Blogs

RIM

Selecting a RIM system for your medical device company

By

Wendy Levine

June 15, 2023

4 min read

Software for medical device regulatory teams

Many regulatory affairs (RA) teams within medical device organizations are still managing their activities through spreadsheets, in-house custom-built software, or systems designed for other purposes. We believe that regulatory teams deserve purpose-built software that allows them to ensure compliance across products and markets, and provides them with the opportunity to contribute directly to revenue-driving activities.  

Regulatory Information Management (RIM) solutions provide the centralized regulatory functionality needed by today’s RA teams. RIM solutions such as Rimsys are product-centric, allowing regulatory professionals to track all product-specific information and then create market submissions, link standards and essential principles, manage registrations by product by market, and control all regulatory approvals and projects. However, not all RIM solutions are created equal. If you have complex products, devices that include software, or other requirements that not all medical device companies will have, be sure to carefully evaluate potential systems for their ability to address those needs.

Justifying the need for RIM

Any software selection project begins with analyzing the need for the new software, creating a justification for the project, and obtaining the approval and budget to move forward. RIM solutions will allow your RA team to find information more quickly and operate more efficiently, which means that justification for a new RIM system typically comes from four areas:

  1. Cost savings – RA teams can operate more efficiently, reducing the need for outside consultants or contractors and enabling new RA team members to onboard more quickly. Better information also allows RA teams to better forecast projects in order to optimize the internal team size.  
  1. Reduced regulatory risk – A centralized RIM system reduces multiple risks, including missing an expiration date or supplying incorrect information to a regulatory body. Even a small misstep can cause an audit finding, removal of a product from a market, or a delay in entering a new market.  
  1. Improved competitive advantage – RIM systems significantly reduce the time that RA teams spend finding data and reacting to last-minute “emergency” requests. This advantage allows the team to drive competitive advantages and greater revenue growth through participation in market planning, product roll-out decisions, and other strategic planning. One Rimsys customer was able to improve the time for a product release by 88%. By increasing speed to market, medtech companies can recognize revenue sooner and capture more market share more quickly.  
  1. Data harmonization – Medtech companies dealing with duplicated data and systems due to mergers or acquisitions can point to a centralized RIM system as a way to harmonize important regulatory data to ensure compliance and optimize go-to-market activities.

You will likely need to develop a comprehensive business case to support any RIM investment. This will include detailing the limitations of current approaches (including spreadsheets and costs to maintain in-house systems), quantifying the expected benefits, and explaining the evaluation process to arrive at your preferred vendor. Building this as you work through the early stages of RIM selection will prevent delays as you move into the purchase process.

Should I use external consultants to help with RIM selection?

RIM selection projects are sometimes managed by in-house teams and sometimes managed by 3rd-party consultants. How do you decide which is right for your selection project?

Does your team have experience with large system selection projects?

If your organization has a large IT team and/or digital transformation team, they likely have the responsibility of overseeing the selection of any new software systems. Be sure to understand their capabilities – have members of the team managed large system selection projects before, such as ERP or PLM selections? The regulatory team and others within the organization can provide subject matter expertise, but you will be relying on the technical team to oversee the project, define requirements, help set a budget, and more.  

If the right level of expertise does not exist within your organization, an outside consultant with medical device regulatory experience and with business system selection projects should be considered. This type of consultant can be extremely helpful during the system implementation and adoption phase of the project as well.

Does our team have the bandwidth to manage a RIM selection project?

Even if your organization has an internal team with the expertise to manage a RIM selection project, they may not have the time to do so within the desired project timeframe. In this case, an external consultant can augment your existing team to get the project completed as required.

Do we need a new perspective?

Selecting a RIM solution is as much about digital transformation and process optimization as it is about ensuring you find a system with the right features. Do you have a vision of where you want the RA team to be? Have you looked at the characteristics of top-performing RA teams? If you think you might need a new perspective and an outside voice, an outside consultant may be the right choice for your project.

RIM selection project steps

Once you have determined the need for a RIM system, a selection project should include the following major steps:

Build the selection team  

Put together a core selection team that consists of:

  1. A project leader that is typically at a manager level or above within the organization and comes from the regulatory or IT teams.
  1. An executive sponsor who may not participate in all aspects of the project, but who will ensure that resources are made available to the team as needed and that the project is kept on track and is aligned with overall company goals.
  1. IT team member(s) who will provide feedback on technical system requirements, including security and data privacy, and will support customization and integration discussions.  
  1. Subject matter experts representing each department and team who will be using or interacting with the software.

You will add team members once you begin to implement the system, but selection teams typically consist of fewer than 10 members.

Determine requirements and selection criteria  

One of the primary responsibilities of the selection team is to define the requirements for the new system, and the criteria on which systems will be judged. Requirements usually fall into multiple categories, including:

  1. Business requirements – These are broad requirements based on business needs. They will typically answer the question “Why do we need a RIM system?” For example, reducing the administrative burden on the regulatory team with functionality that allows the team to track registration expiration dates, create submission dossiers, and quickly report on registration status by product and market. Include project timeline and budgetary constraints here as well.
  1. Functional or user requirements – Functional requirements are a more detailed list of specific functions that users will need to perform in the system. For example, the ability to link standards to essential principles, manage multiple approvals for submission documents, or track UDI product data. DO include requirements that are essential for users to complete their work within your defined quality procedures. DO NOT include requirements that are unnecessarily specific (ex: the product description must contain at least 50 characters) or are so common that all systems will meet the requirement (ex: there must be a product number and description in the product record).    
  1. System and technical requirements – Your IT team may already have a list of the overall technical requirements that all software must meet within your organization. These will likely include data security requirements and features that support system validation. Include any specific requirements regarding system availability, upgrade management, and technical support guarantees. See SaaS 101 for medtech regulatory professionals for a list of questions that you should ask a SaaS solution provider. Also include here any procurement requirements that your organization has, such as insurance requirements.
  1. Vendor resources and vision – You want to work with a vendor that shares your vision, not only for this system implementation but also for future growth. Evaluate each vendor’s product roadmap and plans for innovation against your organization’s digital transformation plans for the next 2-5 years. Does the vendor share your vision? Do they have the resources to support your organization and that future vision?

Establish project goals and timelines

Establish project goals and an overall project timeline. Is there a hard deadline by which the system needs to be live? What are the goals and metrics with which the success of the project will be measured? Be sure to get written agreement from the project team and executive team on the goals, timeline, and how the information will be reported.

Research RIM vendors (build your initial list)

If you are working with an experienced regulatory consultant, they may be able to get you to your short list without this step. However, if you are unsure of which systems may meet your needs, begin by:

  • Researching Regulatory Information Management systems online.
  • Talking to other regulatory professionals for suggestions and referrals.
  • Consulting with industry analysts. Gartner's annual RIM market guide, and Gens & Associates World Class RIM report both provide an overview of RIM vendors. (Note, however, that both include both pharma and medtech-focused solutions within their respective guides.)

Build vendor short list

Based on the information gathered in the previous step, you should be able to create a short list of two to six vendors. This may require short conversations with prospective vendors, but you should have your short list before you schedule product demos and/or send out a request for proposal (RFP).

Tip: If you communicate with vendors that don’t make your short list, let them know so that they don’t continue to contact you!

Evaluate vendor capabilities  

This part of the project varies greatly from company to company, but your process should ensure that all of your stated requirements are being evaluated against each vendor’s capabilities. Not all team members need to evaluate all requirements – individuals should be assigned based on their understanding of the area being evaluated. The same people, however, should evaluate the same requirements across all vendors to ensure a fair comparison.

If your organization requires an RFI (request for information) or RFP (request for proposal), those need to be compiled and sent to the vendors as the starting point for vendor evaluations. These documents allow your team to gather the same information from all vendors. Put simply, these are documents that list your requirements and ask the vendors to indicate if they address them natively within their software, through third-party integrations, or not at all. Our RIM Buyer’s Guide provides a template that can be used as a starting point.

Whatever your evaluation process looks like, your team needs to see the software. For systems as large as RIM solutions, you may need multiple demonstrations with the vendor and your team. Work with the vendor to determine how the process will work, but typically you will have an overview demonstration and then separately schedule individual sessions, if they are needed, to cover specific features or answer additional questions. While everyone on the evaluation team should attend the initial demo, additional sessions should be scheduled only when needed and only with those team members required. The following can help ensure a smooth process:

  • Communicate clearly to your team what they are responsible for during the demo. Who is taking notes? Are different team members responsible for evaluating features in different areas of the software?
  • Set expectations with the vendor ahead of time and maintain control of the demo agenda. The software vendor will know what sequence works best for their product, and you should allow them to guide you. However, you will want to steer them away from spending too much time on features that are not important to your team.  
  • Ask the vendor to keep track of unanswered questions or features that you were unable to see. The vendor should be expected to follow-up on these items.

Rate and rank vendors

Using your requirements list, each vendor should be rated for each requirement. Require vendors to clearly indicate if a requirement is met “out of the box,” requires custom development work, or is not supported at all. Consider a scale of 0-5, with 0 being a feature the vendor does not support. Multiplying the rank by the importance of the feature (3 – Critical to have, 2- Important to have, 1- Nice to have), will give you a good picture of where each vendor ranks.

RIM user requirement template

There should be some subjective items that are used in rating, also, such as how easy you believe the vendor will be to work with. Once the vendors are rated, the team should meet to discuss differences between team members' ratings and then to agree on where each vendor ranks. It is important that all requirements are considered and weighed appropriately while ranking vendors. For example, selecting the system with the best price may leave you with a vendor that doesn’t have the resources to support your implementation.  

Negotiate and purchase

Hopefully, you will be able to successfully (and quickly) negotiate with your top-ranked vendor. However, it does sometimes happen that an agreement cannot be reached with the initial vendor for reasons that may include pricing adjustments or unexpected changes to the availability of their resources. In this case, you will need to move on to your second choice.

For more information on specific criteria for purchasing a RIM system, read our RIM Buyer’s Guide.

Featured

Rimsys Announces Rimsys AI to Eliminate Repetitive Tasks and Enhance Decision-Making for MedTech Regulatory Teams

Rimsys, the leading Regulatory Information Management (RIM) platform for the MedTech industry, today announced the launch of Rimsys AI, a suite of embedded artificial intelligence (AI) agents.

Similar posts

How Smith & Nephew Repositioned Regulatory as a Strategic Commercial Partner

MedTech

RIM

How Smith & Nephew Repositioned Regulatory as a Strategic Commercial Partner

By

Caroline La

May 28, 2026

4 min read

Smith & Nephew is a global medical device manufacturerwith a broad portfolio spanning orthopedics, sports medicine, and woundmanagement, sold and registered across markets worldwide. Before Rimsys,regulatory data was scattered across spreadsheets, shared drives, anddisconnected systems.

When Smith & Nephew selected Rimsys, they deployed itenterprise-wide from day one. Executive reporting moved from manual fire drillsto real-time dashboards. Change impact assessments became faster and moreconsistent. The regulatory team made the shift from reactive compliancefunction to strategic partner to the business.

The Challenge

Regulatory data at Smith & Nephew lived in multiplespreadsheets, shared drives, SharePoint sites, emails, and disconnectedsystems. Without a centralized record, the team could not reliably trackregistration timelines, measure on-time submissions, assess change impacts, orunderstand the downstream impact of product changes across markets. Preparingexecutive reporting meant manually assembling data from multiple sources, aprocess that consumed time and introduced risk each time.

The Solution

Smith & Nephew selected Rimsys for its configurable, notcustomized, platform: an intuitive user interface, centralized submissionmanagement, robust metrics, change assessment capabilities, and UDI supportwith machine-to-machine transmission. Rimsys’ interconnected modulearchitecture linked products, registrations, projects, change assessments, andUDI in a centralized location.

Rather than piloting in one business unit, Smith &Nephew deployed Rimsys across the entire regulatory organization from day one.The decision was deliberate: a partial deployment would have preserved thefragmentation. Enterprise-wide adoption established consistent metrics,standardized processes, and a single source of truth from the start.

The Results

Executive and board reporting, previously built from manualdata pulls, now flows directly from Rimsys in real time. What had been adisruptive, recurring effort is now a routine view. Leadership has thevisibility to make faster, more confident decisions, and the regulatory team isno longer pulled into reporting fire drills.

Change management has also been transformed. Direct linkagebetween products, registrations, and projects means impact assessments arefaster and less dependent on individual knowledge. UDI operations havesimilarly improved: machine-to-machine transmission has reduced manual uploadsand centralized DI record visibility supports global UDI requirements.

The most significant shift is strategic. With centralizedregulatory intelligence and real-time data, Smith & Nephew’s regulatoryteam now actively supports commercial planning: informing budget cycles,guiding renewal and launch sequencing, and advising on regulatory pathways toaccelerate market entry. Regulatory is no longer a downstream compliancefunction. It is a business partner.

Smith & Nephew now runs four modules across its RIM operation:

  • Registrations— Centralized license tracking across 250 countries and 30+ business units
  • Change Assessments— Direct product-registration linkage for faster, consistent impact assessments
  • Executive Reports— Real-time dashboards replacing manual data pulls and board reporting fire drills
  • UDI— Machine-to-machine transmission reducing manual uploads across global markets

Take this to your team

If you’re evaluating how to modernize RIM operations at scale, the Smith & Nephew case study is a practical reference to share internally. It covers the full implementation story, module breakdown, and results data in a format built for stakeholder conversations.

Download the Case Study

MedTech

RIM

How Philips Scaled Active Product Registrations More Than 20x

By

Caroline La

May 21, 2026

4 min read

Philips Healthcare operates one of the largest regulatory portfolios in global MedTech: products registered across 250 countries, with a footprint that grows with every acquisition. Before Rimsys, that complexity was managed through email and spreadsheets. Submission packages moved through inboxes with no audit trail, no performance data, and no reliable view of where products were authorized to ship.

Philips selected Rimsys in 2022 as the enterprise RIM platform to bring regulatory order to that complexity. Since go-live, active product registrations have scaled more than 20x, user adoption has doubled in the last six months, and the regulatory affairs function now operates from a single source of truth spanning the entire enterprise.

The Challenge

Without structured data, Philips could not measure regulatory performance, track license expiration across the portfolio, or identify where submission work was stalling. Every acquisition made it worse: incoming business units arrived with their own workflows and systems, absorbing more fragmentation rather than resolving it.

The Solution

Philips evaluated multiple platforms against requirements built with both market-facing and business regulatory affairs teams. Rimsys won on two dimensions: an interface that made complex product and registration data immediately visible, and more enterprise-ready features than competing platforms at the right price point.

Philips went live with Rimsys Registrations and Submissions modules in July 2022. The team deployed platform experts for train-the-trainer sessions and launched regular drop-in sessions where users could ask questions and surface issues. Standing up a dedicated Regulatory Operations team focused exclusively on rest-of-world registration accelerated adoption further.

When an early business unit pushed back on workflow efficiency, Philips and Rimsys worked through it together. A hands-on process walkthrough identified exactly what needed to change, a resolution plan was shared, and that transparency and collaboration became the foundation for sustained user buy-in across the enterprise.

The Results

Since go-live, Philips has scaled active product registrations more than 20x, with further growth already underway. What started as a single deployment now spans 30+ business units across 250 countries, with Rimsys serving as the single source of truth for regulatory data across the enterprise, including businesses acquired since implementation.

For the first time, Philips can measure its own regulatory performance. KPIs flow directly from the platform, giving leadership real-time visibility into registration health. When anomalies surface, they drive data correction and user training, closing gaps that previously went undetected until they affected revenue.

Now with Rimsys AI-assisted Submissions and Regulatory Intelligence now in use, Philips expects to accelerate further: reducing administrative burden so skilled regulatory professionals can focus on strategy.

Philips now runs four modules across its RIM operation:

  • Registrations— Centralized license tracking across 250 countries and 30+ business units
  • Submissions— AI-assisted submission workflows replacing email-based package management
  • Intelligence— Real-time KPI dashboards giving leadership visibility into registration health
  • Standards— Essential Principles and standards tracking aligned to global market requirements

Take this to your team

If you’re evaluating how to modernize RIM operations at scale, the Philips Healthcare case study is a practical reference to share internally. It covers the full implementation story, module breakdown, and results data in a format built for stakeholder conversations.

Download the Case Study

AI

RIM

UDI

EUDAMED

MedTech

What RAPS Euro Convergence 2026 Told Us About the Future of MedTech Regulation

By

Caroline La

May 12, 2026

4 min read

Last week, the MedTech regulatory community gathered in Lisbon for RAPS Euro Convergence 2026: nearly 100 sessions, hundreds of professionals, and one overriding theme: transformation.The European regulatory landscape is shifting faster than it has in two decades, and the pressure is on every RA team to keep pace.

We were there. And here is what we took away.

The Dominant Signal: Change Is Accelerating

For MedTech manufacturers, the immediate reality is demanding. MDR 2.0 is advancing. The EU AI Act is creating new compliance obligations for software-enabled devices. EUDAMED continues to mature. And teams are being asked to absorb all of this while still meeting existing registration and renewal deadlines.

The practical implication is clear: RA functions that rely on manual tracking, disconnected spreadsheets, and tribal knowledge are being outrun by the pace of change. Across the industry, teams are moving from talking about AI to actively experimenting with it, using it to handle the volume and complexity that manual processes simply cannot absorb. The teams emerging as strategic forces are the ones who have connected, real-time regulatory infrastructure and are putting AI to work within it.

AI Is No Longer Optional Thinking

The conversation at Euro Convergence made one thing clear: AI has moved from future-state to present-tense. Regulatory professionals were encouraged to embrace AI while maintainingaccountability for the outcome and challenging the algorithms.

" Our role is to make sure that the AI does the right interpretations appropriate to our products, to our business."

— João Martins, Director of Regulatory Affairs at Abbott at RAPS Euro Convergence 2026 Opening Plenary

That framing resonates deeply with how we have built AI into Rimsys. The goal was never to replace regulatory judgment; it is to amplify it. Rimsys AI is domain-specific, built on the regulatory data structures and logic that reflect real-world requirements, country-specific nuances, and product context. It proposes, analyzes, and alerts. Your team reviews, approves, and decides.

For teams that are ready to accelerate, Rimsys AI accelerates regulatory intelligence monitoring and submission authoring, removing the repetitive, detail-heavy work so skilled professionals can focus on strategy, market expansion, and the higher-order decisions that increasingly complex regulations demand.

"As future regulators, we will need to be scientifically strong, comfortable with complexity, open to innovation, and also be able to work in increasingly complex environments."

— Rui Santos Ivo, President of Portugal's National Authority of Medicines and Health Products (INFARMED) and chair of the EMA management board, RAPS Euro Convergence 2026 Opening Plenary

MDR 2.0: Reform With Guardrails

A panel of experts representing regulators, industry, and notified bodies gave their views on the proposed revision of the EU Medical Device Regulation at the conference. While their sentiments were largely supportive, notified body representatives urged the European Commission to maintain proactive surveillance of devices to protect patients.

The discussion acknowledged the complexity of balancing reform with patient safety. Simplification and innovation go hand in hand, though if it is overly complicated or overly simplified, it becomes difficult to innovate. Structured dialogues in MDR/IVDR will provide transparency and predictability for manufacturers, especially in early product development.

Regulatory Workflows Cannot Be an Afterthought

A recurring observation across sessions was that MDR 2.0, EUDAMED, and the EU AI Act are only as effective as the operational workflows behind them. Structured dialogues, risk-proportionate pathways, and submissions all require teams to move quickly with accurate, up-to-date product data. That is simply not possible when that data lives across email threads, spreadsheets, and disconnected systems.

The workflows that came up most in Lisbon (change control, renewals, new product introductions, and registration management) are exactly the areas where manual processes create the most risk. A missed renewal. A design change that triggers 40 country-level impact assessments with no system to coordinate them. A registration record that no one has updated since the last audit.

Rimsys keeps these workflows connected and proactive. Renewal expiration reminders fire before deadlines become a risk. Change control impact surveys are configurable to your SOPs, so teams can assign tasks and coordinate work across regions without relying on someone to manually track progress. New product introductions move faster because previous submission content can be reused across markets. Target market data, registration history, and approval status are already centralized, so teams are building on existing work rather than starting from scratcheach time.

The result is regulatory operations that reduce time to market by weeks to months, not add to it. Access information in seconds rather than hours. Regulatory release authorization in minutes rather than weeks. More than 90% reduction in regional regulatory reporting time. These are not projections. They are outcomes reported by Rimsys customers operating in exactly the kind of complex, multi-market environments that dominated the conversation in Lisbon.

The Regulatory Professional Is Evolving

Perhaps the most striking thread across sessions was the evolution of the RA function itself. Regulatory work was once seen mainly in terms of compliance procedures and submissions. Today, the profession is much broader than that.

This evolution is exactly the transition Rimsys is designed to support. When regulatory data is centralized, connected, and visible in real time, RA teams stop spending their days chasing down registration status and start contributing to commercial strategy: market expansion decisions, launch sequencing, change control planning, and executive-level risk communication.

The heart of regulatory operations is not a filing cabinet. It is a living, connected system that elevates the entire function.

What It All Points To

RAPS Euro Convergence 2026 made one thing clear: the organizations that will thrive are those who have invested in regulatory infrastructure that can absorb change without breaking. Rimsys is the platform built for exactly this moment: enterprise-grade, intuitive enough for global teams to actually use, and trusted by 6 of the top 12 global MedTech manufacturers worldwide.

Book a conversation with our team

I agree to the privacy policy including to Rimsys using my contact details to contact me for marketing purposes.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Hand holding smartphone showing email app with 12 unread messages notification.