The Food and Drug Administration (FDA) issued final guidance Monday that explains how medical device manufacturers can use a Predetermined Change Control Plan (PCCP) to update AI-enabled device software functions (AI-DSFs) after clearance or approval without submitting a new marketing application for each covered change.
The guidance is a practical how‑to for getting the FDA to preauthorize a playbook for future updates to AI medical software. The FDA calls the playbook a Predetermined Change Control Plan (PCCP). The applicant submits the PCCP with the 510(k), De Novo, or PMA, and the FDA reviews it along with the device. If the FDA authorizes the PCCP, the company may later make the listed updates without filing a new submission, provided it follows the plan’s steps for data, training, testing, labeling, cybersecurity, and deployment under a quality system. The authorized PCCP becomes part of the device description, so updates must be implemented exactly as specified. If a change is not in the plan, or cannot meet the plan’s methods or acceptance criteria, a new submission will be needed. The guidance is nonbinding and is grounded in FDORA section 515C. It applies to AI‑enabled device software functions and explains what belongs in a PCCP, how the FDA evaluates it, and how users should be informed about updates. Figure 1 on page 18 illustrates the decision path for using an authorized PCCP to implement changes.
What a Compliant PCCP Looks Like:
- Description of Modifications. List the specific, limited, verifiable changes you intend to make over time (e.g., improved quantitative performance, expanded input compatibility, or performance for a defined subpopulation). Specify whether changes are automatic vs. manual and global vs. local, and how frequently updates may occur. Changes must remain within intended use (and, generally, indications).
- Modification Protocol. For each planned change, provide (1) data management practices (representative training/tuning/test data; multisite, sequestered test sets; bias‑mitigation strategies and reference‑standard processes); (2) retraining practices (what parts of the model may change; triggers; overfitting controls); (3) performance evaluation (study designs, metrics, acceptance criteria, statistical plans; verification that non‑targeted specs do not degrade); and (4) update procedures (deployment mechanics, user communication, labeling updates, cybersecurity validation, real‑world monitoring, and rollback criteria). A traceability table should map each proposed change to its supporting methods.
- Impact Assessment. Analyze benefits and risks—including risks of harm and unintended bias—for each change individually and in combination, and explain how the protocol’s verification/validation and mitigations ensure continued safety and effectiveness across intended populations and environments.
Labeling and Transparency Requirements
The FDA may require labeling that informs users that the device contains machine learning and has an authorized PCCP; as updates roll out, labeling should summarize the implemented change, the data/evidence supporting it, impacted inputs/outputs, and how users will be informed (e.g., release notes/version history). Public‑facing device summaries (SSED/510(k) Summary/De Novo decision summary) should include a high‑level PCCP description. New unique device identifiers (UDIs) are required when a new version/model is created.
Cybersecurity and Post-Market Monitoring
Update procedures should cover cybersecurity risk management and validation; describe user communications; and outline real‑world performance monitoring (including triggers, frequency, and rollback plans) to detect adverse events, drifts, or subpopulation performance changes.
Quality‑System Expectations
All implementation under a PCCP must occur within the manufacturer’s quality system. The guidance reiterates record‑retention and design‑control duties and notes the FDA’s 2024 rule aligning Part 820 with ISO 13485 effective February 2, 2026 (QMSR). For PMAs, the FDA must deny approval if manufacturing controls do not conform; for 510(k)s, clearance may be withheld if QSR failures pose serious risk.
Using (and Not Misusing) a PCCP
The flowchart on page 18 (Figure 1) depicts the logic: If a contemplated modification is (1) listed in the PCCP’s Description of Modifications and (2) implemented exactly per the Protocol’s methods/specifications, document it under the Quality Management System (QMS)—no new submission. Otherwise, evaluate it under the FDA’s device‑modification rules. In most cases, a new submission will be required. Deviations from an authorized PCCP may render a device adulterated/misbranded.
Examples: What’s In vs. Out
Appendix B (pp. 38–45) walks through six scenarios: e.g., retraining a patient‑monitoring model to reduce false alarms (in‑scope) vs. adding a new predictive claim (out‑of‑scope); extending a skin‑lesion tool to additional smartphones meeting minimum camera specs (in‑scope) vs. adding thermography or turning the product patient‑facing (out‑of‑scope); and similar analyses for ventilator‑setting software, ultrasound acquisition aids, X‑ray triage, and a device‑led combination product.
What Companies Should Do Now
- Decide If a PCCP Fits the Product Roadmap. Identify foreseeable AI model updates (performance, inputs, defined subpopulations) that can be specified, validated, and governed in advance.
- Design the Protocol First. Build out data pipelines (representative, sequestered test sets; reference‑standard methods), retraining triggers, acceptance criteria, and cybersecurity validation.
- Plan Labeling and User Communications. Draft version histories, release‑note templates, and instructions that reflect how updates may change device behavior; prepare for UDI/version control impacts.
- Align QMS and Documentation. Ensure design controls, change control, bias‑monitoring, and record‑retention processes can support PCCP implementation; prepare for the ISO‑13485‑aligned QMSR effective February 2, 2026.
- Engage the FDA Early. Use the Q‑Submission program to vet scope, methods, and evidence, especially for higher‑risk devices, automatic/local adaptations, and device‑led combination products.
- Think Predicate Strategy. If you will rely on a predicate with a PCCP, be prepared to compare to the predicate’s pre‑PCCP version; consider timing of subsequent submissions so your updated device can become a predicate.
The lawyers in Ballard Spahr’s multidisciplinary Health Care Industry, Technology Industry, and Life Sciences Industry teams advise med‑tech, digital health, AI, and life sciences companies on regulatory compliance and the range of issues related to federal and state health care laws and regulations. We help clients develop and maintain the corporate infrastructure required to address these laws and regulations as they apply to telemedicine and other digital health products and services. We are monitoring the FDA’s implementation and related federal and state activity. Please reach out to your Ballard Spahr contact with questions.