|
Administrative Notice on the Enforcement Rules for the Digital Medical Products Act
|
In preparation for the enforcement of the Digital Medical Products Act on January 24, 2025, the Ministry of Food and Drug Safety (MFDS) issued an administrative notice on December 16, 2024, regarding the eight detailed enforcement rules to be enacted. According to the published enforcement rules, the MFDS plans to implement a regulatory framework for digital medical products that is different in certain aspects from the existing Medical Devices Act and In Vitro Diagnostic Medical Devices Act with regard to the categorization, classification, product approval and KGMP certification.
The details are as follows.
|
|
1. Regulations on the Categorization and Classification of Digital Medical Products
|
|
Rather than adhering to the existing approach, where category names (category codes) and classifications are pre-designated based on product characteristics, applicants will now be responsible for generating their product's seven-digit product code with consideration of its primary intended use, technology type and format, etc. Applicants must also independently determine the product's classification based on its intended use, target users, and potential harm due to malfunction (rule-based classification system).
|
2. Regulations on the Approval, Certification, Notification, Review, and Evaluation of Digital Medical Products
|
|
Digital medical devices are categorized into three groups: medical device hardware (including control/operation firmware), embedded digital medical device software (installed/connected to hardware for analysis or processing to fulfill its intended purpose), and standalone digital medical device software. The required submission documents for approval are further detailed for each category.
For embedded/standalone digital medical device software, due to the nature of software, the Substantial Equivalence (SE) system will no longer apply, making the submission of clinical trial data (including clinical evaluations and real-world performance data) now mandatory for approval.
Additionally, a change control plan submission system, similar to the U.S. FDA’s Predetermined Change Control Plans (PCCP), will be introduced, granting flexibility in managing changes for embedded/standalone digital medical device software.
|
3. Regulations on the Manufacturing and Quality Management Standards for Digital Medical Devices
|
|
The MFDS has adopted three mandatory standards (ISO 13485, IEC 62304, and ISO 42001) as the criteria for quality management compliance for digital medical devices. Manufacturing sites are classified based on the type of digital medical device produced (medical device hardware (including control/operation firmware), embedded or standalone digital medical device software, and AI/ML-enabled software), and the application of quality management standards varies accordingly. For example, manufacturing sites producing AI/ML-enabled software must comply with all three standards to obtain KGMP certification.
In contrast, for medical device hardware and non-AI/ML-enabled software (SiMD or SaMD), KGMP certification under the Digital Medical Products Act may be issued to replace the existing KGMP certification under the Medical Devices Act or In Vitro Diagnostic Medical Devices Act. However, manufacturers of AI/ML-enabled software (SiMD or SaMD) must obtain additional KGMP certification under the new Act, regardless of prior KGMP certifications.
KGMP certification assessments will primarily involve document reviews and on-site audits. For digital medical device software, on-site inspections may be substituted with "remote inspections."
|
|
4. Regulations on Approval and Management of Clinical Trials, etc. for Digital Medical Devices
|
|
The MFDS has categorized digital clinical trials based on timing (pre-market/post-market and real-world performance), location (clinical trial institutions or external sites), and subjects (human subject, medical data, or specimens). The requirements for submission, exemptions, MFDS/IRB approval criteria, and special provisions differ depending on the category.
|
|
5. Guidelines on Cybersecurity for Digital Medical Devices
|
|
The guidelines outline detailed requirements for manufacturers regarding surveillance and response teams, physical and technical security systems, risk management, responses to cyberattacks, monitor and address vulnerabilities, etc.
|
|
6. Regulation on Excellent Management System Certification Standards
|
|
The MFDS introduced new evaluation criteria for the Excellent Management Systems Certification of digital medical product manufacturers, which covers quality management, safety management, cybersecurity measures, AI/ML manufacturing practices, etc.
|
|
7. Regulations on Fees for the Approval of Digital Combination Medical Products
|
|
8. Regulations on Institution Designation, etc. under the Digital Medical Products Act
|
|
Given the upcoming enforcement of new regulations for digital medical products, it is highly recommended for digital medical product manufacturers to fully understand the relevant regulatory requirements in advance.
MDREX offers comprehensive consulting services for various regulations applicable to digital medical products.
For inquiries regarding medical device regulations and market access,
please contact MDREX at pro@mdrex.co.krThank you.
|
|
