In 2021, the World Health Organization (WHO) issued guidance on post-market surveillance presenting the objectives and processes for post-market surveillance or PMS as undertaken by manufacturers with the aid of economic operators. It also provides information about the measures to ascertain compliance with safety, quality, and performance regulations.
Post-Market Surveillance is a crucial process, as regulators use it to monitor the safety and effectiveness of medical devices and related products. Over the past few years, there has been a gradual shift from conducting pre-market testing to undertaking post-market monitoring or regulation since the latter reflects real-world scenarios and issues. Thus, it serves as a better evaluation of product effectiveness and safety issues.
Understandably, Post-Market Surveillance is something only some willingly and capably undertake. Only a few establishments or institutions have the resources and workforce to do it. Collecting information from a wide range of devices in different locations is challenging, and only a few have the resources and expertise to do it properly.
Modern tech to the rescue
What’s good about the modern age is the availability of various tools to make tasks considerably more manageable. There’s the internet to share and obtain massive amounts of information, and numerous web-enabled smart devices operate as portable computers to process information and perform tasks for specific purposes.
Post-market surveillance for medical devices can be undertaken more efficiently with the help of IoT devices and online platforms that consolidate, process, and present the data obtained through the IoT devices deployed to monitor medical products. IoT and modern computing and data-sharing solutions help address the challenges commonly encountered when conducting post-market surveillance, the following in particular:
Complexities in data collection and management. It is difficult to manually gather data from various devices, and sending out personnel to collect data is too resource-intensive and time-consuming. Some organizations employ digital tools to get the job done. Still, the setup can be chaotic and inefficient because of the lack of coordination and the absence of a typical data recording and management system.
Some devise ways to divide tasks, mainly based on geographic factors. Still, they usually end up with multiple data collection methods and formats and disjointed data analysis and presentation strategies.
In-field visibility inadequacy. Some medical devices supposedly make it easy to collect information about their activity and failures because they are web-enabled or designed to operate online. However, some manufacturers need help gathering data securely and efficiently.
They may have yet to program their devices to send data (with user authorization) and enable granular visibility, like examining resource usage, security events, and device temperature levels. As such, they resort to DIY solutions that typically fail to deliver the kind of in-field visibility they need.
The complexities of data collection and management can be simplified with the right tools, particularly using a unified data collection and analysis platform. Preferably cloud-based, this unified platform ensures everything is conducted systematically and efficiently.
From IoT to AI and state-of-the-art security
The unified Post-Market Surveillance platform referred to above consists of various technologies designed to meet the challenges of collecting, processing, analyzing, and presenting relevant data about medical devices and related products. Three of the most notable ones are the Internet of Things or smart devices, artificial intelligence, and advanced cybersecurity.
Internet of Things. As mentioned earlier, IoT devices can be employed to gather data from medical products. These can be smart sensors attached to medical equipment to keep track of temperature, operational integrity, power usage, and other vital details. These are tiny gadgets or appliances used for medical equipment that are not smart enough to have their own operations monitoring capabilities.
In most cases, though, the medical equipment can already transmit data about their operations once they are online. For this, the PMS platform to use should be integrated with the operating system of the device being tracked. It is hence important for the platform to be compatible with IoT operating systems such as OpenWrt, Micirum, RTOS, FreeRTOS, and Linux.
Artificial intelligence. AI is crucial in process automation, especially when it comes to the detection of threats and anomalies. In undertaking PMS for medical devices, it would be nearly impossible to manually examine all the data generated by the machines being tracked. Doing so would require thousands of data analysts and countless work hours.
With artificial intelligence and machine learning, the process can be drastically shortened, and AI can be trained to detect anomalies automatically and respond accordingly. These suspicious activities could be unusual communications or data exchanges, an impressive number of events, sequence violations, and cyberattacks like DDoS.
Additionally, AI is helpful in sorting data and establishing response priorities. Artificial intelligence can filter out the data noise in post-market surveillance to ensure that the most critical and urgent alerts or notifications are addressed immediately, not ignored and forgotten.
Advanced security. Post-market surveillance is a sensitive process since it involves data transmission from devices that customers already use. It is like consented snooping, with the device owners aware that their devices are sending information to a third party.
Manufacturers conducting PMS must take serious responsibility for the security of data transmissions and the ports opened to enable data movement. They should assure customers that all data connections are highly secure and that the PMS platform will not become a vulnerability threat actors can exploit.
Given the severity of the software supply chain attacks over the past couple of years, it is logical to expect Post-Market Surveillance platforms to have enough security controls and measures installed. One way to secure a Post-Market Surveillance platform is to use binary instrumentation, as it inherently stops virtually all supply chain exploits.
It is also preferable to take advantage of agentless security, wherein the security application integrates with the firmware. In other words, the security solution becomes a core part of the device being monitored, making it less prone to external compromises.
Moreover, the ability to automatically mitigate all kinds of threats, including zero-days, ensures that post-market surveillance does not become a threat or exploitable vulnerability to medical device users.
Enhancing post-market surveillance
The technologies described above are not exactly novel and revolutionary. However, in the context of post-market surveillance for medical devices, they offer ways that have not been popular before. They present simple but viable strategies for conducting post-market surveillance efficiently and securely.