Featured
Rimsys Announces Rimsys AI to Eliminate Repetitive Tasks and Enhance Decision-Making for MedTech Regulatory Teams
Rimsys, the leading Regulatory Information Management (RIM) platform for the MedTech industry, today announced the launch of Rimsys AI, a suite of embedded artificial intelligence (AI) agents.
The beginner's guide to the FDA 510(k)
This article is an excerpt from The beginner's guide to the 510(k) ebook.
Table of Contents
- Introduction
- 510(k) basics
- Contents of a Traditional 510(k)
- 510(k) submission and timelines
- Other 510(k) forms
Congratulations! You have successfully developed a new medical device. Now you need to take it to market. In the United States, this often means submitting a 510(k). A 510(k) is a structured package of information about your device and its performance and safety that you submit to the Food and Drug Administration (FDA) for “clearance” before you can sell your device in the U.S. In order to receive clearance from the FDA, your 510(k) will need to demonstrate that your medical device is substantially equivalent to another legally marketed device (called a predicate device). The substantial equivalence approval process is a simple equation that looks something like this:
The 510(k) is generally the most efficient route to market clearance in the U.S. because you show your device is safe and effective based on this substantial equivalence standard, instead of needing to present more extensive clinical trial data.
There are three types of 510(k): Traditional, Abbreviated, and Special. This eBook will begin with a general overview of the 510(k) process, including its purpose and benefits. Next, we will explore the Traditional 510(k) and the sections and components required in depth. Finally, we will look at the Special and Abbreviated 510(k).
FDA: background and device oversight
Before we explain what a 510(k) is let’s first talk generally about the FDA and device oversight. The FDA is the U.S. governmental agency responsible for overseeing medical devices, drugs, food, and tobacco products. When it comes to medical devices, the FDA’s mission is to “protect the public health by ensuring the safety, efficacy, and security of…medical devices.” At the same time, the FDA also has an interest in “advancing public health by helping to speed innovations.” In other words, the FDA’s goal is to make sure devices are safe and effective for public use, while also ensuring that devices have a quick and efficient path to market.
In order to achieve this balance of safety and efficiency, the FDA has three different levels of oversight depending on the risk level of the device: (1) exempt from premarket submission, (2) Premarket Notification, also known as 510(k), and (3) Premarket Approval (PMA).
When is a 510(k) required?
A 510(k) is required for medium risk devices that have a predicate on the market which can be used to demonstrate the safety and effectiveness of the new device. Meanwhile, a PMA is required for high-risk or novel devices which require a higher level of scrutiny to be confirmed safe and effective.
A 510(k) is not only required for new devices, but also for devices that have been modified in a way that could impact safety or effectiveness. This could include changes to the:
- Design
- Components
- Materials
- Chemical composition
- Energy source
- Manufacturing process
- Intended use
You must submit your 510(k) at least 90 days before marketing the device.
What Exactly is Substantial Equivalence?
Now that we know what a 510(k) is, let’s talk about the substantial equivalence standard. You’ll recall from the introduction that your 510(k) must show that the new (or modified) device is substantially equivalent to at least one other legally marketed device, called a predicate device. Substantial equivalence looks at the intended use and the technological characteristics of the two devices.
More specifically, you must show:
- that the new device has the same intended use as the predicate, and
- the differences between the two devices do not raise questions about the safety and effectiveness of the new device.
Now let’s take a closer look at intended use and technological characteristics.
Intended use
Intended use means the general purpose or function of the device. The FDA will look at your proposed labelling and your Indications of Use section of the 510(k) to determine the intended use of your device (this is covered in Chapter 2). Intended use includes:
Technological characteristics
Once the FDA has determined that a predicate device exists and that the new device and the predicate device have the same intended use, it will move on to compare the technological characteristics. Technological characteristics include:
- Materials
- Design
- Energy source
- Other device features
The two devices do not have to be identical, and in fact they almost never are. The key here is to demonstrate that any differences do not have a significant impact on safety or effectiveness. Here’s what to cover when you compare your device’s technological characteristics with that of the predicate device:
Overall description of the device design
- Engineering drawings or diagrams to explain the device and component parts.
- List of component parts and explanation of how each component contributes to the overall use and function of the device.
- Physical specifications: dimensions, weight, temperature, tolerances, etc.
Materials
- Detailed chemical formulation used in all materials of constructions (especially those that come into contact with a patient).
- Any additives, coatings, paint, or surface modifications.
- How materials have been processed and what state they’re in.
Energy Sources
- Use of batteries, electricity, etc.
Other technological features
- Software/hardware
- Features
- Density
- Porosity
- Degradation characteristics
- Nature of reagents
- Principle of the assay method
In deciding whether the differences in technological characteristics impact safety or effectiveness, the FDA will typically rely on descriptive information about the technological characteristics as well as non-clinical and clinical performance data.
Let’s look at an example: A manufacturer submits a 510(k) for a new type of contact lens. Both the new device and the predicate device are indicated for daily wear for the treatment of astigmatism. The predicate device is only available in a clear lens, but the new device comes in a line of colors, including purple tinted lenses.
Who is responsible for submitting a 510(k)?
The following four types of organizations may be responsible for submitting a 510(k):
Manufacturers
- End-of-line device manufacturers who will be placing a device on the U.S. market.
- Note: Does not apply to component part manufacturers unless components will be marketed independently.
Specification developers
- Companies that develop the specifications for a finished device which has been manufactured elsewhere
Repackers or relabelers
- Required to submit a 510(k) if they significantly alter the labeling or condition of the device, including modification of manuals, changing the intended use, deleting or adding warnings, contraindications, sterilization status.
- Note: This is rare. The manufacturer, not the repackager or labeler, is typically responsible for the 510(k) submission.
Importers
- Importers that introduce a new device to the U.S. market may need to submit a 510(k), if it hasn’t already been submitted by the manufacturer.
Now that we’ve covered the basics, let’s explore what actually goes into your 510(k).
A Traditional 510(k) should contain all the following components in the list below. In some cases, a particular section may not apply to your device. When that happens, it’s a good idea to include the section anyway and just state “This section does not apply” or “N/A” under that heading.
To continue reading this eBook including a detailed walk-through of all the Traditional 510(k) components, submission requirements and timelines, and an overview of the other 510(k) forms including the Abbreviated 510(k) and the Special 510(k), please register to download the full version
The ultimate guide to the China UDI system and database
This article is an excerpt from The ultimate guide to the China NMPA UDI system and database ebook.
Table of Contents
- Overview
- UDI basics and benefits
- UDI format requirements and issuing entities
- UDI database and submission requirements
- Implementation of UDI and the UDI database in China
The current Chinese medical device regulatory regime kicked-off in 2014 with the Regulation on Supervision and Administration of Medical Devices. This core set of registration requirements, modeled after the United States and European Union systems, established a set of device classifications (class I, II, and III) based on risk and procedures for obtaining market clearance for each type of device.
Medical devices in China are regulated by the National Medical Products Administration (NMPA). Class I devices, such as clinical laboratory equipment or non-invasive skin dressings, require only notification to the NMPA for marketing authorization, and that authorization does not expire. Class II and III devices such as implantable devices or devices with a measuring function require full registration and a formal review before market clearance can be obtained.
These initial regulations have been expanded since their introduction, adding accelerated pathways to market for certain products in certain regions, easing acceptance of clinical data from overseas, and more specific roles and responsibilities for local agents of international manufacturers. In addition, in 2019, the regulations added a provision that medical devices carry a unique device identification (UDI). China’s UDI requirements are similar to those in the US and European Union. They establish specific device ID and labeling requirements, as well as a central, state-administered database of devices.
This eBook walks through the basics of medical device UDIs, the specifics of China’s implementation, and how MedTech companies who market their devices in China can prepare for the full rollout of these regulations in the coming years.
A UDI is a unique alphanumeric code that is designed to identify medical devices sold in a particular country/region from manufacturing, through distribution, to use by a patient. Like other aspects of the medical device regulatory regime, the UDI system in China follows the approach taken by the United States FDA and European Commission, and is based on the guidance from the International Medical Device Regulators Forum (IMDRF). Generally, UDI systems are designed to improve patient safety and optimize care by:
- Increasing the traceability of medical devices, including field safety corrective actions
- Providing an unambiguous identification method for medical devices throughout distribution and use
- Making adverse event reports more accessible
- Reducing medical errors by providing detailed information related to the device
- Simplifying medical device documentation and making it more consistent
There are three components to the UDI system in China:
- UDI code: The actual UDI code can be assigned by one of three (3) issuing agencies and contains information about the product, it’s expiration date, and the manufacturing batch/lot it’s associated with.
- UDI labeling: Put simply, medical devices must carry the UDI code on them. The regulations stipulate how devices and their packaging must be labeled for compliance.
- UDI database: In addition to labeling, all device UDIs must be submitted to a central database that is administered by the NMPA.
The following sections explore each of these components in more detail.
The UDI code
The first element of the UDI system is the code itself. The UDI code is the alphanumeric identifier that is associated with a specific medical device. UDI codes have two (2) elements to them, the UDI device identifier (UDI-DI) or static portion, and the UDI production identifier (UDI-PI) or dynamic portion. You can see the two components in the UDI diagram below:
The UDI-DI contains information about the issuing entity—the organization that is authorized to assign UDI codes. In China, this can be one of three entities: GS1, an international barcode and electronic data interchange standards organization, and two domestic organizations: the Zhongguancun Industry & Information Research Institute (ZIIOT), and AliHealth. Additional details about the issuing agencies are covered in Chapter 2. In addition, the UDI-DI contains information about the manufacturer and the specific model or version of the device.
The UDI-PI contains information about the manufacturing and production of the device. This typically includes information about the lot or batch number in which the device was manufactured, the manufacturing date and expiration date for the device (if applicable), and the specific serial number for the device. Here you can see all of the components marked up using the same UDI example:
Note that each packaging permutation and level for a given device will need to be assigned its own UDI. So for example, let’s say that a company manufactures 5ml enteral (oral) syringes in two packaging options: 1 – packaged individually and 2 – packaged in a box of 5. Each packaging option would need its own UDI, despite the fact that the underlying product is the same.
Now looking at packaging levels, let’s assume that the manufacturer packages the single syringe offering into boxes of 6, and again into larger containers of 24. Each of those packaging options needs its own UDI as well.
Labeling
In addition to obtaining UDI code for each device as outlined in the previous section, medical device manufacturers are required to ensure that devices are appropriately labeled with the assigned UDI. This label is called the UDI Carrier. The UDI is represented in two forms on the UDI Carrier: a machine-readable form and a human-readable form.
The machine-readable form or automatic identification data capture (AIDC) is a barcode or some other technology that can be used to automatically capture UDI information. The NMPA regulations support 3 types of machine-readable formats: 1-dimensional barcode, 2-dimensional barcode, and radio-frequency identification (RFID).
The regulations note that “use of advanced automatic identification and data collection technologies is encouraged”—prompting manufacturers to use more modern 2D and RFID machine-readable carriers where possible. Note, however, that if a device uses RFID, the UDI Carrier must also include the UDI in barcode format.
The human-readable form or human-readable interpretation (HRI) is the numeric or alphanumeric code for the UDI that can be read and manually entered into systems.
The UDI Carrier should be included on the device and on all levels of packaging. The UDI Carrier must be clear and readable during the operation and use of devices. If there isn’t room on the device for both the human and machine-readable forms of the UDI, then manufacturers should prioritize the machine-readable form.
UDI database
The third component of the NMPA UDI system is the UDI database. This is a centralized database of UDI and product information, administered by the NMPA. Manufacturers are required to submit UDI information into the database within 60 days after a product is approved (for sale in China) and before it is commercialized. The database contains a more detailed product record than what is included in the UDI itself, and it is the responsibility of the manufacturer (and/or their in-country representative) to submit the information correctly, and ensure that it’s kept up to date.
Chapter 3 of this eBook goes into detail about the specific fields and data requirements for UDI database submissions.
To continue reading this eBook including information about UDI format requirements and issuing entities, implementation timelines, and affected device types, please register to download the full version.
The ultimate guide to the EU MDR/IVDR unique device identifier (UDI) System
This article is an excerpt from The ultimate guide to the EU MDR/IVDR UDI ebook.
Table of contents
- Overview
- UDI basics and benefits
- UDI format requirements and issuing entities
- UDI rules for specific device types
- Implementation of UDI and UDAMED in the European Union
- US vs EU UDI comparison
The EU Medical Device Regulation (2017/745) (“MDR”) and EU In Vitro Diagnosis Regulation (2017/746) (“IVDR”) introduce two new systems for information exchange: UDI (Unique Device Identifier) for device identification and EUDAMED (European Databank on Medical Devices) to centralize and disseminate information. UDI is a specific code assigned to all devices and higher levels of packaging. This will allow for devices being sold in the European market to be identified and traced through a globally harmonized approach. EUDAMED is the IT system developed by the European Commission to replace the EUDAMED2 database previously in place under the Medical Device Directives (MDD). EUDAMED is a multi-functional system that will be used to coordinate device registration, provide information about devices to industry professionals and the public, and highlight necessary safety details.
The EU MDR and IVDR UDI system is based upon the guidance of the International Medical Device Regulators Forum (IMDRF). It’s a globally harmonized system that’s designed to increase patient safety and optimize care.
UDI system goals
Increase patient safety
- Improve tracing of devices
- Reduce the presence of counterfeit devices
Ensure access to accurate information
- Unambiguous identification of devices throughout distribution and use
Improve post-market surveillance
- Improve accessibility of adverse event reports
Enhance supply chain Management
- Streamline supply chain process and inventory management
- Simplify medical device documentation processes
The UDI system has four key elements
Element 1: Assignment of UDI (UDI Components)
The first element of the UDI system is the assignment of a UDI. The UDI is a code of alphanumeric characters that acts as the access key to information about a specific medical device on the market. The EU MDR and EU IVDR requires that a UDI be assigned to all medical devices except for custom-made or investigational devices. There are three components of a UDI:
- Basic UDI-DI
- UDI (consisting of UDI-DI and UDI-PI)
- Packaging UDI (Note: This is not an official term used in the EU MDR and IVDR, but we’re using it to help explain the concept. The Packing UDI is part of the UDI itself.)
1. Basic UDI-DI
The Basic UDI-DI identifies the device group that a particular device fits into. A device group is a group of products that all share the same intended purpose, risk class, essential design, and manufacturing characteristics. A device group is generally classified by medical device manufacturers as a “Product Family” or “Product Category,” depending on the internal nomenclature used within the company. The Basic UDI-DI functions as a parent or higher-level descriptor of a device.
NOTE: There can only be one Basic UDI-DI per UDI-DI.
The Basic UDI-DI is not printed on the product itself or on the packaging of a product, but rather it must be included in the following documents and applications:
- Certificates (Including Certificate of Free Sale)
- EU Declarations of Conformity
- Techical Documentation
- Summary of Safety and Clinical Performance
2. UDI (UDI-DI and UDI-PI)
The second component is the UDI itself, which consists of two parts:
Device Identifier (DI)
Production Identifier (PI)
The UDI-DI (Device Identifier DI, also referred to as “static”) identifies specific, detailed information about a particular device. If any of the below details should change, the device will need a new UDI-DI.
- Name or trade name of the device
- Device version or model
- If labelled as a single use device
- Packaged as sterile
- Maximum number of uses
- Need for sterilization before use
- Quantity of devices provided in a package
- Critical warnings or contra-indication
- CMR/endocrine disruptors
NOTE: There can be several UDI-DIs for one Basic UDI-DI.
Meanwhile, the UDI-PI (Production Identifier PI, also referred to as "dynamic") contains manufacturing information (including serial number, lot/batch number, software identification, and manufacturing or expiry date or both types of dates.)
To better illustrate this concept of Basic UDI-DI and UDI (UDI-DI and UDI-PI), let’s use a syringe as an example. The Basic UDI-DI would identify the category of a syringe, for example, "Enteral (Oral) Syringe."
A 5ml Enteral (Oral) Syringe – Sterile (Color: Purple) would get a unique UDI-DI and a 10m Enteral (Oral) Syringe – Sterile (Color: Orange) would get a unique UDI-DI. Both products would be associated to the same Basic UDI-DI. In this case, the "Enteral (Oral) Syringe," which defines the category.
Each time that 5ml Enteral (Oral) Syringe – Sterile (Color: Purple) is manufactured at the same revision, it will get a new UDI-PI per lot. See the graphic below.
Each product is identical and therefore has the same UDI-DI. However, the UDI-PI changes to reflect the manufacturing date, lot number, expiry date, and serial number, as applicable.
The UDI will contain all device-specific information and have the same functions as the comparable database (GUDID) of the United States FDA. The main difference (in EUDAMED) is that the UDI data is divided into components of Basic UDI-DI, UDI, and Packaging UDI.
3. Packaging UDI
The third component of UDI is the Packaging UDI. (Note: This is not an official term used in the EU MDR and IVDR, but we’re using it to help explain the concept.)
Each level of packaging, except shipping containers, must receive its own unique UDI. Packaging UDI refers to the unique UDI assigned to higher levels of packaging instead of the device itself.
In the event of significant space constraints on the unit of use packaging, the UDI Carrier may be placed on the next higher packaging level.
Returning to our earlier example of syringes, if a manufacturer first packages a single sellable syringe into an individual box, this package would receive its own UDI-DI and UDI-PI.
If then the manufacturer packages those individual boxes into containers of six (6), those containers would receive their own UDI-DI and UDI-PI.
And finally, if the manufacturer packages those six (6) containers into cases of four (4), those cases would receive their own UDI-DI and UDI-PI.
Each of those levels of packaging must be assigned its own UDI-DI and UDI-PI. The initial syringe did not change, but the way it is packaged did, therefore, requiring its own UDI-DI and UDI-PI.
Element 2: Placing UDI on the device and/or packaging
The second element to the UDI system is the placing of the UDI on the device or on its packaging through what is referred to as a “UDI Carrier.” The UDI Carrier is the part of the label that contains the UDI information that is applied directly to the device or included on the device packaging. The UDI Carrier should have both a machine-readable portion (AIDC) and a human-readable portion (HRI). (Specific details about each element of the UDI will be covered in Chapter 2.)
- Machine-readable form – AIDC – (Automatic Identification and Data Capture) is a barcode or other machine-readable technology that can be accessed automatically by scanning the UDI information.
- Human-readable form – HRI – (Human Readable Interpretation) is the numeric or alphanumeric code, which can be manually entered into the system for access to the UDI information.
If there are space constraints limiting the use of both the AIDC and HRI on the label, then only the AIDC is required to appear. However, on devices that are intended to be used in home-health care or other non-medical facility settings, the HRI would be required to appear.
Single-use devices may contain the UDI Carrier on its lowest level of packaging rather than on the device itself.
Reusable devices must include the UDI Carrier on the device itself, unless any type of direct marking would interfere with the safety or performance of the device, or if it is not technologically feasible to directly mark the device. If so, this should be properly documented in your design history file.
Most importantly, the UDI Carrier must be readable for the intended lifecycle of the device.
Below is an example of a GS1 AIDC and HRI barcode label.
Element 3: Storage of UDI information by Economic Operators
Storage of UDI information by "Economic Operators" is the third element of the UDI system. 2017/745 Articles 2(35), 22(1), and 22(3) define an economic operator as:
- A manufacturer
- An authorized representative
- A distributor
- An importer
- An investigator for clinical investigations
- A person who sterilizes systems or procedure packs
Class III, implantable device:
According to EU MDR 2017/745 Annex II, the manufacturer shall keep an updated list of all UDIs that it has assigned. Economic operators and all health institutions are required to store, preferably by electronic means, the UDI of all the devices for which they have supplied or with which they have been supplied.
For Devices Other than Class III:
Member States are encouraged, and in some cases require, health institutions to store, preferably by electronic means, the UDI of the devices with which they have been supplied. The UDI must also be included in any field safety notice for reporting serious incidents and field safety corrective actions.
The EU MDR and EU IVDR also give the European Commission authority to make additional requirements regarding the submission or maintenance of UDI information. In making those decisions, the European Commission must consider six (6) areas:
- Confidentiality and data protection
- Risk-based approach
- Cost-effectiveness of the additional measures
- The need to avoid duplications in the UDI system
- The needs of the healthcare systems of the member states
- Harmonization with other medical device identification systems
To continue reading this eBook including information about the EUDAMED database, UDI format requirements and issuing entities, implementation timelines, and key differences between the EU and US UDI systems, please register to download the full version
The Future of MedTech Compliance: How AI Is Transforming Regulatory Affairs
MedTech regulatory affairs teams are facing a turning point. Regulations are expanding in number and complexity, resources are limited, and manual processes cannot keep up. At the same time, artificial intelligence (AI) has become a serious topic of discussion in regulatory circles. Leaders are beginning to ask: How can AI help us manage change, reduce risk, and accelerate compliance efforts?
The answer is clear: AI is no longer just a buzzword. When combined with effective regulatory information management (RIM), it can be a powerful enabler of efficiency, accuracy, and strategic decision-making.
Why AI is Trending in Regulatory Affairs
The Surge of Regulatory Data
Regulatory teams must now track requirements from multiple global markets. Each regulator frequently updates its regulations, guidances, templates, and recognized standards, which creates large volumes of data to organize and analyze. AI can scan and classify this information, highlight changes, and prepare it for structured use within RIM systems.
Doing More with Limited Resources
Most teams are expected to deliver more without additional staff. High turnover makes continuity difficult, and according to the 2024 RAPS Global Workforce Report, the number of professionals “open to work” has grown in North America and Europe. AI offers relief by taking on repetitive tasks such as document formatting or data entry, allowing experts to focus on higher-value work.
Global Complexity and Diverging Standards
No two markets are exactly alike. AI can help by flagging differences, surfacing potential risks, and recommending reusable content drawn from a company’s submission history. Faster, more accurate submissions directly improve time-to-market and compliance outcomes.
The RIM & AI Adoption Maturity Model
Not every organization is ready to fully embrace AI. Success depends on RIM maturity: how structured and centralized your regulatory processes and data are. The RIM & AI Adoption Maturity Model provides a roadmap from basic to optimized states.
- Levels 0–2: Early Stage
- Data is siloed and processes are ad hoc. AI provides value in isolated ways, such as cleansing records or scanning for regulatory changes.
- Level 3: Proactive
- A RIM system centralizes information. AI begins to surface reminders, deadlines, and global impact assessments.
- Level 4: Well Managed
- Processes are standardized across the lifecycle. AI generates insights, monitors KPIs, and supports reuse of regulatory content.
- Level 5: Optimized
- AI is fully embedded, delivering predictive analytics, continuous monitoring, and smarter decision-making.
Practical Applications of AI Today
Today, regulatory teams see the greatest opportunities in:
- Regulatory submissions: Automatically detecting changes in templates and suggesting updates.
- Document classification: Using natural language processing to tag and organize regulatory documents.
- Regulatory intelligence: Monitoring health authority updates and highlighting what matters most.
- Impact assessments: Linking changes (e.g., regulations/standards/design) directly to the affected products and registrations and evaluate the potential impact.
- Content reuse: Recommending approved content to accelerate submissions.
How to Start Your AI Journey in Regulatory Affairs
Adopting AI is not about jumping to the most advanced capabilities overnight. Instead, consider these steps:
- Assess your RIM maturity. Where does your organization sit on the 0–5 scale? What foundational gaps (data centralization, process standardization) need to be addressed first?
- Identify quick wins. Focus on repetitive, rules-based tasks where AI can add value without major disruption.
- Implement governance. Establish policies for safe, compliant AI use, particularly around data privacy and model training.
- Pilot in phases. Start small, validate results, and expand AI use as confidence and maturity grow.
- Keep people at the center. AI should enhance the expertise of regulatory professionals, not replace it.
Building a Smarter Future for MedTech Compliance
AI is becoming a trending topic in regulatory affairs not just because it’s new, but because it directly addresses the challenges teams face: rising complexity, limited resources, and scattered data.
For organizations that take this approach, the benefits are clear: lower compliance risk, faster execution, and stronger competitive positioning. AI does not replace regulatory professionals. Instead, it enables them to spend less time on manual tasks and more time on strategic contributions that improve patient access to life-changing technologies.
In other words, AI isn’t about futuristic transformation. It’s about helping regulatory teams step off the “data treadmill” and reclaim their time for what matters most: bringing safe, life-changing medical technologies to patients faster.
.avif)
Rimsys Becomes the Trusted Regulatory Partner for 6 of the Top 12 Global MedTech Manufacturers
“Adoption by half of the top global MedTech manufacturers is a powerful validation that we’re not just a solution, we’re setting the new gold standard for regulatory excellence.”
Pittsburgh, PA - August 7, 2025 - Rimsys, the leading Regulatory Information Management (RIM) software purpose-built for the MedTech industry, today announced a significant milestone: 6 of the world’s top 12 medical device manufacturers now rely on Rimsys to manage and streamline their global regulatory operations.
This milestone further solidifies Rimsys’ position as the trusted partner to the world’s most innovative and quality-focused MedTech companies.
Click here for the full list of the top 12 global MedTech companies.
“Today’s regulatory environment demands more than spreadsheets. Leading manufacturers recognize that regulatory operations are mission-critical, revenue-generating departments and need systems to match that level of importance,” said James Gianoutsos, Founder and CEO of Rimsys.
Rimsys’ unified, enterprise-grade RIM platform centralizes and automates critical regulatory processes—including market registrations, Unique Device Identification (UDI), essential principles/GSPR, and submissions management—reducing compliance risk and accelerating market access. Specifically tailored to the needs of medical device and diagnostics companies, Rimsys enables seamless collaboration across RA, QA, and commercial teams while delivering the audit-ready transparency global regulators demand.
“As more organizations embrace regulatory digital transformation, Rimsys is proud to lead the industry forward,” added Gianoutsos. “Adoption by half of the top global MedTech manufacturers is a powerful validation that we’re not just a solution, we’re setting the new gold standard for regulatory excellence.”
To learn more about the Rimsys, please visit www.rimsys.io.
About Rimsys
Rimsys is the leading provider of Regulatory Information Management (RIM) software purpose-built for MedTech manufacturers. The comprehensive platform digitizes and automates regulatory activities, helping MedTech regulatory affairs teams to efficiently achieve regulatory compliance and get products to market faster. Rimsys is designed around MedTech workflows and supports a full breadth of regulatory functions including registrations, submissions, UDI, EUDAMED compliance, essential principles, and standards management in a unified platform. Rimsys is trusted by half of the world’s top 12 MedTech companies to power their global regulatory operations. For more information, visit www.rimsys.io.
%2520(855%2520x%2520268%2520px).png)
Rimsys Announces Bulk UDI Submission and Rimsys Connect™ to Empower MedTech Regulatory Teams
New solutions deliver enterprise-grade data access and streamlined EUDAMED compliance, driving smarter, faster decisions across the business
Pittsburgh - April 29th, 2025 - Rimsys, the global leader in Regulatory Information Management (RIM) software for the MedTech industry, today announced two major enhancements to its platform: expanded Unique Device Identification (UDI) capabilities to support EUDAMED machine-to-machine (M2M) bulk transmission and Rimsys Connect™, a new enterprise Change Data Capture (CDC) solution that provides near real-time synchronization of Rimsys data with customers’ Business Intelligence (BI) solutions.
Together, these capabilities are designed to help MedTech organizations streamline compliance, reduce manual effort, and unlock the full strategic value of their regulatory data.
New UDI Capabilities Support EUDAMED Readiness
The UDI enhancements extend Rimsys’ industry-leading Universal UDI® framework, enabling MedTech teams to manage complex, global UDI programs in one unified RIM system. Key new capabilities include:
- Approving multiple records simultaneously via a simple, scalable workflow
- EU data governance support with all required attributes for EUDAMED transmission
- Bulk submission of records to both the GUDID and EUDAMED databases
These features allow teams to eliminate time-consuming, record-by-record processing, helping them meet the mandatory January 2026 EUDAMED compliance deadline with confidence.
“We’ve partnered closely with our customers to develop a UDI offering that meets increasing regulatory complexity and is easily scalable as new regulations come online,” said Adam Price, Director of Regulatory and Technical Programs at Rimsys. "We’re not only giving customers the ability to meet EUDAMED compliance but enabling them to manage their global UDI program in a single-sourced RIM solution for complete visibility.”
Introducing Rimsys Connect™: Enterprise Data Access, Redefined
Rimsys Connect™ offers enterprise customers a powerful new way to leverage regulatory data across the business. Built on a scalable, event-driven architecture, it provides secure, structured, near real-time streaming of Rimsys data into any modern data warehouse solution—such as Snowflake, Amazon S3, and Salesforce Bulk API 2.0.
“Rimsys Connect™ is not just a connector—it’s a strategic enabler,” said James Gianoutsos, Founder and CEO of Rimsys. “We’re giving regulatory affairs teams the ability to deliver insights that influence launches, accelerate tender responses, and align compliance with business impact. With Connect, RA teams become true strategic partners.”
By providing full access to customer data—registrations, UDI, projects, tasks, and custom attributes — Rimsys Connect™ supports a wide variety of enterprise use cases with customers’ own business intelligence solutions:
- Tracking on-time submission and decision KPIs
- Aligning registration timelines with product launch dates
- Conducting ROI analysis for renewals and market prioritization
- Accelerating tender readiness by combining RIM and PLM data
- Supporting post-market surveillance dashboards
While the initial release will focus on data access, Rimsys plans to expand Connect with curated BI templates and best practices to further accelerate enterprise customer time-to-value.
Solving the Data Fragmentation Problem for MedTech
Many regulatory affairs teams remain constrained by outdated tools, fragmented data sources, and increasing demands to deliver strategic insights to executive and commercial stakeholders. Rimsys Connect™ addresses these challenges by eliminating manual reporting workflows and enabling teams to analyze their regulatory data alongside financial, marketing, and quality systems.
“With Rimsys Connect™, regulatory teams can visualize and analyze their data in real time, assess launch readiness, and deliver more value to their organizations. This is how RA becomes a catalyst for better decisions—not just compliance,” said Gianoutsos.
Both Rimsys’ expanded UDI capabilities and Rimsys Connect™ will be available this summer. Those interested in learning more about these solutions and how they will enable greater automation, efficiency, and compliance can visit our booth at RAPS Euro Convergence May 13-15 in Brussels, Belgium, or sign up for Rimsys’ product update webinar on Thursday, May 22nd at 10 AM ET.
Read the press release here.
About Rimsys
Rimsys is improving global health by accelerating delivery and increasing availability of life-changing medical technologies. Rimsys Regulatory Information Management (RIM) software digitizes and automates regulatory activities, helping MedTech regulatory affairs teams to plan more effectively, execute more quickly, and confidently ensure global regulatory compliance. Rimsys is designed around MedTech workflows and supports a full breadth of regulatory activities including registrations, submissions, UDI, essential principles, and standards management in a unified platform. For more information, visit www.rimsys.io.
Contacts:
marketing@rimsys.io
.avif)
Rimsys Enters Strategic Alliance Relationship with KPMG
PITTSBURGH – March 11, 2025 -- Rimsys, the global leader of MedTech Regulatory Information Management (RIM) software, today announced that it has entered into a strategic alliance relationship with KPMG to advance digital transformation in the MedTech industry.
“KPMG’s deep experience in advisory and business transformation services and exceptional reputation make them a valuable alliance relationship for us,” said James Gianoutsos, Founder and CEO of Rimsys. “KPMG is on the cutting edge of industry trends and has a wide breadth of experience in helping companies innovate and scale. We are thrilled to work with them to help MedTech teams transform their regulatory management processes and leverage the benefits of automation and digitization as part of their broader transformation strategy.”
Founded for and by MedTech regulatory affairs professionals in 2017, Rimsys was created to bring efficiency to regulatory information management and fill an inhibitive technology gap in an underserved industry. Rimsys has since grown to support the world’s MedTech leaders backed by a staff that understands their complex workflows and a robust, secure technology infrastructure that allows customers to scale Rimsys software to support their changing regulatory needs and requirements.
“There is tremendous innovation happening in the MedTech industry, and we are excited to work with Rimsys to help clients transform how they manage regulatory information for getting new products to market and sustaining their existing product portfolios. It’s critical to approach these programs as a holistic business transformation across people, process, technology, data, and governance & controls,” said Dipan Karumsi, Principal, Consulting Sector Leader for Life Sciences at KPMG.
“Through our strategic alliance with KPMG, we can further expand our reach to large and enterprise MedTech companies and continue our exponential growth,” said James. “Combined with KPMG’s experience helping organizations mature their data collection and transformation processes to reach RIM readiness, we can enable the MedTech industry to innovate faster, strengthen compliance, and most importantly, improve the availability of life-changing medical technologies.”
See the full press release here.
FDA’s Final Rule on LDTs: What manufacturers need to know
In July 2024, the FDA's final rule in 21 CFR Part 809 on laboratory developed tests (LDTs) went into effect, amending its previous regulations to make it clear that IVDs, including those that are manufactured in laboratories, are classified as devices under the Federal Food, Drug, and Cosmetic Act. Our blog post provides an overview of LDTs, FDA’s final rule, the phase out policy schedule, and how LDT manufacturers can prepare themselves for compliance.
What are LDTs?
Simply put, LDTs are IVDs that are designed, manufactured, and utilized within a certified laboratory and are typically used for high-complexity testing.
Historically, FDA has used enforcement discretion only on LDTs, which means that most LDTs haven’t been subjected to specific regulatory requirements. However, the volume of and risks associated with LDTs have grown over the years. Some examples of modern LDTs include glucose tests, genetic tests for cancer and infectious diseases, and newborn screenings for early diagnostics. Without a regulatory framework in place, patients are at greater risk of receiving inaccurate test results, forgoing necessary or undergoing unnecessary treatment, and adhering to misleading or false product claims, possibly endangering patients and leading to higher healthcare costs.
FDA’s Final Rule on LDTs
Following the final rule that was issued, LDTs are now subject to the same regulatory requirements as other IVDs, including premarket reviews, quality system requirements, labeling requirements, adverse event reporting, and device listing and registration. To prevent disruptions in patient care, there is a four-year transition or phaseout period consisting of the following five stages:
- Stage 1 (May 6, 2025): LDT manufacturers will be expected to comply with FDA medical device reporting (MDR) requirements, correction and removal reporting requirements, and quality system (QS) requirements for complaint files.
- Stage 2 (May 6, 2026): LDT manufacturers will be required to comply with IVD registration and listing requirements, labeling requirements, and investigational use requirements.
- Stage 3 (May 6, 2027): LDT manufacturers will need to comply with all other QS requirements not covered in Stage 1.
- Stage 4 (November 6, 2027): Unless a premarket submission is received before the start of this stage, LDT manufacturers of high-risk products will need to comply with premarket review requirements for IVDs that may be classified into class III or that meet the requirements of section 351 of the Public Health Service Act.
- Stage 5 (May 6, 2028): LDT manufacturers of moderate and low –risk products will need to comply with premarket review requirements for IVDs unless a submission is received before the beginning of this stage.
Manufacturers of LDTs that don’t meet the requirements in each stage are deemed non-compliant to the regulations governing IVDs and may be subject to FDA 483 observations or warning letters, financial penalties, and even worse, involuntary removal of products from the market.
Note that some LDTs will be exempt from these requirements. Refer to the FDA’s website for more guidance.
Preparing for Compliance
Despite a four-year phaseout period, it’s crucial for LDT manufacturers to start assembling a compliance plan. Starting as early as May 2025, manufacturers will be required to comply with FDA Medical Device Reporting (MDR) requirements, correction and removal reporting requirements, and quality system requirements for complaint files.
It's good practice to conduct an internal regulatory assessment to ensure you have the resources, processes, and tools in place to successfully meet new requirements for LDT devices. It’s also essential to make sure your team is well-versed in these new requirements and the documentation and timelines involved. Including all relevant stakeholders early on, getting a comprehensive project plan in place, and meeting regularly to ensure all tasks are completed would be helpful during the phaseout period and beyond.
Regarding the LDT changes, the FDA has provided a Q&A sheet that you may find helpful.
If you're looking for guidance on FDA premarket submissions, see our Beginner’s Guides to the FDA 510(k), De Novo, and PMA processes.
How Regulatory Tools Can Help
FDA’s final rule on LDTs will add complexity to the regulatory information management of laboratory diagnostic tests. There are digital solutions that can help manufacturers stay current on updated regulations and manage the additional information and documentation needed because of these updates.
A regulatory intelligence database like Rimsys Intel can provide detailed global market entrance requirements, application timelines, fees, risk class specifications, and documentation needed for medical devices and IVDs so that manufacturers can start preparing their premarket strategies.
Regulatory Information Management (RIM) software like Rimsys can help boost efficiency, reduce compliance risk, and increase collaboration by centralizing regulatory information and automating time-consuming, manual processes. As a result, medical device manufacturers gain complete visibility into their submission management and selling status so that they can plan more effectively, avoid costly product delays, and execute faster.
Quick reference guide - global medical device UDI requirements and timelines
This article was last updated on February 10, 2025.
What is UDI?
UDI systems are intended to benefit healthcare providers, manufacturers, authorized health authorities, hospitals and institutions, and individual consumers by providing:
- Faster discovery of possible flawed medical device information by health authorities.
- Quicker access to recall information, and visibility into current inventory.
- A reduction in medical errors through consistently documented product expiration dates.
- Identification of any counterfeit products being used in healthcare facilities.
- Assurances that information regarding an implanted device is safely retained and traceable.
UDI timelines and deadlines vary by market, classification risk, and product and have been revised multiple times in some countries*. This article details the UDI deadlines for the countries which have announced specific programs (draft or implemented) and is current as of the date of this article.
*Note: these dates can change as participating countries adjust their plans. We do our best to update this as more information becomes available.
Quick Links to country-specific sections:
- Australia UDI
- Brazil UDI
- Canada UDI
- China UDI
- European Union UDI
- India UDI
- Japan UDI
- Saudi Arabia UDI
- Singapore UDI
- South Korea UDI
- Taiwan UDI
- United States UDI
- UDI databases by country
General UDI labeling requirements
There are two components to a medical device UDI: the UDI device identifier (UDI-DI) and the UDI production identifier (UDI-PI). The UDI is presented as a barcode label (human and machine readable) on device packaging or on the device itself and acts as the access key to all device UDI attributes.
UDI-DI: This is the static portion of the UDI which identifies the manufacturer along with the specific device version. The UDI-DI (device identifier), also known as the Global Trade Item Number (GTIN) is assigned by an approved organization, such as GS1, and contains:
- Company prefix
- Manufacturers internal product code
- Check character
The UDI-DI is the primary identifier to be used in looking up device attributes in country-specific databases and is assigned prior to placing a product on the market. Note that the device identifier is different for different packaging levels of the same device.
UDI-PI: This is the dynamic portion of the UDI which is assigned by the manufacturer and identifies one or more of the following:
- Manufacturer’s lot or batch number
- Serial number
- Manufacturing date
- Expiration date
- Other attributes as defined by country-specific regulations
The UDI-PI actual values do not appear in country-specific databases (with the exception of the EU vigilance database).
Australian UDIGuidelines
Reporting Database: AusUDID (pre-production)
The Australian government for medical devices, the TGA, has not launched any official regulations or timeline for mandatory UDI labeling. They do provide a wealth of information on their website that is worth reviewing. In the meantime, however, they are hoping for a Q1 2025 implementation. The AusUDID Pre-Production environment is available for sponsors and manufacturers of medical devices supplied in Australia. It is a test environment that allows testing of data submission, prior to submission to the AusUDID Production environment. Any sponsor or manufacturer with an active TBS account can access the database.
ANVISA UDI guidelines
Reporting database:TBD
RDC No. 591/2021 is the regulations guideline for the identification of medical devices regulated by ANVISA, implementing the Unique Identification of Medical Devices (UDI) system. In July 2024, ANVISA finalized amendment RDC No. 884/2024 which implemented various adjustments to RDC 591/2021. The biggest take-away regarding UDI is the extension of one year on the implementation deadlines.
Health Canada website
Reporting Database: N/A
Position paper on the current state of UDI implementation
Medtech Canada strongly supports the global initiative led by regulators under the guidance of the International Medical Devices Regulators Forum (IMDRF), which aims to standardize the identification of medical devices by requiring that certain medical devices carry an internationally recognized UDI. Currently, there is no process in place for UDI in Canada.
China (NMPA) website
Reporting Database: China National UDI Database
Announcement No 22 of 2023
On January 1, 2021, the NMPA implemented the UDI system for its first batch of medical devices, including 69 Class III devices. The following year, June 1, 2022, followed the implementation for the second batch of other Class III medical devices (including IVD reagents). Then in 2023, Order No. 22 announced the third batch of products to adopt the UDI system.
As of June 1, 2024, medical devices listed in the third batch implementation product catalog must have already had UDI implemented. According to the degree of risk and regulatory needs, some Class II medical devices in the third batch included high-demand single-use products, items selected for centralized procurement, and medical aesthetic products, totaling 103 types in 15 categories.
European Union UDI Information
Reporting Database: EUDAMED
Rimsys Updated EUDAMED Timeline Blog Post
The UDI & Devices module is expected to be declared fully functional by the end of Q2 2025 and mandatory for industry use on January 1, 2026. The EU continues to strongly recommend to the industry to establish its solution and to submit data on a voluntary basis.
Medical Devices Rules, 2017
Legal Metrology Act, 2009
Reporting Database: N/A
Rule 46 of Medical Device Rule 2017 was set to require UDI labeling by January 1, 2022. However, details on how the UDI needs to be implemented have not yet been released but India's labeling and traceability requirements must be met as per CDSCO regulations.
In addition to the Medical Device Rule 2017, the Legal Metrology Act, 2009 focuses on standardizing weights and measures and ensures that packaged commodities, including medical devices, are labeled with accurate and clear information.
Law to Ensure Quality, Efficacy and Safety of Pharmaceuticals, Medical Device, and Similar Products
Reporting Database: N/A
There are two regulatory authorities responsible for regulation of medical devices in Japan: The Ministry of Health, Labour and Welfare (MHLW) and the Pharmaceuticals and Medical Devices Agency (PMDA). The MHLW is responsible for the administrative actions such as guidance and approval, and judgment on whether or not a product is considered a medical device. The PMDA undertakes product review and post-market safety measures.
As of Dec 2022, bar code labeling based on international standards is required for immediate containers/wrappings/retail packages of medical devices. It is expected for barcodes to be displayed on every medical device in unit of use for patients. Japan was an early promoter of standardized barcodes and is still working towards harmonizing the requirements with global UDI expectations.
The Pharmaceuticals and Medical Devices Act (PMD Act) translates in Japanese meaning "Law to Ensure Quality, Efficacy and Safety of Pharmaceuticals, Medical Devices, and Similar Products," but is often shortened to Act on Pharmaceuticals and Medical Devices or just PMD Act.
Requirements for Unique Device Identification (UDI for Medical Devices)
Reporting Database: Saudi-DI
The SFDA requires compliance with the Unique Device Identification (UDI) regulations on all medical device companies in Saudi Arabia for all classifications. Medical device classifications include: devices, IVD, non-medical IVD, chemical for medical use, distillation device, general lab use, HCT/Ps product and radiation devices.
Guidance for UDI Implementation
Reporting Databases: Singapore Medical Device Register (SMDR) - For risk class B or higher, Class A Medical Device Database - Risk class A only
Singapore is now requiring compliance with UDI labeling and database registration. They will accept UDI labels for devices already marketed in the U.S. and the EU without any need for modification. However, if they are not marketed in either country, then they are required to implement via Singapore UDI regulations.
Companies are given an additional 6 months from the compliance date to deplete the respective medical devices that have been imported prior to the compliance date and exist in their current supply chain.
Note:
• UDIs will not be required for medical devices for clinical research, investigational testing or clinical trial and custom-made medical devices
• Medical devices authorized for supply via Special Access Routes (GN26, GN27, GN29) are required to comply with UDI requirement on a risk-calibrated approach
Act on In Vitro Diagnostic Medical Devices
Act on Medical Devices
Reporting Database: South Korean Integrated Medical Device Information System (IMDIS)
South Korea has already implemented UDI regulations by Article 20-23 of the Medical Device Act (No. 14330) and Article 54-2 of Enforcement Regulations of Medical Device Act (No. 1512).
Guidance document from Taiwan FDA
Reporting Database: TUDID
Taiwan has previously implemented UDI regulations, which include labeling and database reporting requirements.
FDA website for UDI
Reporting database: GUDID database
The United States has previously implemented UDI regulations, which includes labeling and database reporting requirements.
Each country has their own UDI database and varying requirements for the data stored in those databases. There is overlap in the data required among the various UDI databases, but each country also has unique data they require.
In addition, countries require that UDI-DI information be provided by “issuing entities.” Note that with the exception of China, all countries accept GS1, HIBCC, and ICCBA as issuing entities.
* Data attributes are approximations based on country UDI requirements and include mandatory, optional, mandatory if applicable, and country database auto generated elements.
** Expected to be similar to US GUDID requirements.
Keeping pace with UDI regulations
Keeping track of country-specific UDI requirements, implementation timelines, and affected devices can be a big challenge to RA teams—especially because the information is scattered across many sources and simply hard to find. In this guide, we have consolidated timeline information and device class requirements across multiple countries. While we make every effort to provide accurate and up to date information, it's always advised to check the government website for the country in question.
Additional UDI resources
Looking for more information? You can visit our EUDAMED resource center, where you will find videos and resources to help you plan for UDI requirements in Europe. In addition, you may enjoy our blog post that outlines our views on the recent EUDAMED timeline updates.
For a broader introduction to UDI, see our Rimsys UDI Overview blog post.
If you're looking for an automated, integrated solution to help you meet changing regulations and manage your global UDI program, request a custom Rimsys demo!
