The FDA has released its plans for Final and Draft Guidance Documents for fiscal year 2019.   There are A and B lists for each category in terms of FDA's priority for action. On the A list there are 11 current drafts scheduled for finalization. The drafts of seven of these are from late 2017 with the remainder from 2018. There are 5 drafts on the B list. For new topics for which the FDA is considering developing a draft (as opposed to committed to developing one) the A and B lists have 10 and 2 items respectively, but the B lists have no items directly related to our domain.

Of the 11 current drafts on the A list that are targeted for finalization there are two that are specifically related to software. These are:

(1) Changes to Existing Medical Software Policies Resulting from Section 3060 of the 21st Century Cures Act

(2) Clinical and Patient Decision Support Software

We briefly addressed the latter draft in a previous post.

New A list topics targeted for drafts in the software arena are:

(1) Content of Premarket Submissions for Cybersecurity of Medical Devices of Moderate and Major Level of Concern

(2) Computer Software Assurance for Manufacturing, Operations, and Quality System Software

(3) Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices

Since these are currently only topics, there is no further documentation available.

Another part of the FDA’s announcement is concerned with older existing guidances that it will review for continued relevance. One of these is Off-The-Shelf Software Use in Medical Devices  which dates back to 1999. The FDA notes that parts of this document may have been affected by later legislation including the Cures Act and therefore it is ripe for revision.

For those keeping score, the FDA also has a list  of 19 existing guidances and two drafts with “digital health content”. And there is the FDA’s pre-cert pilot program which we have discussed here and here.

Keeping up with this evolving material can be a daunting task, and this is certainly part of the “regulatory burden”. Of course, actually complying with guidances and associated regulatory expectations is no less demanding.