Insights & Intelligence for Regulatory Leaders

The Total Product Life Cycle Advisory Program (TAP) is a voluntary pilot program launched by the FDA’s Center for Devices and Radiological Health (CDRH) in October 2023. The TAP Pilot is one of the commitments between the FDA and industry as part of the MDUFA V reauthorization, which aims to provide faster patient access to safe and effective medical devices, increase innovation, improve patient safety through enhanced surveillance and data collection, and provide a more efficient regulatory process for FDA and industry.  

Taking a medical device from concept to commercialization in the United States is often a long and challenging process that involves participation and adoption from FDA, clinicians, payers, and patients. The TAP program is addressing the obstacles that device manufacturers often encounter throughout this process with:

• Early and frequent interactions: FDA will provide more opportunities for sponsors to interact with the agency early in the development process, which can help to identify and address potential issues early on.
• Strategic input from stakeholders: The program will involve input from a variety of stakeholders, including clinicians, patient advocates, and payers, which can help to ensure that the development of new devices is meeting the needs of patients and the healthcare system.
• Proactive, strategic advice from CDRH: FDA will provide proactive and strategic advice to sponsors throughout the development process, which can help to reduce the risk of regulatory delays.

Currently, TAP program membership includes the companies or individuals developing the medical devices, the medical device sponsors, dedicated staff within the CDRH, stakeholders consisting of clinicians, patient advocates, payers, and academic experts, and independent advisors. However, It is unclear if independent advisors will continue to be part of the program as TAP expands. Additionally, specific individuals involved in the TAP program at a given time will vary based on the device being developed and the stage of the development process.

While currently still in its pilot phase, the TAP program is open to a limited number of medical devices. To be considered for the program, device manufacturers must have breakthrough designation with no previous pre-submission meetings. The TAP program started with 15 cardiovascular devices last fall and is now at 31 enrolled devices as of February 2024. Enrollment could reach as high as 60 devices by the end of 2024.

As part of the MDUFA V reauthorization, the TAP Program shares the goal of facilitating the development of high-quality, safe, effective, and innovative medical devices. Additionally, the TAP Program strives to reduce device development time and costs through early and frequent feedback from FDA, increase innovation with more predictable and efficient regulatory pathways for new devices, and improve patient access to new devices.

Overall, the TAP program’s focus is on improving the medical device landscape by addressing various challenges and opportunities throughout the product lifecycle. The program's success will be measured by its ability to expedite development, foster innovation, ensure device quality, and ultimately, improve patient access to these potentially life-changing technologies. For more information about the TAP program and enrollment in it, visit FDA’s website.  

‍

The number of software as a medical device (SaMD) is growing and with it are questions about how to effectively obtain market clearance for them. One question we hear often is, “Are FDA risk classifications and submissions any different for SaMDs?” Currently, the FDA is regulating SaMDs the same way it’s regulating traditional medical devices. As a result, you’ll still have the same three risk classifications, Class I, Class II, and Class III.

The submission process is also the same. Most Class I devices are 510(k) exempt, and most class II devices would fall under a 510(k) or De Novo submission depending on whether or not substantial equivalence can be made to another US-marketed device. Most Class III devices require PMA submissions.  

There have been discussions about FDA pre-certification programs and following IMDRF guidelines for SaMDs, which would alter the submission process and also the risk stratification of SaMDs. However, none of these discussions have matured. The FDA continues to mirror their risk classification and submission guidelines for SaMDs and traditional medical devices.

Watch the full answer to this question from our recent panel discussion with subject matter expert, Prabhu Raghavan of MDQR Solutions, below.

‍

You can also download the full replay here to get answers to other common SaMD questions such as:  

• How is the FDA regulating AI/ML in SaMDs?
• What is a Predetermined Change Control Plan (PCCP) for machine learning-enabled medical devices?
• What cybersecurity considerations sh ould be made when taking SaMDs to market?

‍

A standard is a published document that is established by consensus and is approved by a recognized body (ISO, IEEE, UL, etc.). It outlines requirements, specifications, guidelines, or characteristics that are used in a repeated way to ensure that materials, products, processes, and services are developed for a specific purpose. Think of it as a formula for an agreed upon way of doing something that establishes the best way of performing a function. It could be developing a product, managing a process, or even supplying materials to a manufacturer.

Why are standards important?

Standards enable technology to work seamlessly across industries and markets and help to build consumer trust that products and services are designed to work together in an efficient way. They form the fundamental building blocks for product development by establishing consistent requirements that can be universally applied, practiced, and understood. For example:

• Quality standards reduce product failures on the assembly line.
• Environmental standards reduce environmental impacts, reduce waste, and provide sustainability.
• Health and safety standards reduce accidents in the workplace.
• Food safety standards prevent food from being contaminated.

To ensure standards stay relevant and are aligned with technology changes, many standards organizations require that their standards be reviewed periodically and updated as necessary.

‍Is an industry standard the same as a regulation?

No, but there is a very close relationship between the two. Simply put, a standard is a guideline whereas a regulation includes laws. Industry standards are used voluntarily (although strongly encouraged) while regulations are not voluntary because they are a requirement from a government agency or similar authority, i.e. ISO 13485 is a standard and building codes are regulations.

• Standards are technical documents, driven by consensus that are crafted by experts.
• Regulations are sometimes based on standards, created by a variety of individuals and entities, while overseen by federal, state, and/or municipal authorities.

It's important to note that while standards aren't mandated by law, many regulatory authorities recognize standards and recommend adherence to them in order to promote safety and quality.

What kind of standards are medtech manufacturers responsible for tracking?

The medical device industry has the responsibility for the design and manufacturing of a wide range of products used to diagnose and treat illnesses to improve health in patients. Medical device standards help ensure that a manufacturing or design process can consistently produce the quality required to serve patients and healthcare professionals around the world.

Some of the more common standards used by the medtech industry include, but are certainly not limited to:

ISO 9001 – A general standard (not industry specific) for quality management and implementing a rigorous quality system. For medtech specifically, it helps with the management of the quality control process by helping to keep costs low, improve accountability and simplify regulatory compliance.

ISO 13485 – This standard is designed for medtech specifically and expands on the framework set up by ISO 9001. Compliance with this standard helps with quality control, process validation, and risk management, often referred to as the risk management standard.

ISO 14971 – This standard specifies terminology, principles, and a process for the risk management of medical devices, including software and in vitro. This helps to identify hazards that may be associated with devices and to minimize those risks.

IEC 60601-1 – Medical Electrical Equipment, general requirements for basic safety and essential performance of equipment.

ISO 10993 – Biological evaluation of medical devices that includes biocompatibility testing of materials used to design product parts that would come into contact with a patient, testing for skin sensitization, and irritabilities.  

ISO 15223 – Symbols to be used with information to be supplied by the manufacturer. This standard identifies symbols that are globally accepted to be used in a broad spectrum of medical devices. These symbols can be placed on the device, on the packaging, or on any accompanying information such as instructions for use.  

ISO 45001 – This standard outlines the requirements for occupational health and safety management systems that can be employed in the medical device industry to help reduce occupational risk.

Where do I get these standards?

Standards used to design and build medical devices need to be purchased, and you must always maintain the most current revision of that standard to ensure proper adherence to it. They can be purchased as electronic copies, or you can request a paper copy for your files. You can purchase them directly from the standard organization (ISO, IEC, ASTM, UL, etc.). There are also organizations services that will provide standards from many organizations, serving as your to be your one-stop shop.

How do I know when standards change?

The best way to manage how you receive information about changes to industry standards would be to implement an electronic standard tracking system. These systems help to:

• Give you early notifications of changes
• Mitigate your company's risk by ensuring you're up-to-date
• Save you time by eliminating the tracking on your own
• Ensure your standards are up-to-date

Using manual processes such as spreadsheets to manage standards updates can be difficult, time-consuming, and lead to compliance risks - especially when a high number of standards and markets are involved. There are a variety of standards management tools to help medtech companies monitor and manage global standards, including Rimsys.

How can Rimsys help?

Rimsys’ regulatory management software offers standards management to help you stay ahead of the mayhem by providing:  

• Access to a library of over 1.6 million global standards through a partnership with IHS Markit
• The ability to link standards to individual products to more easily assess the impact of changes across your product portfolio
• Automatic alerts when standards are changed, superseded, or withdrawn to reduce compliance risks and enable faster reaction times
• Bulk updates to your essential principles/GSPR tables when standards change for easier maintenance and compliance

For more information, visit www.rimsys.io/solutions/standards-management.

Recently, our Founder and CEO, James Gianoutsos, was a guest on an episode of the Easy Medical Device podcast. Hosted by Monir El Azzouzi, a quality and regulatory professional with over 16 years of industry experience, the Easy Medical Device podcast explores a wide range of topics, news, and challenges to help medtech quality and regulatory professionals gain valuable insights that will help them excel in their roles.

In the episode, Why should you invest in your regulatory team?, James and Monir explore the limitations of traditional cost-center approaches to resourcing and preparing budgets for regulatory affairs teams and discuss the benefits of treating regulatory affairs as a revenue function. Hear their thoughts about:

• How regulatory affiars teams are typically structured
• The importance of the RA job function on revenue
• The impact AI will have on regulatory affairs
• How digital tools can enable RA teams

James also provided tips RA professionals can use to convince their stakeholders to invest in regulatory affairs teams. He emphasized that getting buy-in often involves a mindset shift that will change the dynamic of the conversation. For example, when planning for a renewal, think about the financial impacts of missed renewals rather than the sheer volume of renewals you're doing.
‍

When you're trying to convince your leadership team, don't talk about how many renewals I did for this product in a particular month. talk about the dollar figures you saved the company or retained on the market.

‍

For more tips, listen to the full interview on the Easy Medical Device website.

Rimsys recently held a panel discussion, Taking SaMDs to market in the US. During it, Prabhu Raghavan, Principal at MDQR Solutions, and Rimsys Chief Solutions Officer, Brad Ryba, shared an overview of SaMDs and provided their insights about getting and maintaining market clearance for them in the United States. Topics ranged from FDA risk classifications and submissions, cybersecurity best practices, and machine learning algorithms, which brought about an important question: How is the FDA currently regulating adaptive machine learning algorithms in SaMDS?
‍

Adaptive machine learning algorithms use post-market data in real time and evolve their models based on the data they're consuming. As such, every patient utilizing a device with adaptive machine learning algorithms may have a new model compared to the previous patient. While the FDA doesn't have any formal guidance on the subject just yet, manufacturers can work with the FDA to get a plan in place for maintaining a state of validation post market.

Watch the snippet from the webinar to learn about taking a staged approach with the FDA to get a proper validation plan in place.

‍

To watch all discussion topics, download the webinar replay here.

On October 24^th, 2023, the FDA, Health Canada, and the MHRA published a joint document providing harmonization for machine learning-enabled medical devices (MLMD) that use predetermined change control plans (PCCPs). PCCPs are plans proposed by the manufacturer that state the specific modifications to a MLMD, the process for implementing these modifications, and the assessment of impacts from them.  

The document details five guiding principles for MLMDs in an effort to set a foundation for PCCPs and encourage collaboration on them. According to the UK government’s website, these principles are:  

1. Focused and Bounded: Describing specific changes that a manufacturer intends to implement.

2. Risk-based: The intent, design, and implementation of a PCCP are driven by a risk-based approach that adheres to the principles of risk management.

3. Evidence-based: Demonstrating that benefits outweigh the risks throughout the product lifecycle.

4. Transparent: Provide clear and appropriate information and detailed plans for ongoing transparency to all stakeholders, from patients to healthcare professionals.

5. Total Product Lifecycle Perspective: Improve the quality and integrity of a PCCP by continually considering the perspectives of all stakeholders.
   

Here are some examples of how these principles could be applied:  

• Focused and bounded: A manufacturer of an MLMD that diagnoses cancer might develop a PCCP to implement a change to the algorithm that improves its accuracy in detecting a specific type of cancer.
• Risk-based: A manufacturer of an MLMD that monitors a patient's vital signs might develop a PCCP to implement a change to the algorithm that reduces the likelihood of false alarms.
• Evidence-based: A manufacturer of an MLMD that delivers medication to patients might develop a PCCP to implement a change to the algorithm that improves the accuracy of the dosage.
• Transparent: A manufacturer of an MLMD might publish a white paper that describes the device's algorithm and how it was developed and tested. The manufacturer might also make available a user manual that provides clear instructions on how to use the device safely and effectively.
• Total product lifecycle perspective: A manufacturer of an MLMD might collect feedback from patients and healthcare professionals on how the device is performing after it is marketed. The manufacturer might also use this feedback to identify and address any potential problems with the device.

The five guiding principles for MLMDs using PCCPs are based on the 10 guiding principles for Good Machine Learning Practices (GMLP) published in 2021, which were designed to help medical device manufacturers develop and deploy machine learning models that are safe, effective, and high quality. Similarly, the goal of these five guiding principles is to help MLMD manufacturers develop and maintain safe and effective products that meet the needs of patients and healthcare professionals. They are also intended to streamline the regulatory process for MLMDs, making it easier for manufacturers to bring new products to market and make updates to existing products in a timely manner.

‍
If you’re looking for additional information about MLMD requirements in the US, join Rimsys and MDQR Solutions for Taking SaMDs to market in the US on Thursday, November 30^th, at 1 PM ET. We’ll discuss the various types of SaMDs, considerations to make when obtaining market clearance, and how the FDA is regulating AI/ML in devices. Those interested in attending can register here: Taking SaMDs to market in the US.

‍