Featured
Rimsys Announces Rimsys AI to Eliminate Repetitive Tasks and Enhance Decision-Making for MedTech Regulatory Teams
Rimsys, the leading Regulatory Information Management (RIM) platform for the MedTech industry, today announced the launch of Rimsys AI, a suite of embedded artificial intelligence (AI) agents.
The beginner's guide to the FDA De Novo classification process
This article is an excerpt from The beginner's guide to the FDA De Novo classification process ebook.
Contents
- Introduction
- Chapter 1: What is an FDA De Novo request?
- Chapter 2: Contents of a De Novo request
- Chapter 3: Submitting a De Novo request
- Appendix A: Acceptance review checklist
Congratulations, you have successfully developed a new medical device! Now you need to take it to market. Normally in the United States this would mean completing a 510(k) submission. However, the 510(k) relies on “substantial equivalence”—a comparison to a similar device already on the market (also called a predicate device) to assess the risk profile of the new device. What if your device is totally new, and there isn’t a similar device to compare it to? Enter the FDA De Novo process. The De Novo process provides a pathway to market for novel devices with a low to medium risk profile.
What does De Novo mean?
According to the Merriman-Webster dictionary, de novo is a Latin word meaning “as if for the first time; or anew.” Perfectly fitting that the FDA uses this term “De Novo” to describe market approval requests for new medical devices or technology where there is no comparable predicate device on the market.
The Food and Drug Administration Modernization Act of 1996 provided the FDA with the authority to create the De Novo Classification Process. It's a process that uses a risk-based strategy for a new, novel kind of medical device, in vitro diagnostic, or medical software solution whose type has previously not been identified and/or classified. It’s a process by which a novel medical device can be classified as a Class I or Class II device, instead of being automatically classified as Class III, which may not be appropriate. Before the implementation of the De Novo process in 1997, all the “not substantially equivalent” (NSE) products were required to be initially classified as a Class III device. But for a lot of devices, this risk class didn’t really make sense. The De Novo process provides a pathway for more accurate classifications of novel, lower-risk devices.
October, 2021, the FDA released a final guidance document "De Novo Classification Process (Evaluation of Automatic Class III Designation)" to provide guidance to the requester (also known as the manufacturer) and the FDA on the process for the submission and review of a De Novo Classification Request under section 513(f)(2) of the Federal Food, Drug, and Cosmetic Act (the FD&C Act). This process provides a pathway to an initial Class I or Class II risk classification for medical devices for which general controls or general and special controls, provide a reasonable assurance of safety and effectiveness, but for which there is no legally marketed predicate device. This guidance document replaced the "New Section 513(f)(2) – Evaluation of Automatic Class III Designation, Guidance for Industry and CDRH Staff" document, dated February 19, 1998.
Consistent with the final rule, the FDA updated the guidance documents below to provide recommendations for submitting De Novo requests, as well as criteria and procedures for accepting, withdrawing, reviewing, and making decisions on De Novo requests, effective January 3, 2022.
- User Fees and Refunds for De Novo Classification Requests
- FDA and Industry Actions on De Novo Classification Requests: Effect on FDA Review clock and Goals
- Acceptance Review for De Novo Classification Requests
The 510(k) and the De Novo processes are similar in that they are both pathways to market for medical devices with low to moderate risk, which is Class I and Class II. The biggest difference between the two is that the 510(k) heavily relies on the concept of "substantial equivalence" to an existing medical device. You must prove this to get the clearance of your 510(k) submission. In the De Novo process, there isn’t a product currently on the market that is “substantially equivalent” to yours, so it’s like starting with a clean slate. For more on the 510(k) process, see our Beginner’s Guide to the 510(k) ebook.
A result of the De Novo process to be aware of is that a successful submission will lead to a new predicate device type that someone else can reference to bring their product to market through the 510(k) process. You’ve done all the work, so now it’s available for anyone to use to provide "substantial equivalence".
De Novo history/timeline
Preparing a De Novo request
1. Do your research! Be sure to complete all the necessary research prior to your submission. You want to be sure that your device is not substantially equivalent to an existing device. Resources to review include:
- The Center for Devices and Radiological Health (CDRH)
- U.S. FDA Device Classification Database
- Device Classification Under Section 513(f)(2)(De Novo)
2. A De Novo request can be submitted with or without a preceding 510(k). There are two options for when you can submit a De Novo request:
Option A: After receiving a not substantially equivalent (NSE) determination (that is, no predicate, new intended use, or different technological characteristics that raise different questions of safety and effectiveness) in response to a 510(k) submission.
Option B: If you’ve determined, after extensive research, that there is no legally marketed device on which to base a determination of substantial equivalence.
3. Be sure all fees are paid to the FDA in advance of submitting a De Novo request. The FDA’s fiscal year begins in October and runs through the following September. Fees have increased each year since they were introduced, but the FDA’s percentage of reviews completed within the 150-day window has increased as well.
A business that is qualified and certified as a “small business” is eligible for a substantial reduction in most of the FDA user fees, including De Novo. The CDRH is responsible for the Small Business Program that determines whether a business is qualified.
Medical Device User Fee Amendments (MDUFA) guidance documents can provide more detailed information about all FDA user fees.
4. The initial request process serves only to determine if the De Novo request is administratively acceptable based upon the Acceptance Checklist. The initial acceptance is followed by substantive review which will determine the final risk classification of your device.
5. A Pre-Submission (Pre-Sub) is a formal written request for feedback from the FDA that is provided in formal written form, and then followed by a meeting. Although a Pre-Sub is not required prior to a De Novo request, it can be extremely helpful to receive early feedback, especially for devices that have not previously been reviewed under a 510(k). If you think you would like to submit a pre-sub first, there are suggested guidelines for submission you should consider:
- Describe your rationale for a Class I or Class II classification for your device.
- Provide the search results of FDA public databases and other resources used to determine that no legally marketed device and no classification for the same device type exists.
- Provide a list of regulations and/or product codes that may be relevant.
- Provide a rationale for why the subject device does not fit within and/or is different from any identified classification regulations, based on available information.
- Identify each health risk associated with the device and the reason for each risk.
- Briefly describe any ongoing and/or planned protocols/studies that need to be completed in order to collect the necessary data to establish the device’s risk profile.
- Provide information regarding the safety and effectiveness of the device. Cite the types of valid scientific evidence you anticipate providing in your De Novo request, including types of data/studies relating to the device’s safety and effectiveness.
- Briefly describe any ongoing and/or planned protocols/studies that need to be completed to collect the necessary safety and effectiveness data.
- Provide protocols for non-clinical and clinical studies (if applicable), including how they will address the risks you anticipate and targeted performance levels that will demonstrate that general controls or general and special controls are sufficient to provide reasonable assurance of safety and effectiveness.
- Share any proposed mitigation measure(s)/control(s) for each risk, based on the best available information at the time of the submission. Highlight which mitigations are general controls and which are special controls and provide details on each.
- Include any other risks that may be applicable, in addition to those identified in the Pre-Sub, given the indications for use for the device.
- If applicable, provide any controls that should be considered to provide a reasonable assurance of safety and effectiveness for the device.
- Provide any non-clinical study protocols that are sufficient to allow the collection of data from which conclusions about device safety and/or effectiveness can be drawn. These protocols should address whether the identified level of concern is the appropriate level of concern for the device software, and if any additional biocompatibility and/or sterility testing is required.
- If clinical data is needed, provide information to show that the proposed study design and selected control groups are appropriate?
6. The FDA will attempt to review the De Novo request submission within 15 calendar days of receipt of the request to make a determination that the submission is declined or accepted for review. If they are unable to complete the review within the 15 days, your submission will automatically move to “accepted for review” status. https://www.fda.gov/regulatory-information/search-fda-guidance-documents/de-novo-classification-process-evaluation-automatic-class-iii-designation
7. There are times when the FDA will refund your application fee. They have created a guidance document “User Fees and Refunds for De Novo Classification Requests” for the purpose of identifying:
- the types of De Novo requests subject to user fees
- exceptions to user fees
- the actions that may result in refunds of user fees that have been paid
When is a De Novo request subject to a user fee?
When will the FDA refund a De Novo user fee?
What fee must be paid for a new device submission following a De Novo “decline” determination?
To continue reading this eBook including a detailed walk-through of all the Traditional 510(k) components, submission requirements and timelines, and an overview of the other 510(k) forms including the Abbreviated 510(k) and the Special 510(k), please register to download the full version.
The ultimate guide to the medical device single audit program (MDSAP)
This article is an excerpt from The ultimate guide to the medical device single audit program (MDSAP) ebook.
Table of contents
- What is MDSAP?
- History of MDSAP
- Who is responsible for the MDSAP?
- How does an MDSAP audit work?
- Audit sequence
- You got a nonconformity – now what?
- What does an MDSAP audit cost?
- Why choose the MDSAP certification process?
- Potential disadvantages of the MDSAP
- Ready to participate? – Here’s how to get started
- Completing a successful MDSAP audit
The Medical Device Single Audit Program (MDSAP) was designed and developed to allow a single audit of a medical device manufacturer to be applied to all country markets whose regulatory authorities are members of the program. The MDSAP provides efficient and thorough coverage of the standard requirements for medical device manufacturer quality management systems, and requirements for regulatory purposes (ISO 13485:2016). In addition, there are specific requirements of each medical device regulatory authority participating in the MDSAP that must be met:
- Conformity Assessment Procedures of the Australian Therapeutic Goods (Medical Devices) Regulations (TG(MD)R Sch3)
- Brazilian Good Manufacturing Practices (RDC ANVISA 16)
- Medical Device Regulations of Health Canada (ISO 13485:2003)
- Japan Ordinance on Standards for Manufacturing Control and Quality Control of Medical Devices and In Vitro Diagnostic Reagents (MHLW Ministerial Ordinance No 169)
- Quality System Regulation (21 CFR Part 820), and specific requirements of medical device regulatory authorities participating in the MDSAP program.
This means that a report from a single MDSAP audit of a medical device manufacturer would be accepted as a substitute for routine inspections by all the member Regulatory Authorities (RAs) across the world. There are currently five participating Regulatory Authorities (RA) representing the following countries: Australia, Brazil, Canada, Japan and the USA.
In April, 2021, the RAs released an “Audit Approach” document (MDSAP AU P0002.006) that combines the formerly separate MDSAP Audit Model and Process Companion documents into a single guidance document. It includes guidance for assessing the conformity of each process and includes an audit sequence, instructions for auditing each specific process, and identifies links that highlight the interactions between the processes.
In March 2012 the US FDA announced that they had approved a final pilot guidance document “Guidance for Industry, Third Parties and Food and Drug Administration Staff: Medical Device ISO 13485:2003 Voluntary Audit Report Submission Pilot Program.” This allowed the owner or operator of a medical device manufacturing facility to be removed from FDA’s routine inspection work plan for 1 year upon completing a ISO 13485:2003 audit. This guidance document went into effect in June 2012, and was intended as an interim measure while a single audit program was being developed.
This pilot program was not very successful and few companies signed up because they did not see any advantage in participating. The manufacturer had to pay for a third party to inspect their facilities, generate a report, and share the inspection results back to the FDA. Many companies were reluctant to contract “someone else” to perform their inspection when they could easily wait for the FDA to conduct an inspection for free.
During its inaugural meeting in Singapore in 2012, the International Medical Device Regulators Forum (IMDRF) appointed a working group to develop a set of documents for a harmonized third-party auditor system. Hence, the “Medical Device Single Audit Program” (MDSAP) was formed. The concept was similar to the FDA’s original idea of creating a third-party auditor to help reduce their workload of performing regulatory audits of medical device manufacturers’ quality management systems. This new approach would consist of a single audit that would review regulatory QMS compliance, conducted by a third-party, who would later be called an Auditing Organization (AO).
From January 2014 to December 2016, five countries participated in a Medical Device Single Audit Program Pilot. In June 2017, a report was generated summarizing the outcomes of prospective “proof- of-concept” criteria established to confirm the success of the program. The outcomes are documented in the final MDSAP Pilot Report and recommended that the program become fully active and open to any manufacturer who requested this type of audit.
The governing body of the MDSAP is the Regulatory Authority Council (RAC), which is composed of two senior managers (and a few other staff members) from each participating RA. They are responsible for executive planning, strategic priorities, setting policy, and making decisions on behalf of the MDSAP International Consortium. The RAC also reviews and approves documents, procedures, work instructions, and more. The mission of the MDSAP International Consortium is to jointly leverage regulatory resources to manage an efficient, effective, and sustainable single audit program focused on the oversight of medical device manufacturers on a global scale.
Other international partners that are involved in the MDSAP include:
MDSAP Observers:
- European Union (EU)
- United Kingdom’s Medicines and Healthcare products Regulatory Agency (MHRA)
- The World Health Organization (WHO) Prequalification of In Vitro Diagnostics (IVDs) Program
MDSAP Affiliate Members:
- Argentina’s National Administration of Drugs, Foods and Medical Devices (ANMAT)
- Republic of Korea’s Ministry of Food and Drug Safety
- Singapore’s Health Sciences Authority (HSA)
The observers and affiliate members are not the same as the participating member RA’s. The observers simply observe and/or contribute to RAC activities. Affiliate members, on the other hand, are interested in engaging in the MDSAP program and are subject to certain rules. They are only given access to a certain level of information about the manufacturers, audit dates, and information in audit reports.
They are also invited to attend sessions that are open to members, observers, and affiliates only.
Audits can also be conducted by MDSAP participating RAs at any time and for various reasons including:
- "For Cause" due to information obtained by the regulatory authority
- as a follow up to findings from a previous audit
- to confirm the effective implementation of the MDSAP requirements
The purpose of audits conducted by the RAs is to ensure appropriate oversight of the AOs MDSAP auditing activities. The AOs are appointed by the RAs and a list of the currently approved AO’s is published on the FDA website. Most AOs offer a broad range of management system certification services, beyond just medical devices. Manufacturers should verify that prospective AOs are clearly trained and perform MDSAP audits of medical devices.
AOs have the final word as to whether a manufacturer has met the requirements for the MDSAP during the execution of the audit and generation of the associated reports summarizing the results. MSDAP RAC participating RAs have the final decision regarding all development, implementation, maintenance, and expansion activities associated with the program.
Although an unannounced visit by an AO is rare, it can happen in circumstances where high-grade nonconformities have been detected.
To continue reading this eBook including a detailed look at the MDSAP audit process and grading, pros and cons of the approach, and how to get started please register to download the full version.
Regulatory strategy as a competitive advantage
This article is an excerpt from the Regulatory strategy as a competitive advantage ebook.
Table of Contents
- The regulatory revenue opportunity
- Regulatory responsibilities
- Limitations of the "cost-center" approach to regulatory affairs
- Regulatory as a revenue function
- Competitive advantage #1: Faster time to market
- Competitive advantage #2: Cost avoidance
- Competitive advantage #3: Out-pacing competitors
- Why invest in regulatory/revenue alignment?
- Getting started - 3 steps to move towards a revenue-aligned RA team
It is well known that medical technology (medtech) companies are highly regulated, given the potential risks their products present. Understanding and complying with the complex regulations in each country is, therefore, a necessary part of marketing and selling medical devices. To realize any revenue from a medical device, it must not only demonstrate compliance with all applicable regulations, it must also receive and maintain market clearance from each country in which it is to be sold. No market clearance means no revenue. Given the key role regulatory compliance plays in revenue attainment, regulatory teams, tools, and processes present a significant opportunity for differentiation for organizations willing to invest in them.
For the majority of medtech companies, however, regulatory departments have traditionally been treated as operational cost centers, with departmental improvements focused on cost reduction and efficiency improvements. Limited investment in people and tools, and limited interest in digital transformation, have left regulatory teams across the medtech industry underfunded and under-resourced.
This has led to great resourcefulness within the RA community, where most members can point to heroes within their team who worked long hours to meet a submission deadline, headed off a disaster by uncovering a pending expiration, created ad-hoc systems to organize information and streamline communication between the RA and QA teams for smoother audits, or have otherwise gone above and beyond their typical responsibilities.
Regulatory teams, however, have the potential to be a revenue-driving competitive weapon for companies that are willing to look at them a little differently and invest in regulatory performance above regulatory cost-effectiveness. Well-supported regulatory teams can provide a true competitive advantage by providing the resources and direction to:
- Capture market share by being first to market with novel devices.
- Avoid lost revenue by effectively tracking and planning for registration renewals/updates.
- Out-pace competitors and grow market share by adapting to regulatory changes more quickly and taking advantage of competitors’ non-compliance or inability to enter a new market.
We believe we are entering a new era for regulatory affairs within the medtech industry. One in which RA teams have a seat at the table when go-to-market, competitive positioning, and strategic decisions are being made.
In the medtech industry, regulatory affairs (RA) teams have a broad range of responsibilities across the product lifecycle:
Premarket regulatory strategy
Obtaining market clearance for a new medical device is the primary activity typically attributed to RA teams. It is not unusual for a regulatory team to be given market entrance projects with little warning, but ideally, the RA team would be brought in as early as possible to contribute to go-to-market discussions.
Premarket regulatory strategy, at a minimum, involves:
- Determining the most appropriate pathway to market approval. For example, a 510(k) or PMA submission in the U.S.
- Working with quality, product, and other teams to gather information needed for market submission.
- Establishing communication with applicable regulatory bodies and third-party approved auditors.
- Compiling and submitting required documentation for market approval. This includes managing follow-up activities, questions, and requests for additional information throughout the approval process.
Forward-thinking organizations often look to bring in RA teams even earlier in the process. As regulatory experts, RA professionals can provide unique insight into product development plans. In consultation with R&D teams, can help to refine product strategies, and steer development in areas that will reduce regulatory hurdles when new products are ready to be commercialized.
Maintaining regulatory compliance for existing products
While the primary focus of regulatory teams is often considered to be new market submissions, the majority of their time is actually spent on maintaining compliance for products that are already in-market. Even in situations where market registrations do not expire, constant vigilance is required to ensure that devices remain compliant with current regulations. These efforts take a considerable time for a typical RA team because information is often spread across disparate systems, where it can be difficult to find and confirm.
Maintaining regulatory compliance for approved devices includes:
- Staying on top of changing standards and making changes as required to existing technical files and other documentation.
- Submitting appropriate documentation updates when there is a change made that could potentially affect the efficacy or safety of the product, such as a material switch or facility change.
- Understanding pending regulatory changes and proactively addressing any that have an impact on devices currently in-market.
- Tracking registration expirations and preparing for timely re-submissions to ensure there is no lapse in market clearance.
Post-market activity
Post-market surveillance and vigilance activities are required by most countries and should involve the cooperation of the quality and regulatory teams. Ensuring that changing post-market reporting requirements are understood and complied with is an important regulatory responsibility.
Regulatory teams typically play a role in:
- Post-market surveillance of adverse events, complaints, and any issues associated with a device in the field.
- Assembling and submitting any required periodic safety reports to country/regional health authorities.
- Post-market vigilance and reporting of serious events to the appropriate regulatory agencies.
- Any required communication with regulatory authorities regarding adverse events or concerning trends in product quality.
Ask any RA professional, and they are likely to tell you that they work long hours and are often scrambling to meet looming deadlines...
To continue reading this ebook, download the full version.
Essential principles
What are Essential Principles?
Essential Principles (EPs) are requirements established by a country’s health agency. Medical device manufacturers need to prove that they comply with these requirements in order to sell their device in each country where they are required. This is often tracked in a burdensome table in which each requirement is explained by applicable standards and other items used to demonstrate compliance with each requirement. The manufacturer will link their evidence files to prove that they meet the requirement or provide an explanation as to why it is not applicable in their situation.
Think of this like cliff-notes for the submission and related documents. Submission documents, their locations, and explanations can all vary depending on the device type, manufacturer, and their processes.
What countries require Essential Principles?
Not every country requires EPs for their submissions. Some of the main countries that do require them include:
- The European Union – where they are called General Safety and Performance Requirements (GSPR)
- Australia
- Malaysia
- Singapore (accepts EU documentation in most cases)
- China
What do Essential Principles look like?
GSPR (General Safety and Performance Requirements) in the European Union are an example of Essential Principles requirements. The language in the GSPR comes directly from Annex 1 of the EU MDR of 745/2017 for medical devices and EU IVDR 2017/746 for in-vitro diagnostic devices. Medical device manufacturers are taking the text of this regulation, numbering and all, and documenting whether they apply to it, the standards that they apply to, and then providing their evidence.
Let’s look at an example that directly comes from EU MDR 2017/745, Regulatory text, Annex I, 7th requirement:
“Devices shall be designed, manufactured and packaged in such a way that their characteristics and performance during their intended use are not adversely affected during transport and storage, for example, through fluctuations of temperature and humidity, taking account of the instructions and information provided by the manufacturer.”
The validation of the Essential Principles for this particular requirement would be displayed in a table like the one below. Note that the description column in the table and in the EU MDR regulatory requirement are identical to each other.
These tables change constantly, and it is a large administrative burden on the regulatory professional to quickly identify changes, perform a gap analysis (check for changes and do testing if needed), and update the tables when required. In addition, we have seen the following issues caused by changing standards:
- Large companies can have hundreds to thousands of Essential Principles tables. Without a bulk upload, this can take an incredibly long time to process all of those documents.
- Errors can occur with standards updates by missing a product that is associated to a standard.
- If a gap analysis is done too late and testing a product to a revised or new standard is required - your product might need to be blocked from a market for months, which could mean massive revenue loss.
- Accidentally missing a reference to new testing data because only the standard was updated.
Rimsys allows regulatory professionals to be notified of standard changes and even do bulk additions and deletions of documents, standards and certificates to your Essential Principles Tables, which can save regulatory professionals countless hours in administrative work. For more information on how one of our customers benefited from our Essential Principles tool, reducing their EP and GSPR maintenance by 99%, read our Bisco case study.
FDA consensus standards
FDA Standards and Conformity Assessment Program
The FDA Standards and Conformity Assessment Program (S-CAP) seeks to drive the “development, recognition, and appropriate use of voluntary consensus standards for medical devices, radiation-emitting products, and emerging technologies.” Conformity to relevant standards is voluntary, unless a standard is “incorporated by reference” directly into a regulation. However, demonstration of conformity with FDA-recognized standards in a premarket submission is encouraged by the agency and will streamline the review process.
According to the FDA, S-CAP is designed to:
- Produce and implement clear policies to promote the appropriate use of standards in regulatory processes.
- Anticipate the need for and leads the development of national and international consensus standards.
- Advance initiatives to enhance confidence in conformity assessment activities.
- Foster innovation and standardization in technologies that facilitate patient access to novel devices.
- Provide leadership in standards quality and utilization through outreach and global harmonization.
What is a voluntary consensus standard?
The FDA recognizes standards that medical device manufacturers may use to demonstrate that they have met a relevant requirement of the FD&C act. The FDA may recognize all or part of a standard established by an international Standards Development Organization (SDO). Not all standards recognized internationally are recognized by the FDA.
The most common SDO is the International Organization for Standardization (ISO), and some of the most recognized ISO standards for medical devices include:
- ISO 14971- Applications of risk management to medical devices
- ISO 10993 – Biologic evaluation of medical devices
- ISO 11137 – Sterilization of healthcare products
Note that ISO 13485 is not recognized by the FDA for use in standard market submissions, but it is recognized as a quality standard under the MDSAP program.
Some of the other recognized SDOs include:
- ANSI – American National Standards Institute
- ASQ – American Society for Quality
- IEC – International Electrotechnical Commission
In some cases, FDA consensus standards have an identical U.S. adoption, such as IEC 60601-2-47 and ANSI/AAMI/IEC 60601-2-47. For a full list of recognized standards, see the FDA’s Recognized Consensus Standards database (the “Standards Organization” field lists all SDOs).
Using consensus standards in premarket submissions
Demonstrating conformity with FDA-recognized standards can facilitate the premarket review process for:
- 510(k) submissions
- De Novo requests
- Investigational Device Exemption (IDE) applications
- Premarket Approval (PMA) applications
- Product Development Protocols (PDP)
- Humanitarian Device Exemption (HDE) applications
- Investigational New Drug (IND) applications
- Biologics License Application (BLA) for devices that are regulated by CBER as biological products
It is important to recognize that conformance to a recognized standard often satisfies only a portion of the requirements of a premarket submission. When using an FDA-recognized consensus standard, a manufacturer should submit a Declaration of Conformity (DOC) to the standard and list it in the CDRH Premarket Review Submission Cover Sheet (form FDA 3514). Elements of a Declaration of Conformity include:
- Name and address of the applicant/sponsor responsible for the DOC.
- Product/device identification, including product codes, device marketing name, model number, and any other unique product identification data specific to the DOC in question.
- Statement of conformity.
- A list of standards for which the DOC applies including, for each standard, the options selected, if any.
- The FDA recognition number for each standard.
- The date and place of issuance of the DOC.
- Signature, printed name, and function of the sponsor responsible for the DOC.
- Any limitation on the validity of the DOC (ex: how long the declaration is valid, what was tested, or concessions made about the testing outcomes).
Supplemental documentation requirements in support of a DOC
Supplemental documentation in support of a DOC is often required. Adherence to a standard may not be sufficient for the FDA to make a regulatory decision. The example used in the FDA’s guidance document, Appropriate Use of Voluntary Consensus Standards in Premarket Submissions for Medical Devices, is that of ISO 14971. ISO 14971, Application of risk management to medical devices, does not list all of the detailed acceptance criteria for necessary performance tests. According to this guidance, the following general principles should be followed when determining the need for supplemental documentation:
- When the consensus standard includes both a test method or test procedure with a single set of predefined acceptance criteria, FDA should generally not request data relating to the specific consensus standard in the DOC.
- When the consensus standard describes a test method or procedure, but does not include acceptance criteria, the submitter should provide an assessment of the results and how conformity was determined.
- When the consensus standard includes choices related to, for example, what is to be tested, which test methods to use, or acceptance criteria to assess conformity, the submitter should include an explanation for the choices and selections made.
Managing standards updates
When a consensus standard is replaced by a newly recognized standard, the older version is withdrawn following a transition period. That transition period is provided to allow submitters time to prepare to use a new version of the standard. During the transition period, the submitter may continue to use the old version of the standard, though a justification for use of the older version should be provided in instances where adherence with a new version would require significant questions to be addressed.
Transition periods will vary based on the scope of the change to the standard and can be found in the standard’s supplemental information sheet (SIS). When a standard changes during an active review of a premarket submission, the FDA will continue to review the submission based on the previous version of the standard.
Learn more about how Rimsys can help your regulatory team manage standards.
RIM for medtech vs. RIM for pharma
Regulatory affairs professionals at large medical device companies must manage heavy submission workloads, registrations for products currently on the market, and ever-changing regulatory requirements. Regulatory information management (RIM) systems have been available for some time, but only in the pharmaceutical industry. This means that many regulatory professionals in the medical device industry continue to rely on paper documents, spreadsheets, and other outdated tools and methods to manage their work.
Medtech RA teams who implement RIM systems built for the pharma industry do not have the functionality they need to manage the complex workflows associated with medical device submissions and registration maintenance. In fact, at Rimsys we have worked with a number of medical device manufacturers who moved away from their RIM pharma system without successfully implementing it.
What is RIM for the pharmaceutical industry?
RIM systems designed for the pharmaceutical industry (Pharma RIM) provide a centralized system for managing the drug approval process. Pharma RIM systems differ in their scope, but often handle processes from pre-registration through post-registration including the creation and management of dossiers for investigational New Drug (IND) and Clinical Trial Application (CTA) submissions.
Pharma RIM systems also provide content/document management capabilities, often tied to Master Data Management (MDM) functionality which provides for the storage, retrieval, and integration of the large amounts of data tracked by pharmaceutical companies. In addition, Pharma RIM systems can assist with electronic submissions of regulatory dossiers.
Why Pharma RIM doesn’t work for medical device manufacturers
On the surface, regulatory solutions for the pharmaceutical and medical device industries appear similar. Both industries are highly regulated, require controlled workflow and document management, and have complex market entrance requirements.
However, the regulatory requirements governing the development and marketing of a drug are very different from that of a medical device in the following areas:
Harmonization of regulatory requirements
Global harmonization of pharmaceutical guidelines, through the International Conference for Harmonisation (ICH), is much more complete than in the medical device industry. Regulatory professionals working in the medical device industry must manage market-specific device classification rules, submission regulations, reporting requirements, and more.
The harmonized requirements in the pharmaceutical industry mean that, while submissions need to be made to each market, they are largely the same.
Change management requirements
Medical devices typically have multiple versions, iterations, and packaging options that inherently make market submissions and registrations more difficult to manage than in the case of pharmaceuticals. In addition, a medical device may undergo changes as the result of a supplier change, software update, or a corrective action made to the manufacturing process or product (among other possible changes). In most markets, any change that has the potential to affect the safety or efficacy of a device must be reported. However, the reporting requirements, including timing and submission formats, vary with each market. RA professionals must understand and track every requirement in every market.
Updates to pharmaceutical products, such as labeling changes, are less common and the notification process is more streamlined because of globally harmonized processes.
Regulatory pathways and options
For many medical devices, the regulatory pathway is not always clear – leaving RA teams to determine the path most likely to succeed and, in some cases, most advantageous to obtaining clearance in additional markets. For example, a new device in the United States might achieve faster approval through the 510(k) process, but the manufacturer must reference a predicate device already on the market. Whether the FDA accepts the identified device as a predicate and whether a PMA process would provide the company a greater competitive advantage, are strategic questions for the RA team to answer.
Devices are classified based on different criteria in different countries, making it necessary to analyze the device classification separately for each market as well. If the device is software or a combination device, the approval process may differ from the typical device approval pathway in some countries, but not others. In some cases, multiple options are available, such as participation in the MDSAP program.
Product complexity
From a regulatory data standpoint, medical devices are significantly more complex than drug products. In a pharma RIM system, a new drug is set up in the same manner as existing drugs. For a medical device, there are many more data points that need to be tracked and standards that need to be identified based on such things as whether the device is sold sterile, contains electronic equipment, or includes software.
A medtech RIM system allows each device to be configured and tracked appropriately for each market.
What are medtech RIM systems?
Holistic RIM systems for medical device manufacturers enable users to create a single source of truth for all data associated with regulatory submissions and registration management. RIM systems are used by regulatory teams to digitize data and automate key processes across the organization.
Medtech RIM system functions are designed to support a range of regulatory activities across a product’s lifecycle. In addition to centralizing core regulatory data and managing regulatory registrations and certificates, RIM systems can also support:
- Submission planning, authoring, and assembly
- Market entrance requirements and pre-built submission templates
- Collaborative content authoring and project management
- UDI management
- Standards management
- Essential principles/GSPR management, including bulk updating
RIM systems are product-centric, structuring data around individual regulated products and their requirements, market by market. This means that RIM systems can track product-specific data and link standards with individual products to easily identify those affected by standards updates.
RIM for regulatory projects and processes
Digitization and automation of regulatory data are more critical as global regulations continue to change and become more complex. Getting a medical device to market is a difficult process, but RIM software cuts the time and costs associated with product registrations while providing tools essential for ensuring ongoing compliance. Choosing a RIM system designed specifically for the medtech industry will provide your RA team with the tools they need. To get your regulatory ducks in a row, only a RIM system will do!
To learn more about the Rimsys RIM system, talk to one of our experts today.
The role of regulatory affairs teams throughout the product lifecycle
The lifecycle of a medical device
The time from when a medical device enters the market to the time it leaves, and the business and regulatory processes associated with that journey, are referred to as a product lifecycle. Regulatory affairs (RA) professionals have responsibilities at each stage of the product lifecycle and will collaborate with most sections of the business on one or more activities. In this article, we discuss the regulatory responsibilities that are typical in a large, global medical device manufacturer.
Cross collaboration with RA across the globe
The Regulatory Affairs professional at the manufacturer often does not complete regulatory activities alone. Major medical manufacturers have RA employees stationed across the globe. The international RA employees or local distributor will provide insight into their country’s regulatory requirements and will often be the individuals that have direct contact with their country’s government agency.
For example: When a manufacturer is working on a Registration in China, the Regulatory Affairs Engineer in the U.S. may be on an 8pm call coordinating with a Regulatory Affairs Professional in China.
Manufacturing RA Responsibilities
- Provide details and information on the medical device.
- Assist in-country RA in providing manufacturing SME team support on governmental questions during submission review.
- Provide appropriate documentation from the SME teams to help complete the regulatory submission.
In-country RA Responsibilities
- Provide insight on the in-country medical device requirements.
- Identify Standards particular to the country.
- Manage in-country specific submission deliverables.
- Identify devices that need to be provided for in-country testing (if applicable).
Each major lifecycle stage – pre-market, market placement, and post-market – are discussed below.
Pre-market
Research and development
A new medical device begins with an idea for a product and an R&D process that will eventually include the quality and regulatory departments. Once designed, these devices are heavily tested to industry standards that are applicable to the device. Higher risk devices must also go through clinical trials before being brought to market. Information on compliance with standards and results from testing are included in the submission documents used to obtain market access.
Each department plays a role in ensuring that a device and all supporting information is ready to request market entrance.
Regulatory responsibilities
- Identify applicable standards that will apply to the new device.
- Collaborate with R&D to understand the functions of the new device.
- Identify the intended use of the device.
- Classify the device for major markets.
- Collaborate with in-country RA for any additional device testing.
R&D responsibilities
- Test the new device to the standards that regulatory tells them to or find a vendor that does that testing.
- Compile the testing reports.
Business role responsibilities
- Approve the financials for the R&D work.
- Have an initial scope of regions where the device would be sold.
Initial business case
In parallel to the R&D preparation, a business plan will be developed by the Sales and Marketing teams, along with the Product and Project Managers (“business” teams). The business plan will detail where a product will be distributed and sold. It is incredibly important for the regulatory team to have a full understanding of this plan as early as possible so that they can research regulatory requirements and develop a regulatory plan.
The initial business case is often a back-and-forth conversation between those developing the business plan and the manufacturing and regulatory teams. The business often asks and heavily relies on the regulatory professional to describe the submission processes per country, to note any particularly challenging country for registration, and to explain why there are more requirements in some markets.
Regulatory Responsibilities
- Notify the business of the cost of the submissions for all markets that the business intends to sell in (Market Access Submissions cost money).
- Notify the business of the cost of man-hours on a per-registration basis.
- Notify the business of the labeling costs.
- Translating the manual into multiple languages.
- Applying country-specific labeling on the package or on the device.
Business Responsibilities
- Make good financial decisions on go-to-market.
- Approve staffing resources for the regulatory activity.
- Create a priority for submission activity.
Regulatory Plan
The regulatory department creates a plan of how to gain market access based on the initial business case. For large expansive launches in many countries, a regulatory plan may need to consider over 100 country requirements, which often includes a phased approach to product launches.
Regulatory responsibilities are often split between the RA resources at the manufacturer and those that are in the country in which the device is being marketed. While they vary by company, responsibilities often look something like this:
Manufacturing RA responsibilities
- Draft the regulatory plan.
- Provide classification for country of origin and some major markets.
- Provide appropriate documentation from the SME teams to complete the regulatory submission.
In-country RA responsibilities
- Provide insight on the in-country medical device requirements.
- Classify the device per country standards.
- Identify in-country specific submission deliverables that need manufacturing SME support.
- Identify devices that need to be provided for in-country testing (if applicable).
- Provide timeline estimations for international submissions.
Initial pre-market submissions
In regulated markets, a company needs to “register” their device prior to shipping, selling or marketing a device in the country. These submissions often contain confidential business information and test reports that were identified as needed in the regulatory plan. Once the device is accepted, a certificate is given to the manufacturer allowing the product to be sold in that market.
Typically, manufacturers begin by registering in their country of origin and a small subset of highly marketable countries. This phase often includes the USA and EU. Once a majority of those submissions are completed, submissions to other markets are addressed in a phased approach. There can be multiple waves of these registrations, and the entire registration process can last for months. Registration projects also often overlap for the manufacturing regulatory professional.
Manufacturing regulatory responsibilities
- Provide appropriate documentation from the SME teams to complete the regulatory submission.
- Notify SME teams when support is needed.
- Coordinate and compilate SME answers to governmental questions.
- Update the business on the submission progress.
- Notify the business when the submission is complete.
SME teams responsibilities
- Provide adequate information about the device per the regulatory plan.
- Notify the manufacturing regulatory team of any governmental questions and ask for support when needed.
- Notify the manufacturing regulatory team of submission progress.
- Provide SME support to develop the submission and answer governmental questions.
Business responsibilities
- Provide funding for this activity.
Expansion to the rest of the globe
Once the initial launch is completed or near completion, submission activity now begins in every other market that the business approves to launch in. For large and expansive businesses, this launch can be over 100 countries, which can mean 100 regulatory product registrations.
Manufacturing regulatory responsibilities
- Provide appropriate device information to in-country RA for submission support.
- Notify SME teams when support is needed.
- Coordinate and compilate SME answers to governmental questions.
- Update the business on the submission progress.
- Notify the business when any submissions are complete.
In-country RA responsibilities
- Complete in-country submission deliverables.
- Identify standards particular to the country.
- Manage in-country specific submission deliverables.
- Identify devices that need to be provided for in-country testing (if applicable).
SME teams responsibilities
- Provide adequate information about the device per the regulatory plan.
- Provide SME support to develop the submission and answer governmental questions.
Marketing the device
Once a device is fully registered in the regulated country, it can be marketed. However, any marketing material that is created often goes through an additional legal and regulatory review as any inaccuracy can lead to fines for mislabeling the device.
Manufacturing regulatory responsibilities
- Coordinate with clinical to ensure claims are aligned.
- Review marketing content to ensure regulatory compliance.
- Notify the business when approvals are received so marketing knows when they can begin marketing the device in that country.
Marketing responsibilities
- Create drafted content which could be product sheets, social media posts, or presentations for conferences.
- Accept regulatory review of the marketing materials.
Market placement
Change management
Businesses add features and change medical devices all of the time. They may shift where the manufacturing facility is located, add an accessory, change a motor - all of these changes need to be assessed and submission may need to be done prior to market entry for those changes. These changes also need to be assessed on a global scale. The more countries that are involved, the more complex that process is.
For every change, a survey is often sent out to the in-country regulatory teams, and they are often responsible for completing that assessment for their country. These are typically called impact surveys. It is then up to the RA team at the manufacturer to compile those responses and to receive approval from the business to complete any additional submissions to governments that may be required.
R&D responsibilities
- R&D and project teams determine a change is needed.
- Notify the manufacturing regulatory team of the upcoming change.
Manufacturing regulatory responsibilities
- Fully understand the change that is coming from R&D.
In-country regulatory responsibilities
- In-country specialist completes the impact survey.
- Notify the manufacturing regulatory team if additional submission activity is needed, along with the timeline for that activity and the deliverables/support required.
Business responsibilities
- Approve the submission activity and finance it as needed.
Renewals
After the initial submission, most countries will require a renewal submission after a set number of years to keep the device in the market. It is critical that renewal dates are tracked and managed appropriately. Missed renewal dates may require several months to over a year of work to obtain market approval again. During that time, all sales of the product are stopped.
Manufacturing regulatory responsibilities
- Notify the business of upcoming renewals.
- Coordinate with in-country RA to provide documents and assist in the submission for the renewal.
- Coordinate SME support for governmental questions if needed.
In-country regulatory responsibilities
- Notify manufacturing regulatory in a timely manner when renewals are needed.
- Submit the renewal to the government authority.
Business responsibilities
- Approve the renewals.
Post-market
Audits
Governments and other regulatory bodies will often audit the medical device manufacturer to ensure that they are in compliance with current regulations.
Manufacturing regulatory responsibilities
- Gathering device marketing registration history and facility registration for a specific set of countries to be presented by the auditor.
- Familiarizing yourself with the registrations and recent regulatory work that has occurred in the country to be prepared for auditor's questions.
- Responding to auditors questions if you are on “Audit Duty”.
Quality department responsibilities
- Manage the facility tour.
- Be responsible for the majority of the Quality Management System (QMS).
Research and development
- Provide the subject matter expert (SME) with explanations of how testing was developed for the product and the outcomes of said testing.
Post-market surveillance and reporting
Manufacturers must have ways of accepting customer complaints. In certain cases, when the complaints relate to health and safety concerns pertaining to the device, the manufacturer may need to report these complaints to their government or other countries where the device is sold.
Correctional activities (recalls)
If a company finds a health and safety risk to their device, the company as a whole may need to gather all of the devices that are affected and either repair them or destroy them.
Obsolescence
Obsoleting a product is often a regulatory step and a submission step as well. There are many reasons to take a device out of a market; low sales, new requirements causing additional work that is not financially feasible, or new devices being available that are part of a newer generation that are safer for the user are a few reasons.
Business responsibilities
- Notify manufacturing RA and in-country marketing of the obsolescence of the device in the market.
Manufacturing RA responsibilities
- Notify in-Country RA of the obsolescence and expected date that the business will stop supporting the device in that market.
In-country RA responsibilities
- Submit obsolescence notification to the authority.
RIM vs ERP software for medical device companies
Regulatory affairs professionals at large medical device companies must manage heavy submission workloads, registrations for products currently on the market, and ever-changing regulatory requirements. Many RA teams are still relying on paper documents, spreadsheets, and other outdated tools and methods to complete this work, while others have taken steps toward digitization and automation of key processes.
Regulatory teams often struggle to find software tools designed specifically for their workflows. ERP (Enterprise Resource Planning) systems are sometimes used by RA teams to track product attributes, such as selling status and support/service history. ERP systems, however, are not designed to handle the complexities of regulatory workflows nor the type of data that needs to be securely managed within a medtech company.
What is ERP software?
Enterprise Resource Planning (ERP) software encompasses a wide range of systems that typically manage multiple sectors within an organization. Originally designed for manufacturers, ERP systems are now used by industries as varied as public utilities, wholesale distributors, service organizations, and retail companies.
ERP systems manage the data and workflows associated with almost every sector within an organization, including:
- Manufacturing
- Device identification/history
- Purchasing and sourcing
- Service delivery
- Finance
- Human resources
- Engineering
- Asset management
- Supply chain
- Customer management and sales
Modern ERP systems are designed to provide a single, integrated platform to manage the majority of functions within an organization. The trade-off, however, is that because functionality needs to meet the needs of a variety of organizations, it will often fall short in highly regulated industries that require very specific data, workflows, and controls.
What are RIM systems?
Regulatory information management (RIM) systems have been around for years in the pharmaceutical industry but are relatively new in the medical device industry. Holistic RIM systems enable users to create a single source of truth for all data associated with regulatory submissions and registration management. Think of a RIM system as an ERP system for regulatory teams that is used to digitize data and automate key processes across the organization.
Medtech RIM system functions are designed to support a range of regulatory activities across a product’s lifecycle. In addition to centralizing core regulatory data and managing regulatory registrations and certificates, RIM systems can also support:
- Submission planning, authoring, and assembly
- Collaborative content authoring and project management
- UDI management
- Standards management
- Essential principles/GSPR management, including bulk updating
RIM systems are product-centric, structuring data around individual regulated products and their requirements, market by market. This means that RIM systems can track product-specific data, such as UDI records, and link standards with individual products to easily identify products affected by standards updates and assess their impact.
Integrating ERP and RIM systems
The most common point of integration between ERP and RIM systems is an “available to sell” setting at the product level. Product information in a RIM system will include registration status for each country and an indication of whether the product can currently be marketed and sold there. It is critical that the ERP system restrict distribution and/or sale of a product automatically based on the selling status set by the regulatory team.
ERP systems will also often be integrated with Product Lifecycle Management (PLM) systems used by product development and manufacturing teams to manage product information and at every step of a product’s lifecycle, including product data, records, specifications, and configurations. ERP systems can also be integrated with eQMS (electronic quality management systems) and RIM systems to ensure coordination of risk management activities, product updates, and quality data between the regulatory, quality, development, and manufacturing teams. Ideally, your regulatory team is notified as early as possible of any planned updates or changes to a product that is in-market or pending market approval.
RIM for regulatory projects and processes
Digitization and automation of regulatory data are more critical as global regulations continue to change and become more complex. Getting a medical device to market is a difficult process, but RIM software cuts the time and costs associated with product registrations while providing tools essential for ensuring ongoing compliance. ERP systems are central to an organization’s operation, but their broad focus simply does not provide the detailed functionality needed by regulatory teams. Integrate your ERP system with a holistic RIM system to give your regulatory team the tools they need to bring your products to market successfully and to maintain compliance. To get your regulatory ducks in a row, only a RIM system will do!
To learn more about the Rimsys RIM system, talk to one of our experts today.
