update research report
7. Description of registration application materials
(1) First registration
(2) Change of registration
(3) Renewal of registration
Guideline for Medical Device Software Registration
This guideline applies to medical device software, including Class II and Class III independent software, medical devices and IVDs containing software components.
Outline below:
1. Scope of application
2. Main concepts
(1) Medical device software
(2) System software, application software, middleware, support software
(3) Software life cycle
(4) Software testing, software verification, and software validation
(5) Software traceability analysis
(6) Software update
(8) Software Algorithms, Software Functions, and Software Uses
3. Basic principles
(1) Based on software features
(2) Risk orientation
(3) Quality control of the whole life cycle
4. Ready-made software
(1) Main concepts
(2) General considerations for ready-made software
5. Quality management software
(1) Main concepts
(2) Quality management software confirmation considerations
6. medical device software life cycle process
7. Technical considerations
(1) Registration unit and detection unit
(2) Basic principles of clinical evaluation
(3) Network security
(4) Cloud computing
(5) Mobile computing
(6) Artificial intelligence
(7) Human factors and availability
(8) Interoperability
(9) Measurement function
(10) Remote access and control
(11) General computing platform
(12) Non-medical device functions
(13) Implant product design software
(14) Term of use
(15) Exception handling
(16) Functional safety and software reliability
(17) Implementation requirements of GB/T 25000.51
(18) Imported medical device software
8. Medical device software research materials
(1) Self-developed software research report
(2) Research data on ready-made software
9. Description of registration application materials
(1) Product registration
(2) Change of registration
(3) Renewal of registration
Annex: Standalone Software Product Technical Requirements (PTR) Template
Guideline for Medical Device Software Cybersecurity
This guideline applies to medical device network security, including the Class II and III independent software, medical devices and IVDs containing software components with one or more of the three functions of electronic data interchange, remote access and control, and user access.
Outline below:
1. Scope of application
2. Main concepts
(1) Medical device network security
(2) Data related to medical devices
(3) Electronic interface of medical device
(IV) Network security capabilities of medical devices
(5) Network security verification and confirmation
(6) Network security traceability analysis
(7) Emergency Response to Network Security Incidents
(8) Medical device network security update
3. Basic principles
(1) Network security positioning
(2) Risk orientation
(3) Quality control of the whole life cycle
4. the medical device network security life cycle process
5. Technical considerations
(1) Ready-made software
(2) Outbound medical data
(3) Remote maintenance and upgrade
(4) Legacy equipment
6. Medical device network security research materials
(1) Self-developed software network security research report
(2) Research report on network security update of self-developed software
(3) Ready-made software network security research materials
7. Description of registration application materials
(1) First registration
(2) Change of registration
(3) Renewal of registration