RAPS 2022 – Regulatory Affairs Obligations

What a joy to attend this premier regulatory affairs event in person, under the blue skies and 100F heat (!) in Phoenix, Arizona. This first face-to-face assembly in three years was jump started by a video message from the United States FDA Commissioner, Robert M. Califf, M.D.

Dr Califf discussed the role the FDA plays every single day in ensuring that
only safe and effective medical therapies are available to patients, care
givers, and clinicians. He spoke with great passion regarding the solemn responsibility
to protect the American public by the objective evaluation of scientific evidence.
He called upon the conference attendees for help: to please incorporate an obligation
for stopping the flow of misinformation detrimental to the health of the nation
and responsible for an insidious decline of public confidence in the Agency.

The Commissioner is correct that as regulatory affairs professionals we have
a duty of care to not only ensure the data submitted to the FDA for review is compliant but to also support the bipartisan conveyance of scientifically accurate information.

“Your best ideas on how to improve the system could have a significant
impact as we think about crafting regulatory policy in the face of opportunity
and risk.”

Let us use this time together as an opportunity to work towards
positive solutions for the benefit of the health authorities, industry,
healthcare professionals and of course our patients.

K Young

KimYoung@instem.com

Photo: Photo by Jacob Morrison on Unsplash

Data is the Key

A whopping 77% of the cost to develop a 510(k) medical device to market is spent on clinical research and the regulatory submission. This figure goes up to 80% for a device requiring a PMA.1

Much of that cost is a result of sponsors and medical device manufactures inadequately handling the required data.1

The medical device regulatory world is finally (yay!) moving into the 21st century with regards to electronic data transmission. Moving yes, albeit slowly.

The US FDA, way back in 20132, recognized and actually promoted the opinion that capturing data electronically would:

  • Eliminate unnecessary duplication of data
  • Reduce the possibility for transcription errors
  • Eliminate transcription of source data
  • Facilitate remote monitoring of data
  • Promote real-time access for data review
  • Facilitate the collection of accurate and complete data

Granted this particular guidance was focused on the transmission of clinical investigation data, the concept of efficient electronic data capture translates to all required regulatory submission data.

Effective, integrated, electronic Regulatory Information Management (RIM) remains in its infancy for most small and midsized medical device companies.

According to Gens & Associates latest survey3 of 76 organizations, (data comparison to 2020) RIM efficiency increased by only 17%. Health authority interactions secured the largest efficiency increase at 25%. The number of companies achieving real-time regulatory information increased from 37% to 43% in 2022, with a significant jump in affiliate access to global RIM systems moving up to 57%. Unfortunately, the survey uncovered a severe perceived lack of internal data confidence, with only 38% of the surveyed firms acknowledging a high confidence level.

The Drug Information Association (DIA) recently published version 2.0 of their Regulatory Information Management Whitepaper. The Reference Model4, as described in the 45-page document, is intended to “aid organizations in structuring the complex organizational, data, process, information, and workflow issues as they implement or upgrade their RIM systems.”

The DIA working group espouses the harmonization of definitions, processes and concepts as the ideal approach with which to produce a quantifiable increase in regulatory affairs efficiencies for the maximum impact.

Software vendors such as Instem, are developing electronic solutions in line with the evolving regulatory requirements and dynamic integration models. Successful RIM implementation will allow you and your team to:

  • Increase confidence in data quality
  • Access your data in real time
  • Increase operational performance
  • Improve decision making and strategy implementation activities
  • Decrease inefficiencies such as data revalidation
  • Increase speed and accuracy when responding to a regulation change

As described in the paragraphs above, many collaborative initiatives are on-going and more data is being generated to confirm multiple organizational benefits for industry, vendors, suppliers, health authorities and end-users when electronic RIM integration is implemented.

Get involved. Let’s work together to ensure the evolution of our regulatory affairs profession. You do not want your team and company to fall behind the RIM curve.

K Young

KimYoung@instem.com

  1. https://medicaldeviceevents.com/medical-device-conferences/save-costs-510k-pma/
  2. https://www.fda.gov/media/85183/download
  3. http://gens-associates.com/2022/07/11/are-rim-investments-resulting-in-better-operating-performance-and-business-value/
  4. https://www.diaglobal.org/en/resources/tools-and-downloads#RIM
  5. Photo by Alp Duran on Unsplash

MedTech Summit 2022

Just returned from an exciting, yet short (2 day) attendance at this year’s MedTech Summit held in Dublin on the Emerald Isle.

So fantastic to meet old friends in person coupled with the networking opportunities to build and create new acquaintances.

European Medical Device Regulations (Live Stream): Unfortunately,  I was only able to attend the conference for 2 out of the scheduled 5 days. However, those 2 days were jammed packed with content that was insightful, thought provoking, definitely educational and timely. Yes, we are still talking about how and when to manage compliance to the European medical device regulation…..

My top 10 key take-aways:

  1. There will not be an extension of the transition period for MDR compliance.
  2. The notified bodies are doing everything within their scope to increase competency and capacity.
  3. Industry needs to get their act together – incomplete submissions, GSPRs not created, lack of communication – not a pretty picture
  4. Keep track and do not miss the EUDAMED deadlines – if your data has not been transmitted in time, it may well mean products may be removed from EU market.
  5. Digitalisation and standardisation are the key to happiness for NB reviewers and will unlock the doors of successful certification for medical device manufacturers.
  6. Get your economic operators (importers, distributors, authorised representatives) into your regulatory and compliance loop.
  7. We still don’t want to talk about Brexit.
  8. MHRA will probably follow the Europe Commissions lead when updating from MDR 2002
  9. Lessons learnt are not being effectively communicated to all the key stakeholders.
  10. European patients may miss out on new innovations in the future.

Thank you to the speakers and organisers for a great conference and I look forward to further engagements 2023.

For those in attendance, I sincerely thank you for listening to my presentation on GSPR compliance. I do hope I provided you with useful information and tips for successful creation and life-cycle maintenance of this critical document.

As always, please drop me a message with your questions and/or comments.

KimYoung@instem.com

K Young

Rogue Waves

Currently reading a novel in which the antagonists were utilising technology to create rogue waves on demand. Not a very good read, but I have found the science fascinating. Rogue waves are unusually large, unpredictable and suddenly appearing surface waves that occur where multiple physical variations cause waves to merge to create a single exceptionally large wave.

The idea of a “rogue wave” was my first thought when I read the following request for advice from a medical device manufacturer marketing in Europe:

This medical device manufacturer has certainly been hit by a large and unpredicted dilemma as a culmination of a series of circumstances – requirement to comply with MDR, lack of resources at the notified body (NB), and certification expiring. One would hope that this situation would be a one off.

Ever since MDR 2017/745 entered into force, there have been those who predicted manufacturers would remove vital devices from the marketplace due to the more strenuous requirements and also NBs would struggle with the increase in demand. The one-year extension was seen as the panacea for the whole of the industry.

If the above situation is not indeed a single unpredicted rogue wave, then medical device manufacturers, notified bodies, EU economic operators and the rest of the key stake holders have a duty to come together and galvanise a targeted request to the European Commission for action. The EC has always declared that the MDR was drafted to ensure the availability of safe and effective medical devices for the European public. Expedience from the EC is now essential to advocate safe sailing and calm waters for medical device manufacturers to maintain compliance.

If you too have been hit by a rogue wave, thus hindering your journey to MDR compliance, please do not remain quiet. A collective voice is needed to guarantee these uncharted waters include safe havens.

K Young

KimYoung@instem.com

References:

Elemed

Team NB survey 2021 https://www.team-nb.org/wp-content/uploads/2022/05/Survey-2021-20220516-1.pdf

By Katsushika Hokusai – Metropolitan Museum of Art, online database: entry 45434, Public Domain, https://commons.wikimedia.org/w/index.php?curid=2798407

Theranos Loophole Explained

Last week, my son, a second-year university student reading microbiology, approached me very excited indeed. He had come across an article on his mobile news feed that was related to mum’s work! He asked, “This blood test described as inadequate and inaccurate, isn’t it a medical device?” Yes, I answered. “If it never worked effectively, how and why did the FDA approve it?” Son have a seat.

The new year began with the news that Elizabeth Homes, billionaire former CEO and founder of Theranos, was found guilty of wire fraud and conspiracy to commit wire fraud.

Theranos developed a diagnostic test, which the company claimed was able to perform a full range of clinical tests using very small blood samples drawn from a single finger stick.  The analyzer was publicly presented to investors, health professionals and patients with the ability to produce results that were more accurate and reliable than those yielded by conventional methods—all at a faster speed than previously possible. Brilliant, everyone said. The wealthy invested, health clinics wanted to partner and the famous were on the board of directors.

However, the criminal investigation revealed that CEO Holmes knew about accuracy and reliability problems, limitations for the number of tests performed, slow speed, and, overall, could not compete with more conventional technologies.  Evidence presented showed that Theranos’ ultimate solution was to utilize equipment bought from third parties to perform the blood testing. Certainly not the golden panacea as promised.

The term Laboratory Developed Test (LDT) is used to describe a certain class of in vitro diagnostics (IVDs) that are designed, manufactured, and used within a single laboratory, often in a hospital and are not distributed or sold to any other labs or health care facilities. Also note that any FDA-approved commercial test that is modified in any way by a testing lab is considered to be an LDT.

In the United States, LDTs are regulated under the Clinical Laboratory Improvements Amendments (CLIA) program. (For more information https://www.cdc.gov/clia/law-regulations.html)

LDTs are not centrally registered or tracked, therefore no one knows precisely how many are used, when and why they are used, or how their performance compares with FDA-reviewed diagnostics.

Oversight Comparison Table:

The above table illustrates a fragmented surveillance system, whereby tests are regulated according to where they are developed and used rather than their risk to patients and their outcomes.

Critics say the lack of FDA regulation is a loophole that allows laboratories to perform unproven tests with dubious claims. As per the Medical Device Amendment of 1976, LDTs were intended as limited exceptions to FDA medical device oversight as their application was to be generally low risk, short term for simple analysis.

Every year in the United States an estimated 3.3 billion in vitro diagnostic tests performed, impossible to determine how many are LDTs. Without oversight, LDTs can be high-risk and give the health care providers who rely on them inaccurate information which may potentially pose dangers to general public health via misdiagnoses.

As Theranos did not release the LDT test kit to the commercial market, the fraud remained safely under the FDA radar for many years.

“The FDA’s Office of Criminal Investigations (OCI) will continue to investigate and help bring to justice individuals and companies responsible for putting the public health at risk,” said FDA Assistant Commissioner for Criminal Investigations Catherine A. Hermsen in relation to the Theranos case.

In 2010, the FDA announced its intent to reconsider its policy of enforcement discretion for LDTs. But not much regulatory progress has been made since publication of an FDA discussion paper on 13 January 2017. The efforts to pass any stringent legislation has stalled and the fate of LDT regulation has met with opposition from various political and healthcare fractions and appears to have an uncertain future under the current administration.

So, darling son, the FDA did not approve the Theranos blood testing regime because current legislation does not require FDA review.

Next week: How IVDR legislation may close this legislative gap for the European market.

K Young

kimyoung@instem.com

References

Black Friday

Why is your regulatory data stored in regional silos?

Why is there a requirement for inter-departmental data requests?

Why does it take 3 days, 3 weeks, 3 months to find what you are looking for?

Why must the regulatory team triple check spreadsheets for data accuracy?

Why are weekly registration update meetings scheduled throughout your diary?

  • Data secreted into limited access, regional silos supports the notion that only those personnel in the region “understands” the data, knows where the data is located, and whether or not it is accurate. This is not an efficient or sustainable process, which may actually increase internal expenditures.
  • Whenever regulatory staff move on, you immediately lose access to your data history. Resource, already drained, is now allocated to rebuilding the historical knowledge back into those antiquated spreadsheets to repeat the cycle.
  • Take into consideration and analyse the value return on the salary earned by regulatory professionals performing rote administrative tasks. Automation definitely converts into the least expensive alternative.
  • You have designed your medical devices to provide life-enhancing products for patients across many years, data compliance is not an option.
  • When your organisation successfully maintains one Single-Place-of-TruthTM for your regulatory information, your limited resources are allocated to more value-added activities with the potential to increase revenue.

The speed in which medical device legislation is evolving is unprecedented. The challenges for regulatory compliance activities are further amplified due to the lack of globally harmonized efforts. The role of the regulatory professional in this new and complex data driven environment becomes even more critical.  Take the time to perform lessons learned in order to drill down to discover the legitimate causes of missed submission targets and renewal deadlines, miscommunications with health authorities and regulatory staff turnover.

How can you continue to expect regulatory teams be responsible and accountable when they are unsure, uncertain, unaware and unsupported?

The realization of your innovative product development and continuation of a successful revenue stream depends on the competency of your global and regional regulatory teams. Are you sure your RA teams have all the necessary tools at their disposal?

Let’s talk.

K Young

kimyoung@instem.com

Photo by Tamanna Rumee on Unsplash

Eye of the MDR Storm

It feels very quiet in the medical device world. The quiet makes me ponder how all concerned parties (and there are many) are managing MDR compliance activities. It is not possible for all medical device products on the EU market to have a MDD certificate valid until 2024, therefore there must be a beehive of activity.

Across social media, regulatory associations and the World-Wide-Web, there remain promotions for a variety of free and fee-paid webinars, training sessions and consultative advice on how to interpret and interact within and around the regulation. A ground-breaking regulation that has been in effect for four years and in application of compliance for the past three months.

The European Commission, together with the Medical Device Coordination Group, continue to drip feed guidance to the medical device industry in an apparent act to convey what they actually meant when the regulation was written. No one outside the EC knows when a newly published guidance will require a 180 degree turnaround from their fundamental, resource intensive, costly and target driven plans.

However; the following predictions for an apocalyptic melt down of the medical device industry has not (yet) come to fruition:

  • Multiple device manufacturers closing up shop
  • Critical life-saving products snatched from the hands of EU healthcare professionals thus risking patient health
  • Products removed from the marketplace due to expiring certification and not enough notified bodies for conformity assessments
  • Number of importers decreasing and costs rising due to increased liabilities
  • Transferring initial registration targets to the US, thus stifling product innovation within Europe and depriving the EU population of new state of the art devices
  • And of course, one must mention Brexit, GB and Northern Ireland….

The module on UDI/device registration (second module) and the module on Certificates and Notified Bodies (third module) will become available in September 2021 (except for the mechanism for scrutiny and the clinical evaluation consultation procedure functionalities). Based upon roll out of the actor module, activation of the second and third modules is not anticipated to go very smoothly.

Were these doomsday prophecies falsely promoted by hand-wringing pessimists or are they yet to materialise to wreak havoc?

If you have an opinion to share on the state of play for the MDR or other legislation, I would love to hear from you.

For those of you who remain unsure as how to manage the globally required increase in data management efficiencies, regulatory operational support for compliance is just a click away at www.instem.com.

Do not get swept away in silence, we are here to assist you and provide a warm and welcoming shelter from the storm.

K Young

Actor ID v SRN

The actor module for EUDAMED was released live on 01 December 2020. In advance of this date, the European Commission (EC) provided the medical device industry with a 60 page Actor Registration Guide illustrating the required data entry methodology. Since December, the EC and Medical Device Coordination Group (MDCG) have issued various FAQs, position papers and infographics to further explain the functionality and define terms necessary for those economic operators obligated to upload data into the EUDAMED system.

Seven months after the actor module deployment (and 18 months following the original date of full EUDAMED deployment) the medical device industry remains confused. Our friends at the MDCG have posted guidance MDCG 2021-13 rev.1 July 2021 in the effort to deliver additional clarification on the obligations and rules for the registration in EUDAMED, in this instance, for the “other” actors.

Actor ID: is the identifier issued to all actors registered in EUDAMED for their identification in the system. It will be automatically generated by EUDAMED and issued once the registration request is approved by the relevant competent authority.

SRN: is the Single Registration Number that is issued through EUDAMED to manufacturers, authorised representatives and importers by the competent authority.

The actor registration request for any manufacturer, authorised representative, importer or a system/procedure pack producer must be verified and approved by a competent authority.

It must be noted, if an actor entity subsequently takes on the role and obligations of a manufacturer, Authorised Representative or importer of a non-custom-made MDR device, the Actor ID will then be considered as an SRN.

System and Procedure Pack Producers (SPPP)

Before placing a system or procedure pack on the market, the legal person responsible has an obligation to assign a Basic UDI-DI to be provided to the UDI database. In order to fulfil this obligation and before placing the system or procedure pack on the market, the SPPP must be registered in EUDAMED (deadline 6 months after notice of full EUDAMED functionality). Registered SPPPs are assigned an Actor ID.

The continued ambiguity, for what should be a straight-forward process data entry for the actor registration module, does not bode well for a smooth roll out for the remaining EUDAMED modules.

We trust many more clarification documents for EUDAMED and MDR compliance will be forthcoming from the EC Commission and Medical Device Coordination Group to support industry’s drive to retain and obtain the marketing status of life-enhancing devices for the European population.

Please feel free to contact me if you have any additional questions – I am available to help

KimYoung@instem.com

K Young

References

MDCG 2021-13 rev.1

MDCG Endorsed Documents and Guidance

Actor Roles Infographic

Actor Module FAQs

Legacy Device Challenges


Ok, so 26 May 2021 has come and gone. To date, no horsemen of the apocalypse or world annihilating meteor strike has befallen the medical device industry. However, the continued management of MDD legacy device data is an altogether different cataclysm.

According to the European Commission (EC), Legacy Devices are defined as         Medical Devices, Active Implantable Medical Devices and In Vitro Diagnostic Medical Devices that are covered by a valid certificate issued in accordance with Directive 93/42/EEC, Directive 90/385/EEC or Directive 98/79/EC and that continue to be placed on the market after the date of application of Regulation (EU) 2017/745 (MDR) or Regulation 2017/746 (IVDR).                 It must be noted that this definition DOES NOT apply to Class I devices that are not sterile or with a measuring function as these devices did not require notified body certification.

As Class I sterile and those Class I with a measuring function are not considered legacy devices, application of a transition period does not apply and therefore immediate and complete MDR compliance is necessary for continued marketing.

Legacy devices with applicable directive certification may legally remain on the European market until:

  • The device undergoes a significant change in design or intended use thus requiring compliance to MDR legislation; or
  • 26 May 2024 provided no significant changes and the MDD/AIMDD/IVDD certificate remains valid

Legacy devices must be registered in EUDAMED if:

  • A post-market surveillance and/or a vigilance report ensues; or
  • By the end of the transition period applicable for device registration, if no equivalent MDR or IVDR device is registered in EUDAMED

Eighteen months ago, the EC issued guidance to describe how legacy devices will be identified in EUDAMED without entering the MDR obligatory Basic UDI.

An identification element EUDAMED DI (the equivalent of the Basic UDI-DI) will be required. The EUDAMED ID will be automatically and fully generated by EUDAMED from the EUDAMED DI, in case a UDI-DI is not assigned to the device. The EUDAMED ID corresponds to the UDI-DI. The EUDAMED ID is a virtual Device Identifier. It exists to keep the structure and format homogeneous for the registration of devices in EUDAMED. It is not applied on labels. The Legacy Device will therefore have the following identification elements: a EUDAMED DI (generated based on the UDI-DI) and a UDI-DI (assigned by the manufacturer). Easily understood??

For those medical device companies waiting until the last possible moment to implement an approach for MDR compliance for their 1000s of legacy devices (for example; CE certificate expiry in 2 years or no changes planned) remember you must be fully prepared for any EUDAMED post-market surveillance and/or a vigilance reporting activity. Once EUDAMED goes live, all medical device serious incidents must be captured in the database, legacy or MDR certified.

Regulatory affairs teams, and those responsible for EUDAMED data transmission, will need to be included in the post-market surveillance team process to guarantee that the applicable data is collected and transmitted within the appropriate timeframes. Failure transmit the data in a timely manner risks non-compliance.

The date of application has passed. The medical device industry did not spontaneously implode. However, do not become complacent when executing the mandatory, on-going and resource intensive activities essential to keep life enhancing products on the European market.

Supporting your regulatory affairs teams by providing the appropriate data capture tools before MDR compliance crunch time, will ensure greater a efficiency, increase in consistency and a significant reduction in human errors.

More to come…

KimYoung@instem.com

K Young

References:

https://eu-udi.zendesk.com/hc/en-150/articles/360019389377-What-about-Legacy-devices-

https://ec.europa.eu/docsroom/documents/34921

MDR: New Beginning

The beginning is the most important part of the work” – Plato

Exhale. The regulatory affairs team has successfully managed to bring the required portfolio data into a state of compliance to meet the portentous date, 26 May 2021. Surely the cross-functional teams and key stakeholders have celebrated the end of the programme and are now ready to move on to the next business target.

Stop, right, there.

The difficult work is just starting. The act of maintaining MDR compliance now represents one of the biggest challenges for Medical Device companies entering or continuing business in the European market. Survival dictates establishment of a sustainable MDR continuation plan for successful and long-term business stability.

Maintaining company awareness that compliance to the MDR “is not just for Christmas” is critical.

Preparation for a stable continuity plan entails bringing together internal and external stakeholders across the entire device supply chain to ensure the correct communications and data infrastructure are utilised. Regulatory affairs teams will need to implement effective delivery methods for continued company-wide information exchanges and to track on-going progress and processes. The usual workarounds and patchy gap filling process will eventually become not fit for purpose.

As with most change, compliance to MDR will cause major disruptions, possibly cause significant increases in internal spending, resulting in a possible reduction in product revenue potential and reduce availability of investments in R&D. Senior management decision makers must allow regulatory affairs teams to engage in approaches to minimise the possible negative effects attributed to conformity to the regulations.

MDR is pushing medical device companies, their regulatory teams and supply chain partners to actively embrace integrated solutions for effective data access, visibility, management and governance. Innovative digital technologies can support the newly implemented regulatory requirements for increased data volume and speed of data transmission whilst maintaining data integrity. When software solutions are implemented, costs are decreased as regulatory professionals are able to apply their skills and knowledge to developing regulatory strategy and other significant value-adding activities rather than completing rote data administrative tasks.

MDR has shifted the legislative enforcement spotlight from approvals to encompassing the entire medical device life-cycle management as a means to engender increased device safety, effectiveness and transparency throughout the European medical device market. Integrated solutions will support industry in meeting those requirements for greater transparency, identification, traceability though to continuous postmarket surveillance.

It is clear from monitoring the association websites, guidelines, conferences and social media, that all European medical device industry players — manufacturers, NBs, PRRCs, ARs, importers, distributors— must invest heavily in their respective application of the new regulations, or risk considerable financial and competitive losses.

“The secret to change is to focus all of your energy, not on fighting the old, but on building the new.” -Socrates

KimYoung@instem.com

K Young