Does anyone have knowledge of or links to information related to US regulations on use of an cloud-based SaMD cleared in the USA and used in the USA but processing data for non-USA patients? It doesn't appear that HIPAA prevents this, there are a few FAQ questions on their site that acknowledge this sort of situation.
I am being asked about this kind of use for countries that do not seem to have any prohibitions on residency of their data or use of an SaMD that is not within their borders. I'd like to make sure that in addition to no prohibitions in their countries that there isn't an issue in the USA either.
I am being asked about this kind of use for countries that do not seem to have any prohibitions on residency of their data or use of an SaMD that is not within their borders. I'd like to make sure that in addition to no prohibitions in their countries that there isn't an issue in the USA either.