Artwork for podcast Global Medical Device Podcast powered by Greenlight Guru
#458: What the FDA Actually Says About AI in Medical Devices
Episode 4584th May 2026 • Global Medical Device Podcast powered by Greenlight Guru • Greenlight Guru + Medical Device Entrepreneurs
00:00:00 00:18:43

Share Episode

Shownotes

The medical device industry is undergoing a paradigm shift as Artificial Intelligence (AI) and Machine Learning (ML) transition from novelties into heavily regulated realities. The turning point arrived when the FDA integrated its own internal AI tool, Elsa, into its scientific review and inspection targeting processes. With regulators actively leveraging the technology, MedTech companies can no longer treat AI as a buzzword; it demands a deep understanding of concrete regulatory frameworks and actual engineering rules.

To properly understand this evolution, the traditional internet analogy must be cast aside in favor of a more accurate comparison: electricity. Just as the adoption of electricity brought a wave of safety infrastructure, inspectors, and the National Electrical Code, AI is bringing an imminent mountain of new standards to the medical device landscape. Winning device companies will not be those that market themselves as "AI companies," but rather those whose devices simply perform better because of the technology and whose quality systems can explicitly prove that enhanced performance to regulators.

Navigating this terrain requires mastering fundamental regulatory concepts, beginning with Software as a Medical Device (SaMD) pathways and the distinction between locked and adaptive algorithms. Because adaptive algorithms continuously change in the field, they present a unique regulatory challenge that requires a total product lifecycle approach. By utilizing a Predetermined Change Control Plan (PCCP) and integrating proactive post-market surveillance directly into the Quality Management System (QMS), manufacturers can successfully clear these checkpoints and avoid costly deficiency letters.

Key Timestamps

  • 00:19 – The evolution of AI from an amusing novelty to industry fatigue.
  • 00:54 – The turning point: The FDA's adoption of Elsa in its internal scientific review process.
  • 01:34 – Moving past the hype: Focus on the actual rules of AI in MedTech.
  • 01:54 – The Electricity Analogy: Shifting from candles to infrastructure and the National Electrical Code.
  • 03:13 – The Electric Toaster lesson: Focus on a better product, not the technology powering it.
  • 03:57 – Understanding Software as a Medical Device (SaMD) as a full regulatory pathway.
  • 04:26 – Micro-timestamp: Defining Locked vs. Adaptive Algorithms and the core regulatory challenges of evolving data.
  • 05:14 – The Total Product Lifecycle Approach: Viewing FDA clearance as a checkpoint, not a finish line.
  • 05:40 – Breaking down the 2021 AI/ML Action Plan and its five core areas of focus.
  • 06:17 – Deep dive into Predetermined Change Control Plans (PCCPs) and the Omnibus Act framework.
  • 06:55 – Micro-timestamp: The three mandatory components of a successful PCCP submission.
  • 07:54 – Evaluating the 2021 draft guidance on 510(k) considerations for AI/ML-based SaMD.
  • 08:04 – Micro-timestamp: Data requirements (training, validation, testing) and managing demographic/clinical bias.
  • 08:35 – Algorithm transparency: Balancing proprietary tech with reviewer clarity.
  • 08:58 – Building QMS infrastructure for AI: Moving away from retrofitted legacy systems.
  • 09:27 – Micro-timestamp: Applying Risk Management under ISO 14971 and AAMI TIR34971 to AI-specific failure modes.
  • 10:14 – Proactive vs. Reactive Post-Market Surveillance: Tracking algorithm drift in the real world.
  • 10:53 – Key takeaways and lessons learned from building an off-grid home electrical system.
  • 11:59 – Teaser for next week: Common mistakes and patterns that trip up companies in AI submissions.

Quotes

"The device companies that are going to win aren't the ones making the biggest deal out of having AI. They're the ones whose devices actually work better because of it and whose quality systems can prove that to the FDA." - Etienne Nichols
"With AI, clearance is more of a checkpoint. You're going to have multiple of these checkpoints along the way." - Etienne Nichols

Takeaways

Regulatory & Submissions

  • Treat the PCCP as an Operational Reality: A Predetermined Change Control Plan cannot be written at the last minute as a mere submission document. It must strictly reflect your active software development process, covering planned modifications, modification protocols, and detailed impact assessments.
  • Ensure Data Demographics Match Intended Use: The FDA scrutinizes the clinical, geographical, and demographic composition of your training, validation, and testing data. Algorithms must perform consistently across subpopulations to prevent significant safety risks.
  • Commit to Algorithm Transparency: While the FDA does not require your proprietary source code, you must explain the algorithm's functionality and failure modes clearly enough for a reviewer to confidently assess its safety and effectiveness.

Quality Management Systems (QMS)

  • Design Controls and AI Risk Mitigation: QMS architectures must be built from the ground up to handle AI-specific failure modes (such as false positives, false negatives, or subpopulation anomalies) using risk management standards like ISO 14971 and specialized guides like AAMI TIR34971.
  • Transition to Proactive Post-Market Surveillance: Traditional, reactive complaint handling is insufficient for adaptive algorithms. Quality systems must incorporate continuous, active real-world monitoring to detect and rectify algorithm drift before it compromises patient safety.

References

  • FDA AI/ML Action Plan (2021): The foundation document outlining the agency's five-part focus on software modification, PCCPs, good machine learning practices, patient-centered transparency, and real-world monitoring.
  • 510(k) Considerations for AI/ML-Based SaMD Draft Guidance: Critical guidance emphasizing data splitting protocols, demographic representation, and algorithm transparency.
  • ISO 14971 & AAMI TIR34971: The essential consensus standard and technical information report mapping out the application of risk management principles specifically to machine learning and artificial intelligence.
  • Etienne Nichols' LinkedIn Profile: Connect directly with host Etienne Nichols on LinkedIn to share feedback, ask questions, and discuss the latest trends in MedTech regulatory affairs.

MedTech 101 Section

Software as a Medical Device (SaMD)

SaMD is software designed to perform medical functions—such as diagnosing, treating, or monitoring diseases—without being part of physical medical device hardware.

  • The Analogy: Think of a traditional medical device as a dedicated physical calculator sitting on a doctor's desk. SaMD is like a medical application downloaded onto a standard smartphone; the phone itself isn't the medical device, but the software running inside it is acting as one.

Locked vs. Adaptive Algorithms

A Locked Algorithm is an AI model that remains completely unchanged after it is cleared and deployed. It performs its function exactly the same way every time until the manufacturer manually pushes a controlled update. An Adaptive Algorithm is an AI model that continues to learn, retrain, and evolve on its own based on new real-world patient data after it is deployed.

  • The Analogy: A locked algorithm is like a physical cookbook printed on paper; the recipes never change unless the publisher prints a second edition. An adaptive algorithm is like a living chef who tastes every dish they make, continuously altering the recipe over time based on feedback from the diners.

Feedback Call-to-Action

We want to hear from you. Did this episode change how you look at your company's AI pipeline? Do you have questions about implementing a PCCP or structuring your design controls for machine learning?

We read every single message and love delivering personalized responses to our community. Send your thoughts, feedback, reviews, or topic suggestions for future episodes directly to our team at podcast@greenlight.guru.

Sponsors

This episode of the Global Medical Device Podcast is brought to you by Greenlight Guru.

Navigating the complex landscape of AI/ML regulations requires an airtight quality foundation. Greenlight Guru provides specialized Medical Device Success Platforms that unify your team’s efforts. By utilizing their dedicated QMS (Quality Management System) solutions, you can seamlessly build AI-specific design controls and map out risk management strategies under ISO 14971. Furthermore, their integrated EDC (Electronic Data Capture) solutions allow you to execute rigorous clinical data collection, helping you gather the high-quality, traceable real-world performance data required to monitor algorithm drift and satisfy total product lifecycle demands.

Discover how to scale your AI enabled innovation safely by visiting www.greenlight.guru.

Links

Chapters

Video

More from YouTube