The DHT Compliance Wake-Up Call: Why “Digital-Ready” Isn’t “Regulator-Ready” Anymore

Regulatory
Written By Rudiger Mees

Having a digital strategy is table stakes. Having a regulator-ready digital strategy is where most sponsors quietly fail. Here’s what the gap actually looks like.

The Comfortable Illusion

Let’s start with an uncomfortable truth: most sponsors believe they are digitally ready for clinical trials. They have wearables in their protocols. They have apps on their platforms. They have dashboards that generate impressive heat maps of patient compliance.

And none of that matters when an inspector opens your Trial Master File.

The gap between “digital-ready” and “regulator-ready” is not a technology problem. It is a governance problem. And it is widening every quarter as regulators sharpen their expectations while sponsors coast on assumptions [1,2].

DHT Compliance Gap — Bar Chart THE DHT COMPLIANCE GAP Illustrative readiness benchmarking across seven compliance dimensions "Digital-Ready" (Typical) "Regulator-Ready" (Required) 0% 20% 40% 60% 80% Regulatory Threshold 100% READINESS SCORE (%) 35% 90% Device Validation 20% 85% Algorithm Governance 25% 88% Change Control 30% 92% Data Integrity (Full Pipeline) 15% 80% Role Mapping 20% 82% Global Deployment 25% 95% Inspection Readiness qointa | Illustrative benchmarking — not based on specific trial data

The Digital Grace Period Is Over

For years, Digital Health Technologies (DHTs)—wearables, sensors, eCOA apps, SaMD—benefited from what industry insiders quietly called a “grace period.” Regulators tolerated exploratory digital endpoints. Algorithms were treated as black boxes. Software updates were waved through as IT housekeeping [1].

That grace period is over.

FDA’s Digital Health Technologies guidance and Framework for the Use of DHTs now frame these tools as regulated measurement instruments, not convenience accessories [1,2]. EU MDR, UK MDR, and ICH E6(R3) are aligning in the same direction [3–5].

The message is unmistakable: if your DHT touches an endpoint, it must be governed like a regulated instrument—because it is one.

The Gap: Digital-Ready vs. Regulator-Ready

Here is what the gap actually looks like in practice. This is not a theoretical exercise—it is a composite of real inspection findings, regulatory queries, and audit observations:

Dimension “Digital-Ready” Sponsor “Regulator-Ready” Sponsor
Device Classification Assumes commercial availability equals compliance Maps regulatory classification per jurisdiction, per device, per use case [1,3]
Validation Runs a usability study and calls it done Documents fit-for-purpose validation against ISO 14971, IEC 62366-1, and endpoint requirements [6]
Software Updates Treats updates as routine IT maintenance Governs updates through formal change control with endpoint impact assessment [1,2]
Data Integrity Trusts the vendor’s audit trail Maps ALCOA++ traceability from raw signal to derived endpoint across all systems [7]
Vendor Oversight Signs a contract and moves on Defines quality agreements with vigilance, change-control, and audit obligations [3,5]
Endpoint Defensibility Presents the algorithm output Documents full evidence chain: device → signal → algorithm → endpoint → label claim [1,2]
Inspection Readiness Assembles documents retroactively Maintains a living regulatory binder from Day 1 with frozen evidence snapshots [8]

Why the Disconnect Persists

The root cause is not ignorance. Most sponsors have competent regulatory affairs teams, capable clinical operations, and credible data management functions. The problem is structural:

  1. DHTs cross every silo. Regulatory Affairs classifies. Clinical Operations deploys. Data Management integrates. IT connects. Nobody owns the whole picture [5].

  2. Vendors are treated as suppliers, not regulated partners. When a wearable manufacturer pushes a firmware update mid-trial, most sponsors learn about it from a site complaint—not from a governed change-control process [3,6].

  3. Innovation teams and compliance teams speak different languages. One talks about patient engagement and real-world evidence. The other talks about ALCOA++ and audit trails. They rarely sit in the same meeting [7].

  4. Regulatory intelligence is reactive. Most organizations learn about new expectations after a guidance document is published—not before a regulator acts on it [1,4].

What Regulators Actually See

When an FDA reviewer or EMA inspector evaluates a digitally enabled trial, they are not asking “Did you use impressive technology?” They are asking:

  • Can you demonstrate the device was fit for purpose for this specific endpoint, in this population, in this geography? [1,6]

  • Can you trace every data point from raw sensor signal to derived endpoint without gaps? [7]

  • Can you show that software changes were governed, assessed, and documented? [1,2]

  • Can you explain who was responsible for what across the entire DHT lifecycle? [3,5]

  • Can you produce this evidence within hours—not weeks? [8]

If the answer to any of these is “not confidently,” the gap between digital-ready and regulator-ready is not theoretical. It is operational. And it is discoverable.

The Cost of the Gap

The consequences are not abstract. Organizations operating in this gap routinely experience:

  • Trial start-up delays of $600,000–$1 million per month when device classification, customs, or validation documentation is incomplete.

  • Endpoint re-analysis or rejection when firmware or algorithm changes are not governed under formal change control [1,2].

  • Inspection findings tied to “sponsor oversight failures” rather than technical deficiencies—because the technology worked, but the governance didn’t [3,5].

  • Duplicate validations and late protocol amendments that add months and millions to already-pressured timelines [8].

The irony is that these costs are entirely preventable. The information exists. The regulatory expectations are published. The gap persists not because it is hard to close, but because nobody has been accountable for closing it.

The Contrarian Take: Compliance Is Not the Enemy of Innovation

Here is where this article parts company with the prevailing narrative.

The industry conversation frames compliance and innovation as opposing forces—as if regulatory readiness slows things down. The evidence says the opposite [1,8].

Sponsors with governed DHT strategies consistently report fewer mid-trial disruptions, faster resolution of regulator questions, less rework during submission, and stronger CRO and vendor alignment [8]. Why? Because uncertainty—not compliance—is what actually slows trials. When everyone knows who owns what, what can change, and what evidence is required, execution speeds up.

The real competitive advantage in 2026 and beyond is not having the most advanced DHT. It is having the most defensible DHT strategy.

What Closing the Gap Actually Looks Like

Closing the gap requires a shift in operating model, not a new technology purchase. It means:

  • Regulatory classification from Day 1—not retroactively after site activation [1,3].

  • Validation tied to the endpoint, not just the device—because a technically valid device can still produce a regulatorily indefensible endpoint [6].

  • Change control that treats firmware and algorithm updates as regulatory events—not IT tickets [1,2].

  • ALCOA++ data lineage mapped across every system in the data chain—from sensor to submission [7].

  • Vendor governance that extends to vigilance, change control, and audit readiness—not just SLAs and procurement terms [3,5].

  • Inspection-ready evidence maintained continuously—not assembled under pressure when an inspector’s notice lands [8].

"Digital-Ready" vs. "Regulator-Ready" — Comparison "DIGITAL-READY" vs. "REGULATOR-READY" The gap most sponsors don't see — until the inspector does DIMENSION ✗ "DIGITAL-READY" ✓ "REGULATOR-READY" Device Selection Vendor recommended it; commercially available Fit-for-purpose validated for endpoint + population Algorithm Oversight Treated as IT; black box tolerated Version-controlled, explainable, impact-assessed Change Control Firmware updates "managed" by vendor as IT tickets Every update documented as a scientific event Data Integrity ALCOA++ applied to EDC system only ALCOA++ enforced across full pipeline: sensor to submission Role Ownership CRO "handles it"; contracts specify deliverables Sponsor maps manufacturer, importer, data controller per market Inspection Readiness TMF has a device section; slides explain the rest End-to-end reconstruction possible without improvisation qointa | Closing the gap between digital ambition and regulatory reality Based on FDA DHT Guidance (2023), EU MDR 2017/745, ICH E6(R3), MHRA MDR 2002

The Wake-Up Call

The digital transformation of clinical trials is not in question. What is in question is whether sponsors’ governance has kept pace with their ambition.

Digital-ready means you have the tools. Regulator-ready means you can defend them.

In 2026, that distinction is not a nuance. It is the difference between a successful submission and a regulatory finding.

The question is not whether your organization uses digital health technologies. The question is: could you defend your digital strategy to an inspector—today?

References

  1. FDA. Digital Health Technologies for Remote Data Acquisition in Clinical Investigations. Guidance for Industry. 2023.

  2. FDA. Framework for the Use of Digital Health Technologies in Drug and Biological Product Development. 2023.

  3. European Commission. Regulation (EU) 2017/745 on Medical Devices (MDR). Brussels: EC; 2017.

  4. MHRA. UK Medical Devices Regulations 2002 (as amended post-Brexit). London: MHRA; 2023.

  5. ICH. E6(R3) Good Clinical Practice (Draft). International Council for Harmonisation; 2023.

  6. ISO 14971:2019. Medical Devices — Application of Risk Management to Medical Devices. Geneva: ISO; 2019.

  7. EMA. Computerised Systems and Electronic Data in Clinical Trials (Draft Guideline). Amsterdam: EMA; 2023.

  8. FDA. Data Integrity and Compliance With Drug CGMP. Guidance for Industry. 2018.

Rudiger Mees
Next

Navigating CE Marking and Global Compliance for DHTs in Clinical Trials