Digital therapeutic (DTx) for post-stroke rehabilitation

About the project

1 in 4 people over 25 will go through a stroke, and about 50% of stroke survivors end up having cognitive deficits – many of which will remain undetected and/or untreated.

Seeing this problem, ABAStroke, came up with an idea which could revolutionise the neurorehabilitation market – a digital therapeutic application (DTx) for at-home rehabilitation of post-stroke cognitive deficits.

To achieve their goal, they would use Applied Behaviour Analysis (ABA) methodology and subject-matter specialists’ expertise, supported by machine learning algorithms, to create an individualised therapeutic path for each user.

What did our client need?

In 2021, ABA Stroke received funding from the Polish National Centre for Research and Development. Having breakthrough ideas, specialists’ expertise, chosen methodology, and necessary funds, they were looking for a software company which would:

• be experienced in developing mobile apps,

• feel comfortable while working with machine learning solutions,

• ensure quality and security requirements are met,

• prepare documentation demanded by the Medical Device Regulation to certify the product as IIa class Medical Device.

The goal was to create a digital therapeutic for post-stroke rehabilitation in the form of a mobile app. The solution would address different types of cognitive deficits (e.g., semantic memory, visual gnosis) with exercises tailored to the individual needs of each patient.

How did we approach the project? 

ABA Stroke kicked off the collaboration with their doctors. They introduced us (and the external UX/UI and machine learning teams) to the real needs of stroke patients. From there, we worked side by side with all teams:

• the medical team defined exercise requirements for specific cognitive deficit,

• the UX/UI team translated them into Figma wireframes,

• the ML team trained the engine accordingly,

• and our development team built subsequent elements of the app.

Each exercise type (or “engine variant”) was completed in this cycle before moving to the next. Once half of the engine variants were ready, we began collaborating with a UX team on the gamification module of the app.

From machine learning to gamification 

When working on the ABA Stroke app, we were responsible for several tasks which made the app unique in the market and scalable for further development.

• Machine learning integration
  The app was based on a machine learning engine that assessed the patient's cognitive deficits and adjusted the difficulty level of exercises to their state. Our task was to implement this engine into the app so that it worked correctly, providing patients with various exercises tailored to their needs.

• Gamification for the patients
  An essential element we worked on was gamification. After each completed exercise, the patient filled up a 'reinforcement bar’. When it was full, they received ABA coins, which they could use to purchase items from the rewards catalogue.
  
  We also introduced a feature of a long-term statistics system, which allowed patients to see their progress throughout the rehabilitation plan in specific areas.

• Modularity and scalability
  The system was built as a modular and cross-platform solution. We ensured consistent performance across operating systems – making the app available for Android and iOS. Also, backend modules (such as the machine learning engine) can be easily swapped or updated, offering flexibility to the client.

Technology and cybersecurity in digital therapeutics

When developing the app, we knew we had to keep patient privacy in mind. To achieve this, we utilised industry-standard cybersecurity measures. In addition, we had to ensure that the app functioned smoothly, enabling numerous users to undergo treatment. 

• Technology stack
  We utilised AWS Cloud, taking advantage of its robust security features and scalable architecture. We've also worked with technologies such as Python, TypeScript, React Native, Docker, and PostgreSQL. In addition, we have ensured compliance with the requirements of Google Play and Apple Store platforms.

• Multi-layer encryption and anonymity
  We applied encryption at multiple levels to ensure data security. It included encryption in transit, covering data transferred over networks (such as Wi-Fi), and encryption at rest, securing data stored on devices and servers. Also, we provided anonymity of the patients through making the only form of identification a key – a sequence of characters that allows the patient to log in.

• Security verification in line with OWASP and SSDLC
  When designing the solution for ABA Stroke, we developed it like OWASP guidelines suggest, including MASVS (Mobile Application Security Verification Standard). Also, we've followed the SSLDC (Secure Software Development Life Cycle) framework. Thanks to this, we could identify and mitigate security vulnerabilities and threats in our development process.
  
  To verify the integrity of our security measures, by the end of the development we underwent a cybersecurity audit conducted by an external company, which did not report any significant issues regarding the security of the application.

• Performance tests of the app
  We also conducted performance tests to examine the system's limitations regarding the number of patients it can handle. As a result, we could find the system's weak points and increase its performance.

Ensuring compliance with regulatory requirements

From the beginning, ABA Stroke wanted their app to be a prescription drug. Introducing such a solution to the European market requires detailed work. That is why we developed the app in compliance with MDR and other related standards.

• Requirements and standards followed
  While working on the ABA Stroke project, we complied with all the necessary standards related to SaMD – Medical Device Regulation, IEC 62304, IEC 62366, IEC 82304, and ISO 14971. Cooperating with DevGoMed (consulting partner for regulatory affairs in medical device development), we’ve helped ABA Stroke implement a QMS system based on ISO 13485, prepare final technical files for CE certification and assist during the audit by notified body.

• Risk management
  We coordinated regular, once-per-sprint meetings during which we conducted risk analysis as stated in ISO 14971. These sessions were attended not only by our developers, but also by ABA Stroke experts and their UX team. This way, we could identify and address all the potential hazards.

• App maintenance through clinical trials
  During the ABA Stroke clinical trials at The University Hospital in Krakow, we maintained the application and responded to all needs that arose throughout the process.
  As of the results, we are proud to share that the report showed an 84% greater improvement among patients using the ABA Stroke app than the control group, as analysed through MoCA (Montreal Cognitive Assessment).

• Navigating global regulations with MDSAP
  ABA Stroke is eager to offer its product to as many patients as possible. That is why we prepared them for an audit under the MDSAP – Medical Device Single Audit Programme. This method will meet many relevant requirements of the regulatory authorities participating in the program through a single audit, and more importantly, it will expand the number of countries in which our client can operate.

• Post-market critical supplier
  Our cooperation doesn't end with ABA Stroke passing the audit. We are ready to maintain their digital therapeutic for post-stroke rehabilitation and support them in the regulatory process to achieve further goals, such as obtaining DiGA status.

Project’s team

ABA Stroke assembled a team of experts. At Revolve Healthcare, we formed a development and regulatory team to build the mobile app in line with MDR. We also collaborated with external machine learning, UX/UI, and medical teams.

We held regular cross-team meetings to share progress, while the medical team ensured the app met stroke patients' needs. Additionally, one-on-one meetings between teams (e.g. developers and ML or UX/UI) helped us align priorities, solve issues quickly, and fine-tune our work.

What we delivered?

• Mobile app with exercise engines

• Multi-element patient gamification system

• Industry-standard cybersecurity

• Consultations on how to run projects in compliance with MDR and ISO 13485

• ISO 13485 implementation

• Documentation of the software design and development process according to the MDR and MDSAP requirements

We are currently assisting ABAStroke in the process of certifying their digital therapeutic for post-stroke rehabilitation on the European market, the audit results are positive with no nonconformities and we are waiting for final technical files approval.

In addition, we are starting cooperation with them on an AI-based digital therapeutic to support people with dementia.