Book an appointment with us, or search the directory to find the right lawyer for you directly through the app.
Find out moreThe first Law Update of 2024 is here, and our first focus of the year spotlights Healthcare and Lifesciences, a sector that is undergoing significant growth and development across the MENA region.
Our focus provides an insight into some of the most important regulatory updates across the region, such as the UAE’s groundbreaking law on the use of human genome, Kuwait’s resolution on nuclear and radioactive materials, the new regulations for healthcare services in Qatar, Egypt’s healthcare regulatory framework, and the impact of the Saudi Civil Transactions Law on the healthcare and life sciences sector … and there is so much more!
Beyond the healthcare pages our lawyers share with you multi-sector insights where you will discover articles on Dubai’s DIFC regulatory framework for startups, Bahrain’s commercial agencies law, and we also shed light on Kuwaiti civil code and the advantages of setting up a joint stock company in Saudi Arabia.
Read the full editionChristina Sochacki - Senior Counsel - Corporate / Mergers and Acquisitions
Nick O’Connell - Partner, Head of Digital & Data - Saudi Arabia - Digital & Data
This illustration is inspired by the original painting of Girl with a Pearl Earring by Johannes Vermeer.
The Saudi Food & Drug Authority (“SFDA”) recently published guidance on artificial intelligence and ‘Big Data’ in the context of medical devices: Guidance on the Review and Approval of Artificial Intelligence and Big Data based Medical Devices (“AI Guidelines”). The AI Guidelines are to be read in conjunction with the SFDA’s Guidance on Software as a Medical Device.
The AI Guidelines apply to standalone software type medical devices, to which machine-learning-based AI technology is applied in order to diagnose, manage, or predict diseases by analysing medical data. It also applies to AI software that is configured with hardware, such as clinical decision support (“CDS”) software or computer-aided detection/diagnosis (“CAD”) software.
The medical device marketing authorisation requirements relevant to AI-based medical devices, as set out in the AI Guidelines, include demonstrating the accuracy of AI technology, to diagnose or predict diseases or provide customised treatment to patients, by analysing ‘Big Data’ and recognising certain patters based on machine learning.
The SFDA describes medical ‘Big Data’ as “various kinds of medical information used to diagnose, manage or predict diseases – such as medical records, biometric information measured by medical devices, medical images, and genetic information”.
Whether Big Data and AI-based medical software is a medical device is determined based on the intended use. In general, software intended for exercise, leisure activities, and general health care are not considered medical devices; software that helps a medical professional easily find medical information is also generally not considered a medical device. Each case will be judged based on it characteristics, situation, and scientific evidence of each product.
When examining applications for medical device marketing authorisations, performance and clinical efficacy will be reviewed. In addition, in cases where medical information is saved and transmitted through a network by applying cloud computing technology, the medical information security and cloud transmission process will be evaluated to examine the possibility of modification of medical information and the occurrence of damage. Security requirements for the use of a network include, server access control, user authentication, use of encryption, and de-identification, which will need to conform to SFDA guidance on pre- and post-market cybersecurity of medical devices.
Big Data and AI-based medical devices submitted for medical device marketing authorisation will be compared with previously approved medical devices. If the intended use and operating principles are different to ones already approved, documents from a clinical trial should be submitted. An equivalence comparison of machine-learning-based medical devices will be conducted to compare the intended use, model used for machine learning, and characteristics of training data in the two products. If the two products are equivalent, submissions of clinical trials may be waived by the SFDA.
The AI Guidelines discuss version control methods and requirements based on the type of version control: major function change; simple change; minor change; and training data change. Also addressed is the requirement for a manufacturer to establish a policy on data management when it comes to the various training/learning data integrated into the software, such as electronic medical records, medical images, and medical literature.
Finally, the AI Guidelines address cloud configuration, including; 1) private cloud, which can be used by a medical institution as the institution installs data centres internally; 2) public cloud, where cloud services are provided by an external provider is used; and 3) hybrid cloud, where public cloud and private cloud are used in combination.
Our Healthcare & Life Sciences as well as the Digital & Data sector groups regularly advise on these types of matters. For further information, please contact healthcare@tamimi.com.
To learn more about our services and get the latest legal insights from across the Middle East and North Africa region, click on the link below.