Movement in the Commission – medical devices policy back to DG Enterprise

European CommissionLast week we finally had some new interesting developments (sorry for the boring silence on this blog but there was really nothing to report): the new Commission has completed and we are getting some first glances into how the new Commission sees EU medical devices policy going forward. With the unveiling of the new #teamjunkcer of Commissioners, it transpired that as part of the inevitable reshuffling that is part of a political process, the unit responsible for medical devices policy (together with medicinal products policy and the whole EMA organization) moves (back) to DG Enterprise.

It started with internal market legislation

I think this is significant news because the regulatory system for medical devices, CE marking, is originally an internal market oriented system that started out in DG Enterprise as part of the New Approach that created the CE marking legislative technique that helped complete the EU internal market in time for the political deadlines on the table in the early nineties of the last century. It was only moved to DG SANCO in 2010 when the last Commission started its term.

EU rules on market authorization for medicinal products are historically intended to primarily reduce regulatory burden of having to go to each member state separately, while ensuring safety and performance by means of the essential requirements, medical device specific conformity assessment procedures. And no, this does not mean that medical devices are regulated as toasters. If the people that said that would only take a look at how the medical devices directives work in the flowcharts of the unfortunately abandoned annex 8 of the old Blue Guide

In the mean time the Lisbon Treaty entered into force which contains quite clear restrictions on the EU to legislate in healthcare (article 168 (4) TFEU)

“[The EU] shall contribute to the achievement of the objectives referred to in this Article through adopting in order to meet common safety concerns:


(c) measures setting high standards of quality and safety for medicinal products and devices for medical use.”

provided that (article 168 (7) TFEU)

“7. Union action shall respect the responsibilities of the Member States for the definition of their health policy and for the organisation and delivery of health services and medical care. The responsibilities of the Member States shall include the management of health services and medical care and the allocation of the resources assigned to them. [...]“

Practical problems

These restrictions cause practical problems in situations where the EU does more than take common action with a view to meeting safety concerns in the medical devices field (yes indeed, for example the Joint Immediate Action Plan) or arrange for a common market access and post market surveillance mechanism (that sounds a lot like the three medical devices directives and their implementing measures).

Sometimes this level of involvement works (when member states are defending their national healthcare reimbursement systems) and sometimes it doesn’t (for example when the European Parliament tries to outstep for the In Vitro Diagnostics Regulation proposal with its genetic testing devices proposal, see for background here).

The Cross-Border Patient Rights Directive and the eHealth measures based on it are a good example of some of the tightrope exercises the EU is doing when trying to regulate things it perhaps is not completely allowed to regulate in healthcare.

Re-orientation on internal market

So to me the move looks like a re-orientation on the internal market aspects of medical products.

The consequences – I think – will be an EU policy that is more about integration and harmonization with a view to a more efficient and innovative market than careful but active intervention in the delivery and development as such as of healthcare as a matter of EU policy, which is exactly what the EU is supposed to do.

This will likely have have consequences for the developing mobile health market, which is all about how healthcare is delivered to individuals. It will be more about bottom up harmonization than the Commission proposing top-down interoperability standards and patient rights in relation to cross-border mHealth.

Also, SANCO has not been able to get the EMA to make regulation and market access of ATMPs a success, which has deprived innovative biotech SMEs of opportunities in the European market. In my professional activities I see SMEs run into the ground at the EMA with innovative ATMPs all the time. The consequence is that many SME have given up seeing their products through to market access and instead hope to be acquired on a proof of concept before their money runs out.

More in general SANCO has been less than innovation friendly in its regulatory policy so far putting NOs in innovation with a perhaps overly cautious approach, for example with the eLabeling regulation that requires paper labeling of apps.

Maybe this will also be fixed under the new Commission. A lot of ifs and buts remain of course while the political dust settles, but from where we are now, this is how it looks to me. Those who claim the moral high ground in health policy will say this is bad and innovative industry will say this is good.

So what will this mean

for the MDR and IVDR in the legislative process? The Commission is still an important voice in the process and takes an important role in the trialogue to bring the Council and Parliament closer together. With this reshuffling the Parliament could perceive the Commission as more biased towards the internal market and on the side of the member states that are no fans of the Parliament’s proposal – even if they have formally not even looked at that yet. The ENVI committee has not formally appointed a new rapporteur for the MDR with Dagmar Roth Behrend, famous for polarizing this dossier, on the way out. And it’s unclear still if the rapporteur for the mostly ignored IVDR (Peter Liese) will change as he is still member of ENVI.

It is safe to say that DG Enterprise will stick strongly to the internal market aspects in the MDR and IVDR proposals that come from Regulation 765/2008 and Decision 768/2008, which basically shape CE regulation and market surveillance on the markets thus regulated that comes after the Goods Package in 2008 (e.g. the supply chain rules in them).

Conclusion: no definitive answers yet unfortunately, as there are too many things that still have to become clear. But, with the new Commission’s plans we have a first idea of where things might be going.

Updates, patches, add-ons, plugins & the Blue Guide

Schermafbeelding 2014-08-13 om 20.36.51Here is some follow up on the previous Blue Guide post: the new version of the Blue Guide is the first to address software updates to CE marked products, including software. For the purpose of this blog this would typically be standalone software that constitutes a medical device in the meaning of MEDDEV 2.1/6.

Harmonised standards

When standalone software that constitutes a medical device is updated, patched or has its functionality expanded with a plug-in or add-on, the same rules apply as to a normal medical device that it is serviced during its lifetime, except that the EU harmonized standard for medical devices software EN 62304 has a few processes to add that are relevant to updates, patches, plug-ins and add-ons. These processes are explained up to a point in the helpful EN 62304 FAQ.

New requirements in MDR and IVDR

The proposed new medical devices and IVD regulations have some new additional clauses with respect to repairs and replacement parts that would also apply to standalone software as medical device, even though they are written for widgets, which is one of the flaws of the proposals. They are supposed to modernize EU medical devices law for decades to come, but fail to account adequately for the development of standalone software medical devices.


Why such a brief post – you are used to a lot more detail from me normally, right?

Well, that’s because this post is a summary of the article I wrote in the legal and regulatory journal eHealth Law & Policy, which the publisher kindly permits me to put on my blog and you can download it here. I warmly recommend the journal if you want to stay in touch with legal and regulatory developments in eHealth and mHealth.

I have just written an article on unannounced audits by notified bodies specifically with manufacturers of standalone software medical devices in mind, so if you’re curious, take a look.

Where are we with the MDR and IVDR after the Greek Presidency?


Some time ago I promised you a follow up on the 20 June Council meeting, but I also mentioned that it could wait for a while at the time because the outcome was not that spectacular or even unexpected.

On 20 june the Council had its last deliberation on the medical devices and IVD regulation proposals of the Greek presidency. We’re over to the Italian presidency now, with a new Parliament and a new Commission following the EU elections and the expiry of the mandate of the 2009-2014 Commission.

Far apart

Where are the member states amongst themselves on these dossiers? A good source is the Dutch Health Ministry’s annotated rather frank briefing for the 20 June Council meeting. That document essentially makes the point that the Member States are still pretty far apart on the two important points discussed at the December 2013 Council meeting: market access mechanism and reprocessing. That was before the 20 June meeting, mind you. As you will see below [spoiler alert!] it seems that this divide has not grown narrower at all.

Working Party

Since October 2012 the Council has the Working Party on Pharmaceuticals and Medical Devices working to produce compromises for the purpose of a common position to come to a first reading. In the mean time we have spent many happy hours in suspense poring over the stream of documents coming out of the working groups, busily proposing changes and hoping that it makes a difference. The Council has generated proposals on a per chapter basis in order to foster agreement amongst the Member States:

These proposals may not be the very latest available, but it is what’s available publicly on the Council’s document service. They continue to be revised and fine-tuned as the Member States do their alignment dance to arrive at a common position that will permit adopting a text in first reading. At the time of the 20 June Council meeting they had been revised almost twice. So far however a common position is not on the horizon, and even a general approach is not in sight for the moment.

During the second part of the Greek Presidency, efforts have concentrated on Chapters IV (Notified Bodies), VII (Vigilance and Market Surveillance) and VIII (Governance), which (according to the Council’s progress report) contain many of the most important innovations compared to the current EU legislative framework for medical devices.

The hangup with Chapter IV (Notified Bodies) is that some Member States are concerned that the procedures could be too burdensome from an administrative and financial perspective. Also, Member States may feel that they have already accomplished a lot under the Joint Immediate Action Plan. that consisted largely of a thorough pan-EU review of the notified bodies accredited for the medical devices and IVD directives.

Chapter VII remains a bone of contention because some Member States want this chapter reinforced so less administrative and regulatory burden can go into market access, like the Dutch and UK. Other Member States are completely against this.

Chapter VIII leads to disagreement because several Member States are not convinced that the MDCG, the intended EU level ‘steering committee’ for the medical devices and IVD regulation will be able to fulfill its tasks for lack of capacity. This is a view shared by many on the outside as well, by the way. Also, some member states are not sure that the reference laboratories (who will undoubtedly be very good at testing) will be able to provide a contribution relevant for regulatory purposes, a view that is also shared on the outside.

Did the 20 June Council meeting change anything?

Not really. At stake were three questions posed in the Progess Report prepared by the Greek Presidency:

  1. Does the text set out in Annex C [of the Progress Report containing a proposal for Chapter IV on Notified Bodies] constitute a good basis for the further discussion on the provisions regarding designation and monitoring of Notified bodies?
  2. Are specific provisions on post-market surveillance under the responsibility of economic operators a necessary element to secure an adequate level of protection of patients? 
  3. Bearing in mind the aims of the proposed Regulations, and in view of the resources required, is it desirable to allocate further tasks to the MDCG other than those foreseen in the Commission proposal?

The result was largely a repetition of moves reminding me of the ‘wheelbarrel of frogs’ that we had seen in the previous Council meeting in which all Member States were allowed to give their opinion about the two (then) most important elements of the proposal. I won’t repeat how everyone went everywhere on the proposals and how the IVD regulation was completely ignored again, but here is the median:

  • Annex C looks OK for some but still needs substantial work according to others;
  • Yes to considering specific PMS provisions in one form or another say most Member States, but which form (because nobody agrees on that)?;
  • Several states remain unhappy with the MDCG because they are not convinced it will be able to carry out its tasks effectively.

The meeting concluded that this Presidency has made progress but not enough for Council to adopt a position or even a general approach. Several Ministers and Commissioner Mimica expressed hopes that enough progress can be made in the coming months to achieve a Council position under the forthcoming Italian Presidency. Some proposals were made with different political implications:

  • Germany proposed that a parallel group work alongside the Council Working Party during the Italian Presidency; and
  • France wanted discussions to be moved from Working Party to COREPER level

This is a sign that the more vocal big Member States want to throw more political weight behind the dossiers in order to progress them, as they are starting to get annoyed with how things are bogged down at them moment. However, Germany and France are not the only big member states and small member states may gang up in surprising opportunistic coalitions.

Italy, as new holder of the Presisdency, expressed its strong will to progress with the file to the best of Council’s combined abilities under the Italian Presidency. In addition to the Greek Presidency’s three questions in the progress report, Ministers were invited to comment on the Commission’ Staff Working Document (SWD) on Implementation of the Joint Plan for Immediate Actions. Not many interesting comments there.


The official version of the moment is that the Council will try to achieve a ‘pre-pack first reading’ by involving the Parliament closely in its discussions towards a first reading, according to the Progress Report:

“Since the examination in the Working Party indicates that delegations wish to make changes to the proposals that do not concur with the European Parliament amendments on all points, interinstitutional negotiations will be needed in order to reach an agreement. Such negotiations could take place before the formal adoption of the Council position at first reading, in which case the European Parliament could approve the Council position without amendments in accordance with Article 294(7)(a) of the TFEU resulting in an “early second reading agreement”.”

And the Council plans to have achieved this in autumn, according to the 20 June meeting press release. This will mean intensive contacts with the new Parliament’s ENVI committee and the new Commissioner for Health (more on that below).

The optimistic Italian Presidency even plans to put the whole dossier to bed signed, sealed and delivered before its Presidency’s end. The Italian optimism I think is completely unrealistic. More realistically, if the pre-pack first reading plan fails (which in the end will really depend now on how much the new Parliament wants to stick to the previous Parliament’s not always well-advised proposed changes to the initial text because the Commission and Council are far closer than the Parliament and the rest), there is the default legislative route of slogging on to a second reading as fallback.

There are rumors however that even this is far too optimistic and that the Member States are so far apart that they will most likely not agree on a common position during the Italian presidency, that it may also not happen during the Latvian presidency in the first half of 2015 as initially thought and that even the Luxemburg presidency in the second half of 2015 may not close the deal. And then the Council has not even started to negotiate with the Parliament and Commission in the trialogue in order to align with a view to a final text. This. of course, is a bad thing to hold over the market with industry in dire need of some predictability of when it should plan to have transitioned to a very far reaching overhaul of EU medical devices law.

New Commission and Parliament

Will the new Commission and Parliament make a difference? As yet we do not know who will be ENVI committee rapporteurs for the two regulation proposals, nor do we know the new Commissioners and how the medical devices dossier will sit in the Commission’s organization. So it’s too early to tell whether these two factors make a difference and what that might be.

My feeling…

My feeling is that these dossiers will drag on for a long time still, and this is not in the interest of the EU, which badly needs an updated regulatory framework to deal with modern technology such as nanotech and 3D printing. The FDA seems very active in modernizing its approach and planning ahead with a new four year plan. All the EU has brought to bear so far after the Commission’s initial proposal for the new regulations are disharmony, delays, insecurity and fact-free proposals that do not solve the problems. Not a pretty picture of an effort that is supposed to set the goal posts for EU medical devices regulation for decades to come.

On a positive note, the current framework is and remain incredibly flexible and can still accommodate most regulatory needs even though it is in need of updating in light of the Goods Package (see here about the Blue Guide that explains it all). The Joint Immediate Action Plan forced the Member States to finally use the full extent of the current directives and take coordination seriously. If the regulations are slow to pass, count on more and prolonged activity under the Joint Action Plan or an Action Plan 2.0, because one way or the other EU medical devices law must advance, especially and foremost in the areas in scope of the Joint Action Plan and the Goods Package.

More on 3D printing (and biofabrication)

Schermafbeelding 2014-07-17 om 09.57.24On 16 July I had the honor to give a lecture about Legal and Regulatory Aspects of 3D Printing (and biofabricaton) in the Focus on Life Sciences Summerschool program of University Medical Centre Utrecht, the Netherlands university hospital that made the headlines with a complete cranial replacement that was 3D printed.

Partly old, partly new

The lecture contains much of my thinking that is contained in my previous post on this blog about quality system aspects of 3d printing of medical devices under the draft Medical Devices Regulation and a discussion of the question whether 3d printed medical devices should fall within the custom made devices regime in the first place. This is a discussion that seems to have been picked up in the legislative process (I saw signals to this effect in the Council Working Group documents), but we’ll have to see where it lands.


In this lecture I have also addressed aspects of 3d printed / biofabricated ATMPs, device – ATMP integration, intellectual property issues and personal data issues, each of them very thorny regulatory issues as the audience agreed with me. Not only thorny, but also questions that the law often has no answer for (yet).

Fact free

The audience – mostly incredibly intelligent engineers and physicians – was amazed that there was so little medical expertise part of the regulatory approval and legislative processes. They lost a few illusions about law making in life sciences when I discussed the slow response times and sometimes totally fact free nature of the legislative process.


Many of the regulatory and legal issues that the law currently deals with are fixes made on the fly, that’s the nature of regulation of life sciences it seems. Risk averse regulators do not always make the right choices and can even upset a complete industry, as happened with the ATMP Regulation in Europe. This regulation was supposed to be friendly to innovative small and medium sized companies, but instead caused them to massively flee into exemptions and business models that do not even include seeing a product through to market access rather than take their chances with the regulatory process. Do we want this for yet another industry that has enormous potential to meet medical needs? I don’t think so. We do not need fact free fear based regulation written by people that do not understand the technology, nor do we need technology that addresses 3d printing with the same regulatory burden as producing customized wooden peg legs.What do we need? I like to think that I made some sensible proposals for 3D printing here.

In the mean time: a Staff Working Document

European CommissionIt’s been somewhat quiet on this blog for some time, not only because I have been very busy with lots of interesting cases but mainly because there was not a lot going on in the medical devices regulatory developments field.

Yes, market parties have been working on their input for the consultation about the Green Paper on mHealth with its many questions and the Greek Presidency was working on trying to get the Member States to align to some kind of result on the Medical Devices Regulation project (nobody is talking about the IVD regulation – quite unjustly so I think) but nothing unexpected so far in that field.

And of course this blog won a nice award, which was great recognition:


When the Commission finally issued its Staff Working Document (SWD) on the Joint Immediate Action Plan progress so far last Friday, however, things got very interesting again. Why? Because it gives some interesting insights in market surveillance and accreditation of notified bodies for the future, and allows us to connect dots that may not always have been very obvious (not to me at least).

Industry was happy with the SWD and what it implies for future medical devices market access and surveillance in the EU. Not surprising that they are happy with it, because it wants the Commission and the Member States on its side in the negotiations to come about the revision of the EU medical devices and IVD directives, which still seem to be slated for somewhere first half of 2015, against the Parliament’s proposals for change in these dossiers.

Implementation of the Joint Plan for Immediate Actions under the existing Medical Devices legislation

The SWD spends considerable space reiterating its background: breast implants, metal-on-metal hip replacements and vaginal meshes. Main actions set out in the plan:

Notified bodies : Member States were asked to revisit their designated notified bodies and to provide the Commission with an updated list of the notified bodies designated for class III medical devices, to make their notified bodies do unannounced audits and to require notified bodies to receive vigilance reports from their manufactures.

Market surveillance : Member States were asked to inform the Commission how they are fulfilling their market surveillance obligations under regulation 765/2008.

Coordination : Member States were asked to coordinate surveillance activities, which they have traditionally been notoriously bad at. The Joint Plan however called for increased coordination, in particular in the field of audits and market surveillance, to be established in the framework of the confidentiality arrangements signed with international partners.

Communication and transparency : another area that Member States were never very good at. The Plan foresees UDI guidance (as many member states are not waiting for the Eudamed cathedral to come online and are implanting their own systems which may not work with Eudamed or other Member States’ systems) and setting up of registries. Not that surprising, since national governments are under pressure locally to do something UDI-ish to organise the medical devices market into a safer place.

So what was achieved?

Actually, surprisingly much. Chapter 2 of the SWD mentions:

Notified bodies : a lot has happened in the field of notified bodies accreditation and oversight (and rightly so). Every manufacturer that has devices certified by a notified body and especially those that are in the process of having them certified has noticed that notified bodies have started to behave quite differently and are moving the goalposts on clinical evidence during the conformity assessment procedure. Why? Because Member States have gotten a lot tougher on notified bodies regarding their designation, monitoring and functioning as a consequence of the Commission Implementing Regulation on the designation and the supervision of notified bodies. Also, further to the Commission Recommendation on the audits and assessments performed by notified bodies in the field of in the medical devices sector notified bodies have been required to start conducting unannounced audits on their manufacturers and their supply chain.

From the SWD it is clear that the intensified (joint) supervision of notified bodies has had a significant impact on the market with corrective measures, limitations of designations and withdrawn designations. Member States have started joint assessment audits, resulting in several notified bodies stopping activities, some caused by a joint assessment. The problems identified in the assessments are worrying as “the most common problems identified with regard to notified bodies relate to the:

– evidence of staff qualifications;

– thoroughness of the review of manufacturers clinical evaluations and

– sampling of technical files for class IIa and IIb devices.”

The picture is that many notified bodies are not organized in a way that they can fulfill their tasks effectively (like most of the authorities by the way – the SWD paints a picture of understaffed and under-resourced competent authorities), which is evidence of a broader policy problem: apparently medical devices oversight is still a bit of an orphan area of Member State supervision policy.

Market surveillance : this was one of the areas where the least development was seen. The Commission merely concludes that “Many of the Member States recognised that because of a shortage of resources, market surveillance is only reactive and that no proactive surveillance is carried out.”

Coordination : a lot was achieved in this area, see § 2.3 of the SWD for details. Some of the highlights:

(1) streamlining and monthly discussion of NCARs (National Competent Authority Reports, the instrument for dissemination of vigilance information) and specifically set up of “a monitoring system on the follow-up and a dedicated web space for storing background documents have been put in place” as well as launch of a pilot project on analysis of medical devices incident reporting by the Joint Research Centre (JRC) of the European Commission in the summer of 2013. This will be developed further in the IMDRF efforts under the “National Competent Authority Report (NCAR) Exchange Program”, with concrete steps envisaged in autumn 2014 at the IMDRF meeting. Since confidentiality remains a problem in exchange of information, says the SWD, bi- or multilateral agreements may be necessary to implement this satisfactorily.

(2) a pilot on joint market surveillance under the Compliance and Enforcement Working Group (COEN) to launch joint market surveillance projects between Competent authorities (limited success with only ten Member States responding to the call and six of these finally being able to provide full reports on the outcome of the project on national level, so cooperation is still not really in Member States’ genes and (I think) budgets.

Communication and transparency : We had the UDI recommendation, Member States are trying to engage doctors and patients to warm to registries, and measure to improve incident reporting involving medical devices by patients and doctors (“On the basis of these replies, the Commission has suggested a number of actions which could be taken by the Member States under the present legislative framework to facilitate reporting by healthcare professionals and patients, such as further measures on national level to encourage reporting and the development of standard web-based structured forms.”). Incident reporting by patients and doctors remains (as I have argued) one of the flaws in the new regulations because they merely gently prod Member States to “encourage” this rather than make it mandatory, probably because the Commission is not sure whether it can impose this by regulation.

Brace for Joint Plan v 2.0

As I have predicted, a Joint Action Plan 2.0 now seems definitely to be in the works. In the words of the SWD:

“Many Member States and stakeholders have underlined the importance to continue and intensify the work on certain aspects of the Joint Plan. The focus should be on problematic issues identified during the implementation of this plan that are not yet resolved”

Some of these issues are

  • coordinating Member States market surveillance actions with respect to specific products, including exchange of data and approaches;
  • implementing the new notified bodies acquis and holding notified bodies to the standards set out in their Code;
  • pursue making best use of registers for providing data and identifying problems with devices that has been launched under the Joint Plan under the current PARENT Joint Action and in follow up actions envisaged;
  • share more knowledge and good practices.

But that is not all, says the SWD, because this is what’s possible under the current legal framework:

“For other important aspects, it is not possible under the current legal provisions to reach the desired objectives.

Therefore the proposed new Regulations contain provisions which aim to solve in particular the problems relating to:

• the scope of the legislation,

• the governance of the system and its transparency,

• certain obligations of notified bodies, in particular in relation to mandatory unannounced audits,

• clinical evaluation,

• the risk classification of devices and the safety and performance requirements,

• obligations of economic operators,

• reporting of incidents by users and patients to the Competent Authorities,

• certain aspects relating to vigilance system and market surveillance,

• the role and the functioning of the database Eudamed and the access of notified bodies to Eudamed, and

• the traceability of devices.”

But in the mean time – where is the revision now?

Work also continues on the revision with the Greek Presidency running to an end and the Italian one ready to start. Where we are with that I will tell you in a next blog, in which I will also report on the ESPCO Council meeting of last Friday, which summarized the results of the Greek Presidency in the MDR and IVDR dossiers. But I can already say it’s not developing that fast that it can’t wait until the next blog.

Mobile medical apps update from the HIMSS

HIMSS_logoOn Thursday 8 May I presented about EU regulation of mobile medical apps at the HIMSS Mobile Medical Apps roadshow in Berlin.

The European Commisison’s Green Paper on mHealth has been hotly anticipated for quite a long time (at least by me!), so expectations were high. So high actually that I have not heard exultantly positive reactions to the Green Paper so far. The biggest problem people seem to have with it is that the Staff Working Document does contain much new compared to the telemedicine Staff Working Document and that the Green Paper predominantly contains questions grouped by policy areas, rather than answers or even a hint of the policy directions the Commission is thinking  about. Instead, at this stage the Commission has limited itself to asking the stakeholders what they think the Commission should do. The Green Paper poses 23 questions in 11 policy areas, which is a lot of questions in a wide range of issues.

I, for myself, have mixed feeling about the Green Paper. On the one hand I would have really liked for the Commission to have been more transparent about what it considers viable policy options. On the other, I understand that the Commission is operating in a situation with many moving policy parts (both internal and external) as we can see from the eHealth Action Plan 2012 – 2020 (see also here for my commentary to that), which it tries to demonstrate – I think – by asking so many questions in so many different areas. This is one of the central themes in my MMA presentation, embedded below. The fact that we have a Green Paper is progress, in a way.

I’ll start with some of the items I find the most relevant and interesting, just because I see companies struggle with them all the time. I’ll follow up with an additional blog on other items in the Green Paper.


One of the reasons why the Green Paper is far more wide open than many would have hoped, is competence of the EU in mHealth, which the Commission puts very diplomatically as:

“Many of the issues may not be within the competence of EU law, but the EU can still act as a clearing house for best practice and can help to stimulate innovation in an area of huge potential.”

This, I think, is a core dilemma for the Commission, because mHealth delivery is very closely connected to local provision of healthcare. As Julian Hitchcock and I have argued in relation to genetic testing, national provision of healthcare is outside the scope of EU competence under the current Lisbon Treaty and ensuing Treaty on Function of the EU; the EU is short on competence in healthcare, and this is very apparent in policy areas like mHealth. This makes mHealth a very sensitive political area for the Commission, because it will have to make sure that it does not step on the toes of member states and mobilizes them for the things its needs their cooperation in, like the eHealth Networks under the Cross-Border Patient Rights Directive.

Personal data

Big data, data protection and security are very important items for mHealth and you can read about them herehere and here as well as in the embedded presentation above. Also, the General Data Protection Regulation proposal that will unify EU data protection regulation has been particularly unmindful of the use of personal data concerning health in mobile business models, courtesy of DG Justice of the Commission itself (for the proposal) and the European Parliament (for not making it better). No wonder that DG CNECT, which is driving the Green Paper, is asking the outside world how to come up with workable solutions because it apparently is unable to get through within the Commission itself.

For more nuance and detail on data protection in relation to mHealth, see my DIA Euromeeting presentation here and an interview on Datamonitor here. Let’s suffice by saying that the GDPR is already future healthcare services hostile, with its problematic regulatory attitude towards everything we like to do m/eHealth: monitoring, profiling and datafication of human subjects in order to predict, prevent, diagnose and discover unknown unknowns about human diseases by finding correllations much more effectively. Why can’t we embrace these possibilities? We have new ethical problems, but we do not seem to have new ethics that can solve them (free after Michael Lotti, ‘Ethics and the Information Age’), so we continue to prefer substandard human judgment calls over more accurate and reliable technology solutions. We don’t want technology to spy on us, but we do want it to keep us out of harm’s way. The General Data Protection Regulation is focused mainly on the first, and neglects the second to the detriment of us all.

“State of play on the applicable EU legal framework”

Under this heading we see some of the interesting points from a legal/regulatory perspective, like a discussion of the borderline between “medical” and “lifestyle” devices with the Commission stating that

“In the EU, there are no binding rules as to the delimitation between lifestyle and wellbeing apps and a medical device or in vitro diagnostic medical device. […] Since this delimitation is not yet clarified through binding rules, when the Medical Devices Directives do not apply to apps, clarity is required as to the rules with which they must comply. The fact, that Union legislation could not yet address latest developments in this sector and that the Court has not had the opportunity to clarify the applicability of existing legislation on these newly developed apps, still leaves room for interpretation.”

This is too simple in my view. There are binding rules: the existing medical devices directives. There is clarification from the Court about the borderline between lifestyle / wellbeing on the one hand and medical on the other (Brain Products case). We still have room for interpretation because the MEDDEV on standalone software as medical device was not the clearest of documents and it is taking the responsible MDEG for ever to revise it (and we don’t even know if the result will even address mHealth). What I do agree with is that these rules are not particularly clear and moreover not particularly effectively harmonised, as we have seen in the Lycocentre case. And then the Commission is too polite to start about its own regulatory rubble in the form of the eLabeling regulation, which requires – I kid you not – a paper label for mHealth apps that are medical devices not intended for professional users (the big majority of them). Also, there is the outright crazy proposal of the European Parliament to revise the very definition of medical device as to include “indirect medical purpose” just because rapporteur Liese wants to regulate ‘life style tests’ (whatever those may be).

So, as to the question in the Green Paper “Are safety and performance requirements of lifestyle and wellbeing apps adequately covered by the current EU legal framework?” I would say yes because medical devices regulation (if device) has this covered already. Not so much under other EU safety regulation (if other), because the General Product Safety Directive and Product Liability Directive are unclear as to whether apps (or standalone software in general) is in scope.

Basically everything else flanking performance and safety is inadequately regulated at the moment:

  • labeling (eLabeling regulation requires paper label)
  • free movement under single binding classification (Lycocentre case says each member state can classify app differently)
  • transparent criteria for classification (opaque judgment in Brain Products case: we still don’t know what medical means in relation to general health and wellbeing devices such as treadmills and other sporting or health goods)

So, clever way to pose the question but no points because it’s the wrong question, which should have been “Does the current EU legal framework create sufficient conditions for an internal market for safe and effective mHealth apps?”

Patient safety and transparency of information

This section of the Green Paper overlaps largely with the previous one, because it is also about safety and performance of mHealth solutions, but places it in the key of user oriented certification for utility (is it useful for what the user wants to user for?) rather than in terms of safety and performance. However, it shows that the Commission is still confusing mHealth apps that are regulated as medical devices and other mHealth apps with a statement like “Safety may be demonstrated by using user safety standard or specific quality labels.” – yes, this is true perhaps for health/wellness apps that are not devices but no, it is not true for mHealth apps that are devices. This mixup is very prevalent in the mHealth market and leads to the situation that users and app developers think that CE marking of apps that are devices is optional if quality labels exist. Clinicians are publicly asking for rules that would guarantee the safety of medical apps (hello! standalone software was always covered by the medical devices directives and certainly after the 2007 revision that inserted software specifically in the definition of medical device) but are ignorant about medical devices law or ISO/IEC standards.

So do we need certification schemes to promote safety and usability? Can’t hurt, provided that those involved know what they are doing. I have seen ‘experts’ say in national news that CE marking of apps is optional and you shouldn’t spend a lot of time worrying about that stuff. I have had accountancy firms working on such schemes visit me and look at me surprised that I would propose completed CE marking for an app that is a medical device as a necessary condition for certification, or at least argumentation of the app developer as to the regulatory status of the app, just to check that they know what they’re doing and take safety and performance standards seriously. That is not top of mind at all. There is a lot of work to be done here.

As to the Green Paper question “How to ensure the safe use of mHealth solutions for citizens assessing their health and wellbeing?” : let’s start by having clear safety rules for software that can pose a risk to people in this space. They already exist for medical devices, but we can update the General Product Safety and Product Liability Directive to include software or make it very clear these do not cover software, at least that’s clear then.


More in the next post about the Green Paper! Don’t forget, the deadline for sending in feedback is 3 July. As a follow-up to this Green Paper and on the basis of the responses received, the Commission will announce possible next steps in the course of 2015.


The genetic testing amendment in the IVDR

ESHGLogo-2013The focus of the EU revision of medical devices regulation is fully on the medical devices regulation. The revision of the IVD directive is sort of happening in the background and is not getting the attention that it deserves, especially because the IVD revision is sparking off volatile things.

Medical devices definition

First, there is the ill-considered idea to change the core of EU medical devices regulation (the definition of medical device), just because rapporteur Liese wants to regulate ‘life style tests’ regardless of whether these fall within the Commission proposes GHTF harmonized definition of IVD or the current IVD directive definition. This has led to the viral effect in the Parliament’s proposals that the definition of medical device is proposed to include any device with an “indirect medical purpose”, which gives the regulations such an enormously wide potential scope that nobody can begin to define what the borderline of this concept would like. CE will then truly become “Confusion Everywhere”. But I already said a lot about this, for example here and here, so I won’t repeat that here.

Genetic testing proposal

Secondly – and the feature item of this blog post – there is the proposal on mandatory counseling prior to application of a genetic test to a person. Rapporteur Liese thinks this is necessary because the Commission’s proposal is too much about technical aspects of IVDs:

“The Commission proposal focuses very much on the quality of the product. Experts and many international organisations, like the Council of Europe, OECD and the European Society for Human Genetics have again and again articulated their position that in many case even more important than the quality of the product is the framework in which the product is applied. Especially in DNA testing it is very important to respect the principle of informed consent. This has also been asked for by the European Parliament several times. A legal opinion concludes that it is possible and appropriate to introduce respective wording in the proposal. Therefore the rapporteur proposes amendments on this issue. There is consensus that it should not be the intention of the European Union to limit the access of patients to DNA tests but appropriate genetic counselling should be offered in any case to inform about the consequences before a test is performed. To respect the principle of subsidiarity it should be left to the Members States to regulate the details and member states should have the option to go further than the regulation requires. One can even argue that it is mandatory to include informed consent in the proposal because it is a crucial element of the Charta of Fundamental Rights (Article 3) and the Charta of Fundamental Rights is legally binding for the European Union in those areas where it acts.”

There did not seem to be a lot of pushback against this proposal since it was proposed, even though there should be because it is not only a limitation on patients’ freedom to obtain information about themselves, but also a clear violation of the principle of subsidiarity. Since the member states in the Council have so far limited themselves to only looking at the Commission proposal in preparation of negotiation with Parliament and the Commission, it’s not surprising that there is no external feedback about how they see this. From the inside however I have heard unofficial positions that member states are very unhappy with this proposal.

But, say what you will – it is clear from the rapporteur’s clarification of the proposal that the Parliament itself is unsure about whether the EU has the competence to put this proposal into law and the rapporteur has decided that he needed legal back-up to support his position. To address this, the rapporteur commissioned the university of Passau, which produced the Passau university opinion to back up the rapporteur’s case. This is a far more reasonable and rational approach than we have seen rapporteur Roth-Behrendt take in the medical devices regulation dossier, in which her approach essentially consisted of fact-free statements and accusing everybody that actually did have a rational argument and/or data supporting a position of being a liar or biased and therefore disqualified as stakeholder: how is that for a rational approach? I did not vote for that kind of approach anyway.

However, one opinion is not yet a debate. A debate is what we need to address sensitive issues like this proposal.

A counter opinion

To address this, my colleague Julian Hitchcock of Lawford Davies Denoon and I wrote an opinion (executive summary here) at the request of the European Society of Human Genetics, a non-profit organization that promotes research in basic and applied human and medical genetics and obviously has an interest in the amendment not being passed. It also has good substantive arguments for this, which it has set out here and here. We believe that the Passau university opinion that Rapporteur Liese used to justify this amendment is incorrect in that it concludes that the EU has competence to intervene in the the provision of medicine by member states by prescribing physicians how they should treat their patients.

In essence ESHG has the – I think – quite justified fear that adoption of this proposal will limit developments in genetic testing that stand to benefit every person in society, both on an individual and collective level. If we want a society where people take responsibility for their health we cannot remain stuck in facilitating people in maintaining the (un)known unknowns. From my own family experience I can say that I would have benefited greatly from the approach advocated in Eric Topol’s book The Creative Destruction of Medicine, which describes a compelling case of genetic testing of each individual at a very early stage to optimize both individual and population medicine. If you can easily know important facts about a person’s health, there are only good arguments that compel that you find out. Yes, somebody may find out an unwelcome fact about him- or herself like a genetic defect that codes for serious illness. However, this will allow that somebody and society to take the best remedial measures or take measures that still lead to the best quality of life. The person concerned is empowered to be a responsible person that takes charge of their own health or the health of the children for whom the person is responsible. This is what the Enlightenment was about in philosophy, and now we need an Enlightenment in healthcare. For that to happen we need some creative destruction of old paradigms, in my view. The only way to keep healthcare affordable and maintain a basis for solidarity in healthcare reimbursement is that people must know what there is to know about their health, so they cannot hide from making informed decisions.

Let’s start the debate

With this counter opinion on the table there can be a debate. If we are wrong with our opinion, let us know. If we are right, it’s nice to know as well.

But if we are right, the conclusion must be that this amendment cannot be passed. This is a duty that the Parliament owes to its voters. I, for one, did not vote for the Parliament to intervene in matters it is not competent to intervene in. I have said this before: if the Parliament wants to have more powers, for example to intervene in national practice of medicine, it should work on changing the Lisbon Treaty and ensuing Treaty on Functioning of the EU that provide for pretty clear division of competences in healthcare rather than try to fudge in amendments that violate of the principle of subsidiarity and make the Regulation challengeable.


Get every new post delivered to your Inbox.

Join 3,105 other followers

%d bloggers like this: