On 11 February 2020, fresh notifications were released drastically expanding the scope of regulation for medical devices under Indian law. Traditionally, India has not had expansive regulation on medical devices unlike several western jurisdictions.
There has been a limited list of items that have been subjected to the same regulations as applicable to pharmaceutical products – these include items such as catheters, syringes, etc.
For all other kinds of devices, either there were some sector-specific regulations (for instance, X-ray machines, etc., using any form of radiation had certain specific regulations) or sophisticated institutional customers procured products with overseas certifications like that of US FDA (Food and Drug Administration) for quality assurance.
However, with these new notifications, a far greater category of products will fall within certain regulations come 1 April 2020. This article attempts to examine the potential impact of these regulations on financial investors.
1. Foreign direct investment – As per applicable foreign investment norms, 100% FDI is permitted in “medical devices” under the automatic route. However, there is a definition of “medical devices” under the relevant regulations which is marginally differently worded from the definition now introduced by these new notifications. On the face of it, these definitions appear to cover similar areas.
2. Impact on products already notified as “drugs”/“medical devices” – This is the list of products that were already recognised as drugs and pharmaceuticals (this includes items such as stents, syringes, etc.) – these rules won’t change life for any such items. These were always recognised and regulated, and therefore not much changes for these companies.
3. Products regulated in other jurisdictions as “medical devices” and not in India, before the notifications
a. For investors already invested in such companies, it would be relevant and material for them to ensure such portfolio companies undertake compliance.
This compliance will have many facets – registering their products with the regulator before 1 April 2020 (as required by the new notifications), assessing compliance with relevant applicable standards (ISO, and other standards), revising the labelling for inventory that might already be in transit.
b. With these devices being notified as “drugs” under the Drugs and Cosmetics Act, 1940, criminal and other actions specified therein for non-compliance would lead to additional exposure that nominee directors on portfolio companies’ board need to be aware of and mitigate for.
For starters, such companies should ensure compliance frameworks are in place, and directors may also need to re-visit the extent of the D&O insurance coverage.
4. Startups and application developers – Software that is meant for human beings and helps in monitoring or treatment of a disease or disorder would also be treated as a medical device.
This is particularly relevant for the burgeoning startup ecosystem in India (or abroad), where people may have applications tracking weight, sleep, heart rate, or any other bodily parameters -- regardless of whether they are device-based or not.
Moreover, unlike more traditional medical device manufacturers or marketers, such companies are unlikely to have detailed systems in place for testing safety or meeting global or other applicable standards.
Also, the application ecosystem is fairly global – and to that extent, an application developed in another country but sold to consumers in India could also fall within this.
Given the limitless possibilities of using software, the implications of this new development could be significant.
5. Device-dependent services (e.g. telemedicine) and personal fitness services – Telemedicine, in particular, is typically very device-dependent. Similarly, there are personal fitness devices.
In addition to the Data Protection Bill, which is currently in Parliament, this new development comes as something to consider. The level of preparedness for compliance needs to be seen and tested during due diligence.
6. Exposure of confidential information to disclosure – Not a lot of devices are subjected to patent protection, sometimes for lack of options (for instance, India doesn’t allow patenting of software) or on other occasions, for fear of disclosure.
While registering devices, information may have to be submitted to the government in relation to the devices – which may otherwise be proprietary in nature.
Aside from this statutory disclosure, there is the further danger of third parties seeking access to such information through right to information – in which case, the party submitting the information would hope to leverage the exceptions under the law.
For investors investing in technology-based businesses, this is a relevant item to consider in commercial and business due diligence.
To conclude, financial investors, whether focusing on healthcare or not, need to think this through and train due diligence processes in this direction as well.
The development does seem to be a step in the right direction. However, the manner of implementation and how seamless or otherwise the transition will be remains to be seen.
Sameer Sah, partner, and Maitreya Subramaniam, associate, are part of the corporate/commercial practice of Khaitan & Co. Views are personal.