FDA’s Evolving SaMD Regulation: Key Updates for Ophthalmologists

---

Software as a Medical Device (SaMD) refers to standalone software that performs medical functions (for diagnosis, treatment, monitoring, etc.) without being part of a hardware device.

In recent years, such software – especially AI-driven tools – has become widespread in health care. Recognizing the unique risks and innovation potential of SaMD, the FDA (via its Digital Health Center of Excellence) has embarked on a series of new policies and guidance's.

In short, the FDA aims to regulate SaMD with a risk-based, life-cycle approach that protects patients while enabling innovation.

How FDA Regulates SaMD Today

The FDA treats SaMD under its existing medical device laws, using established pathways (510(k), De Novo, or PMA) based on risk. Simply put, if a software function meets the definition of a medical device, it is evaluated like any other device. The FDA focuses oversight on higher-risk software (e.g. diagnostic algorithms) and often exercises enforcement discretion for very low-risk functions (wellness apps, administrative tools).

In practice, FDA reviewers ask whether a software function could impact patient safety or clinical decisions; if so, it requires regulatory review. The agency also follows international frameworks: for example, the IMDRF SaMD working group (chaired by FDA) defined risk categories from I (lowest) to IV (highest) based on patient impact. (Importantly, these IMDRF frameworks are guidance, not binding rules.) In summary, any ophthalmology software that makes medical claims – say, analyzing retinal images or assessing disease risk – is SaMD and falls under this device risk framework.

FDA’s Recent SaMD Initiatives (2021–2025)

The FDA has ramped up SaMD guidance in the past few years. Key milestones include:

• 2021: FDA issued an AI/ML SaMD Action Plan (Jan 2021) to guide its approach. Later that year it released Good Machine Learning Practice (GMLP) principles for medical-device AI, stressing quality in data, design, and testing.
• 2023: In April 2023 the FDA proposed draft guidance on Predetermined Change Control Plans (PCCPs) specifically for AI/ML device software. In October 2023 it published Guiding Principles for PCCPs in ML-enabled devices. (These PCCP documents outline how companies can pre-plan software updates in their marketing submissions.)
• 2024: In June 2024 the FDA issued a Transparency for ML-Enabled Devices draft, emphasizing that manufacturers should disclose how AI was trained and validated. In March 2024 it published “AI and Medical Products,” a cross-center strategy paper (CBER/CDER/CDRH) on coordinating AI regulation. By December 2024 FDA finalized its PCCP guidance for AI-enabled software (the first FDA final rule specifically about AI update protocols). Notably, FDA also released an all-devices PCCP draft (Aug 2024), extending this concept beyond AI.
• 2025: On January 6, 2025, FDA issued a new draft guidance on AI-Enabled Device Software: Lifecycle Management and Marketing Submissions. This draft lays out how manufacturers should document their AI/ML software (design, data management, validation, etc.) and manage it across the product’s life cycle. It underscores a Total Product Life Cycle (TPLC) approach to AI risk: FDA will review not just the initial software, but plans for future updates.

These developments show a pattern: the FDA is building a framework where SaMD (especially AI-driven devices) are evaluated not only at clearance/approval but continuously.

For example, PCCPs let companies tell FDA up front how they plan to modify the software later, so minor updates can be pre-authorized in advance. Other guidances (like GMLP and Transparency) push firms to follow best practices in model training and to be clear about algorithm performance.

Focus Areas in FDA’s SaMD Strategy

• Total Product Life Cycle (TPLC) Management: The new draft guidance (Jan 2025) explicitly frames SaMD oversight as a lifecycle process. Firms must include in their submissions details on how the software was developed, tested, and how future learning will be handled. In short, FDA expects manufacturers to anticipate and plan for change. This contrasts with older device reviews that only look at the static product.
• Predetermined Change Control Plans (PCCPs): A cornerstone of the FDA’s current approach is PCCPs. By declaring a PCCP in a marketing submission, a company gets FDA’s blessing on certain future modifications (e.g. new training data sets or algorithm tweaks) without needing a new approval each time. The April 2023 draft and Dec 2024 final guidance spell out what belongs in a PCCP (types of changes, update frequency, testing). This is especially useful for adaptive AI: an FDA-cleared eye-screening algorithm, for instance, could automatically learn from new images over time if its PCCP is approved. FDA has signaled that PCCPs are part of a modern, least-burdensome regulatory approach.
• Transparency and Quality Practices: FDA wants AI/ML development to be well-documented and reproducible. Its 2024 Transparency draft urges companies to disclose key information (data sources, versioning, performance metrics) about ML-enabled tools. The 2021 GMLP principles similarly call for sound engineering practices (such as bias checking, validation under real-world conditions). Together, these guidances demonstrate FDA’s push for high-quality software development: reviewers will look for evidence that the SaMD was built on rigorous data science and that it works safely across patient groups.
• Regulatory Coordination and Harmonization: The FDA is aligning internally and internationally. The “AI and Medical Products” paper (Mar 2024) describes how drug, biologics, and device centers are collaborating on AI issues. The FDA also follows standards from the International Medical Device Regulators Forum (IMDRF): for example, IMDRF’s SaMD risk/categorization framework helps FDA classify new software products, and its QMS guidance informs quality requirements (though FDA’s adoption is not a rule per se). Additionally, U.S. federal AI policy (e.g. a 2023 Executive Order on trustworthy AI) is influencing FDA: the agency has begun using consistent AI definitions and emphasizing safety-impacting AI across its guidances. In short, FDA is embedding SaMD policy in a broader AI/drug/device regulatory ecosystem.

Future Directions and Watch Areas

The FDA has been clear it will continue updating its SaMD oversight. The recent drafts are open for public comment, and we can expect final versions later in 2025.

Beyond what’s already issued, likely future topics include post-market surveillance for adaptive AI (how to monitor real-world performance over time) and guidance on novel software functions (e.g. autonomous AI that learns continuously). Congress has shown interest too: for example, the FDA Quality System Regulation was updated in early 2024 to incorporate ISO 13485 (effective 2026), signaling a move toward global harmonization even in software manufacturing practices.

Overall, the trend is toward greater clarity.

Implications for Ophthalmology

For eye care, these regulatory shifts mean that any eye-related software tool intended for medical use falls under this new framework.

For instance, an algorithm that analyzes retinal scans or visual fields will be treated as SaMD. If it uses AI/ML, FDA will apply the guidelines above: the submission must detail how the algorithm was developed (per GMLP), how its results will be explained to users (Transparency), and how it may be updated over time (PCCP and life-cycle guidance).

Higher-risk ophthalmic software (e.g. those that diagnose conditions) will be in higher IMDRF risk categories and likely require more evidence. In contrast, simple wellness apps (e.g. a reminder to do eye drops) remain low priority.

How Ophthalmologists Should Evaluate Software for Their Practice

As the FDA sharpens its regulatory lens on SaMD and AI-enabled tools, ophthalmologists must also refine how they assess software solutions for clinical use. Choosing the right digital tools isn't just about efficiency anymore—it’s about long-term safety, compliance, and adaptability in a fast-evolving regulatory landscape.

Here’s what to look for when evaluating ophthalmology software today:

1. Medical Device Status & Intended Use

Start by asking whether the software qualifies as a medical device under current FDA guidelines. Does it assist in diagnosis, inform treatment decisions, or generate clinical outputs? If so, it is likely to be regulated. Be cautious of tools that make clinical claims but lack proper regulatory documentation.

2. Transparency in Data Handling

Ensure that the software vendor can clearly explain how clinical data is managed, processed, and protected. With the FDA now emphasizing transparency and traceability, software that openly shares its data lineage and validation methods is more future-proof.

3. Support for Lifecycle Management

Does the vendor have a strategy for updates, including how software evolves post-implementation? Tools built with lifecycle thinking—like version control, update logs, and real-time monitoring—are more likely to stay aligned with future FDA expectations.

4. Risk Awareness and Auditability

Select software that includes built-in compliance prompts, audit trails, and quality control features. These capabilities not only streamline documentation but also protect you in case of inspections or audits.

5. Built Specifically for Ophthalmology

Generic EHR or analytics tools may struggle to align with the new frameworks, especially if they try to retrofit eye-care-specific functionality. Choosing software designed ground-up for ophthalmology ensures that workflows, data types (like imaging), and risk levels are properly accounted for.

Why Now Is the Time to Upgrade Digital Infrastructure

Regulatory clarity is no longer just a matter for device manufacturers—it’s a shared responsibility between vendors and clinicians. As regulators move toward lifecycle-based oversight and adaptive AI protocols, practices using fragmented or outdated systems may find themselves entangled in non-compliance, data incompatibility, or limited vendor support for future-proofing.

Upgrading to a modern, ophthalmology-native platform offers multiple advantages:

• Future-Readiness: Systems aligned with emerging FDA SaMD policies offer greater confidence in staying compliant without costly retrofits.
• Clinical Precision: Ophthalmology-focused tools are tailored for the depth and specificity your specialty requires—from imaging to diagnostics.
• Integrated Updates: Software built with lifecycle management in mind ensures you’re always working on the latest, safest, and most capable version.
• Fewer Administrative Burdens: When systems anticipate documentation and compliance needs, clinicians can focus on care, not checklists.

The bottom line:

Ophthalmologists can expect that future SaMD products in eye care will arrive with regulatory pedigree. Companies will include robust performance data (safety/effectiveness) and have FDA-approved plans for improvement. These developments should ultimately benefit clinicians by providing trusted, vetted tools.

However, they also mean that collaboration between clinicians and developers is crucial: understanding FDA’s guidelines will help ophthalmologists advise on necessary data (e.g. diverse imaging sets) and ensure these software tools meet regulatory expectations.

As ophthalmology becomes more digitally driven, now is the time to modernize your infrastructure—not just for operational efficiency, but to stay aligned with the evolving standards of medical software governance. Choose partners and platforms that understand the regulatory terrain and are building with it in mind.

That’s how you practice with peace of mind—and stay ahead of change.