I am reading the MDR again and am trying to get deeper knowledge. If an organization is transitioning to MDR and has class IIa/b devices on the market, how might they get around the requirement of clinical studies or equivalence?
Dear group-fellows, could you help Mediwords to get a better understanding of current MDR2017/745 awareness status so far in the industry?
It won't take you more than one minute and no single personal data is collected, unless you willingly provide in the last question. Thanks in advance for your time!
We're a small medical device (IVD) manufacturer and we're trying to find a suitable PLM system to help us manage our device design and manufacturing.
We've already looked at Arena Solutions, Propel, Oracle Agile, and Upchain plus several others that don't support small companies.
Can anyone recommend any other options for small companies?
Can you explain what Article 22: System and procedure packs of EU MDR means?
What, exactly, do we do to comply with this article?
We're new to the FDA medical device, and we're looking to implement an eQMS system into our workflow. We've looked at Greenlight Guru, MasterControl, and Enzyme. Was hoping to get some feedback from the folks here regarding the pros/cons of these products. Also, are there any others that you'd recommend?
Hello, is there a need to submit an annual safety reporting in medical devices, informing the progress of the investigation, in the pre-marketing phase?
If so, what´s it´s name? To whom should be submitted?
I'm based in India and would like to understand the overall regulatory workflow for medical device product development. What are the documents I need to create for entry into the US market?
I've started on our 510(k). Do I need to have GTIN and GUDID as well? How do I go about it?
Your assistance appreciated!
How would you classify fibrin-glue like medical device? The intended purpose of the device is management of bleeding in traumas or surgical procedures (i.e endoscopy) IIb or III and why?
I have a question on MDR implementation: Is it confirmed that custom-made devices are exempt from CE marking?
According to MDR art.20 par.1, and art.52 par.8, I believe that custom-made devices are exempt from CE marking.
Are there any conflicting interpretations or guidelines?
It is extremely important for those involved to review and comment on the text, as this is the last chance for technical modifications to the project - if draft is accepted, technical requirements can no longer be modified until publication.
For each country, the availability of the document (which is copyrighted and not for open circulation) and means to comment depends on how the country deals with mirror groups to ISO TC 210 or ISO TC 210 JWG 1. Usually, there's a national mirror group that deals with the international work. Please inquiry at your National Committee organization.
In Brazil, the document is handled by WG 2 - Risk Management - from EC 26: 150.01 of ABNT CB 26. WG 2 members will receive and review the document.
The WG will also hold an open meeting for those interested to take note of the text and assist in creating the Brazilian comments. This meeting will be scheduled shortly.
FDA updates Pre-Cert program as it begins to grapple with ‘hard questions’
New updates to the FDA's Software Pre-Cert working model shows the program is making significant gains, but FDA attorney Bradley Merrill Thompson tells FierceHealthcare the agency is starting to bump up against difficult legal and regulatory...
One of the themes I come across regularly with my medical product manufacturing clients is uneven skills in investigation and determining root cause through a rigorous and adequate Root Cause Analysis (RCA). In some cases, it is newer team members who have not yet been mentored or (preferably) fully trained. In other cases, it flows all the way to the senior staff and process owner levels (including CAPA procedures that only describe a single RCA tool like 5 Whys).
The investigation analysis tools used in RCA are not intended to be used in isolation; they are intended to sequence from one to another until RCA is completed and a plan is formed.
Recently, I came across this linked article. I think it does a nice, concise job of describing a typical RCA tool flow and how to apply that to corrective and preventive actions. Definitely not the deep dive, but an easy to apply and brief start to the topic.
What do you think?
#RCA #CAPA #investigation #processengineering
Root Cause Analysis, Ishikawa Diagrams and the 5 Whys
Root cause analysis (RCA) may be limited to brainstorming and not fully thought-through ideas. Incorporate Ishikawa diagrams along with the 5 Whys in order to maximize your RCA efforts.
It blamed manufacturer risk management for a 2014 peak in recalls: The culture, the shallow industry-wide understanding, the inability to tie risk management into quality management systems.
The authors quoted Francisco Poliodoro, "Safety-related behaviors fade over time and other motivating forces come to the fore, gradually launching the seeds of the next error,” adding, medical device manufacturers have an “inability to disengage from the reactive cycle” and calling them “the main impediments to the reduction of adverse events.”
Last year there was another peak and with it a challenging article: http://bit.ly/epidemic-rages-in-2017
Do you agree with either of the findings? I welcome your comments or questions here and at email@example.com.
My team is helping 3 companies with this problem. One company is very large, with thousands of employees and multiple sites. Another company is small and was recently acquired by a larger company, but their quality system has not yet been merged. The third company has less than 10 employees. Despite the differences, all 3 companies can simplify their quality systems using 3 strategies.
Consolidate your procedures. 28 procedures are required in ISO 13485:2016 and 25 procedures are required in 21 CFR 820. However, 2 companies have more than 70 procedures and the largest has more than 500. You don’t need a corrective action procedure and a preventive action procedure, when a CAPA procedure will do. You also don’t need a nonconforming materials procedure and a rework procedure. Those 2 procedures can be combined. Design controls requires 3 procedures, but you could easily consolidate that into 1 or 2.
Be and editor--not a writer. Every time a company receives a nonconformity or an FDA 483, the first approach is to add a reminder to a procedure. This seldom is effective. Better training and monitoring quality objectives are more effective. Therefore, delete the ineffective reminders and cut the procedure down to the minimum requirements so every procedure is as simple as it can be. Then implement quality objectives for tasks that are sometimes neglected. Your new lean procedures will be easier to remember too.
Don’t duplicate procedure content in your quality manual. Your manual explains how you meet requirements of each subsection in the standard, but if you have a procedure that meets the requirement--just reference the procedure. This strategy cuts down 28 subsections to a short sentence for each (e.g., This requirement is met by SOP 8.5.2).
Main possibilities from their perspective: 1) agency is taking a different, more cooperative or interactive approach to enforcement activities; 2) Med device co's are becoming more regulation savvy; 3) the Case for Quality Initiative is contributing to the drop
Agree? Disagree? Misses the mark, there are other factors?
Drop in Warning Letters for Medical Devices Raises Interesting Questions About the Industry
In 2017, FDA issued only 44 Warning Letters to medical device establishments. Of those, 11 were related to pre-market issues, which include investigational device exemption violations or lack of
FDA 510(k) applicants should ensure that their submissions meet RTA screening criteria to avoid RTA letters that can delay their US market commercialization plans. Just have a look on the below five key reasons provided to avoid the RTA letter:
𝙁𝙞𝙫𝙚 𝙠𝙚𝙮 𝙧𝙚𝙖𝙨𝙤𝙣𝙨 𝙛𝙤𝙧 𝙧𝙚𝙘𝙚𝙞𝙫𝙞𝙣𝙜 𝙖𝙣 𝙁𝘿𝘼 𝙍𝙏𝘼 𝙡𝙚𝙩𝙩𝙚𝙧
1. Failure to comply with FDA guidance: Applicants should adhere to recommendations listed in the agency’s guidance documents on formatting Traditional, Special and Abbreviated 510(k) submissions. Some device sponsors may not understand how to compile and format their 510(k) submissions.
2. Failure to supply an eCopy: FDA 510(k) applicants must submit an electronic (eCopy) of their 510(k) applications to the agency.
3. Failure to understand the difference between different types of 510(k)s: There are three types of premarket notification submissions: Traditional (most common), Special (less common) and Abbreviated (rare). Some applicants do not understand the differences between these types of 510(k)s and submit the wrong type.
4. Failure to identify FDA guidance applicable to your device: In their submissions, 510(k) applicants should identify FDA guidance documents if applicable to their devices’ specific product code. If such information has not been included in a submission, FDA reviewers will deem your submission lacking.
5. Failure to provide test data applicable to your device: Virtually all 510(k) applications submitted for FDA review must include some type of test data (e.g., electromagnetic compatibility (EMC), electrical safety, sterilization, biocompatibility, shelf-life, mechanical performance, etc.)
Click on the following link to register for the webinar:
You will learn how the global technology leader in minimally invasive robotic-assisted surgery, Intuitive Surgical:
• Automated data integration processes, eliminating risk of manual errors
• Centralized label lifecycle management based on a single, compliance-ready platform for easy design, reliable production and cost effective dynamic change management in response to business needs
• Assured data integrity by sharing critical label data from core components of SAP ERP
• Centralized management and distributed production for labels
• Fully automated unattended label production from within SAP ERP
• Had support for changing labeling requirements driven by regulatory, supply chain, local language, postponement strategies and organizational profiles.
Register for this live webinar on 15th March. You can also watch the recording.
The webinar will be presented by Gyan Agarwal, Senior Program Manager, Digital Engagement at Intuitive Surgical and Chris Lentz - VP of SAP Business Development at PRISYM ID.
Please share the registration link with your colleagues http://bit.ly/2orIPKW.
Intuitive Surgical and PRISYM ID: Integrating Labeling with SAP for Label Content Integrity and Control
Date: 15 March | 8:30AM San Francisco/11:30AM New York/3:30PM LondonFor the label designer, creating the layout of a medical device or pharmaceutical label is just part of the story. The content required to populate the label including images, static
does anyone has insights into the interpretation of Article 45 of the MDR (Article 41 in the IVDR). It sais that as part of the market surveillance activities, there is a change that the competent auhorities will review the technical documentation of a product and that this may happen off- or on-site. I think this can be interpreted in two ways - either the CA will review the technical documentation during an audit of the NB or the CA audits the technical documentation during a NB audit of a manufacturer. Do manufacturers need to consider an authority sitting on the table during a NB-surveillance audit? Looking forward to see your thoughts on this.
All the Best
Dozens of U.S. patients may have to undergo surgery to replace their Medtronic heart defibrillators following the discovery of a manufacturing problem that could render the devices unable to provide life-saving electric shocks.
It's pretty amazing these long-existing medical device manufacturers keep releasing products before they're fully (creatively) tested - and the implications are severe: death.
Please feel free to read the article I posted, and tell me what you think.
Medical Device Recalls – Do You See the Pattern…?
Whenever I review the latest entries on the FDA Recall List , I’m still surprised when I see the Reason for Recall information. Especially since several device manufacturers appear on the list – repeatedly. “XYZ Medical” is recalling the “ABC” Product...
The huge advantage of a Special-type submission is that the FDA timeline for decision on your submission is 30 days instead of 90 days. However, you need to make sure that you are making a minor modification to the device. If there are multiple changes, and the changes require multiple functional specialties to review your submission, then your submission will be converted to a Traditional-type of submission and clearance will be delayed.
One strategy that has been used successfully is to submit a series of minor device modifications as a series of Special 510(k) submissions. This is especially useful for software feature additions.
However, most design processes and 510(k) templates that companies use are specific to Traditional-type 510(k) submissions. You need to modify your templates, your submission strategy and your overall design plan for a Special-type submission.
Next Thursday, March 8 @ 1pm EST, I will be hosting a webinar to show people how I modify 510(k) templates for a Special 510(k). I will also explain different strategies for Special 510(k) submissions. Finally, you will learn how to change your approach to design planning for these minor device modifications.
If you are interested in participating in the free webinar, please register on the following webpage: http://medicaldeviceacademy.com/special-510k-submission-webinar/.
Items in Your Cart
On Thursday, March 8, 2018 @ 1pm – 2pm (EST), Rob Packard is presenting a Special 510k Submission Webinar to explain how your design plan should be different for a Special 510k Submission.
If I were trying to establish a relationship with a new supplier, I might spend 15 minutes on introductions--or more. The purpose of a pre-sub meeting is to ask the FDA questions that will help you prepare your submission. You should focus as much time as possible on asking your most important questions.
Names and titles of all attendees can be communicated in advance of the meeting. Five minutes is more than enough for introductions. After introductions, you should only ask the most important questions, and you shouldn’t waste time arguing with the FDA.
The most important question is if your predicate is acceptable. If you select the wrong predicate, your entire submission may be jeopardized, or you may have to repeat comparative testing with a new predicate. The balance of your questions should focus on testing requirements. But not all tests are critical. The critical tests are the tests that take the longest, and the tests that cost the most money. If the test is quick and inexpensive, save those questions for last. You can also ask clarification questions in a supplement to the pre-submission.
You definitely should summarize action items, but this does not require 15 minutes. Typical actions items are: 1) submitting draft meeting minutes, and 2) providing additional data to the FDA in a supplement. The FDA might even be responsible for getting you additional information. Five minutes is probably all you need.
If you want to learn more about 510(k) pre-submission meetings, register for Thursday’s free webinar:
The FDA released two 510(k) guidance documents in 2016: 1) how to apply ISO 10993-1, and 2) applying human factors engineering. Those two guidance documents resulted in a large number of 510(k) deficiency letters. By 2017, I had completely changed my mind.
A pre-submission meeting should always be requested, even if there is a special controls guidance document. Now I start every new project with a 510(k) pre-submission request. In fact, I had three pre-submission meetings scheduled for the same week in January of this year.
On Thursday, February 22 I’m offering an updated live webinar on 510(k) pre-submissions (Free). Please visit the following webpage to register: http://medicaldeviceacademy.com/510k-pre-submission-webinar/.
In addition, we still have opening for our 2-day, 510(k) workshop in Las Vegas on March 21-22 ($995). To register, please visit the following webpage: http://medicaldeviceacademy.com/las-vegas-510k-workshop/.
Nelson Labs is offering a 1-day seminar the day before the 510(k) workshop on biocompatibility ($499): https://news.nelsonlabs.com/education/events/biocompatibility-testing-for-medical-devices-seminar.
Eisner Safety is also offering a half-day course on electrical safety ($200): https://www.eisnersafety.com/iec-60601-1-basics-workshop-las-vegas-20-mar-2018/.
• SWOT “review your QMS to improve or verify compliance.” Back in my day, we called this an internal audit. How is the intent this example different from an internal audit?
• HACCP “an area of improvement in the QMS process then triggers use of a more detailed analysis.” So in the internal audit system, deficiencies and areas of improvement are identified in an audit report. Typically, each item is investigated in an audit response that involves a root cause investigation. Sounds like a “more detailed analysis” to me.
• Project Plan “create a strong project plan for improvement to address identified weaknesses.”Again, most audit response systems I have seen involve a corrective and preventive action plan coupled with effectiveness evaluation. How is a corrective or preventive action plan different from a “strong project plan for improvement”?
I fail to see why the Guide recommends creating a multi-layered risk-based analysis system when existing, long-standing systems within the QMS could be augmented with more risk-based concepts. The last thing small manufacturers need is to reinvent the wheel when existing systems can be utilized to fulfill the intent of the new risk-based approach requirement.
My last point of contention with the example is the number of layers and tools needed to conduct a comprehensive analysis of the QMS. Lets estimate the math.
• 1 SWOT x 5 major subsystems = at least 5 SWOT
• 5 SWOTS x identified 2 areas for improvement per system = 10 HACCP’s
• 10 HACCP’s x identified 3 areas in need of a project plan = 30 project plans
That’s a minimum of 45 new documents to effectively manage. This resource-intense example isn’t practical to small and mid sized manufacturers. And what does modeling a risk of not meeting a regulatory requirement look like? https://wp.me/p6wmF6-eG
Death by Risk-based Approach: The Practical Guide to the ISO 13485:2016 Practical Guide Part 3
This is the third post in the series “The Practical Guide to the ISO 13485:2016 Practical Guide”. (See the first installment and second installment.) This post explores examples and applicat…
Key take-aways include:
• Justify all requirements or quality system elements deemed not appropriate with a written rationale. While a written justification is not required by the standard or Guide, having the rationale documented will help avoid discussions with an auditor debating the “appropriateness” of a particular requirement.
• Interpret “proportionate to the effects” to be synonymous with applying a risk-based approach.
• Apply a “risk-based approach” or justification to every QMS element.
Note these recommendations are based on my own conclusions after reading the ambiguous information available on risk-based approach. The take-aways are not meant to infer a requirement from the standard or guide but rather reflect my own ideas on implementation.
Take a look at the post and let me know your thoughts on risk-based approach and associated terminology.
Risk-based approach as clear as mud: The Practical Guide to the ISO 13485:2016 Practical Guide Post 2
This is the second post in the series “The Practical Guide to the ISO 13485:2016 Practical Guide.” If you missed the first installment, catch up by reading it here. This post explores how the Pract…
When I see bad numbers staying bad I suspect systemic flaws. So, I am starting a research campaign. I will be calling a select group of 100 industry practitioners to get their take on the problem and the pains it inflicts on them and their organizations.
You can jump ahead of the line and contact me directly to contribute your thoughts. Be prepared to take a quick 5 question problem survey. You can also volunteer for a deeper interview on where the industry should head. Feel free to reply to this post. Also, get more information and be proactive on my website www.menloparkassociates.com. I look forward the conversation we can have.
We are not a manufacturer and there are no local regulation or obligation that sales site shall apply ISO14971 to my knowledge. But, I heard from someone that we should do. Is there anyone that in similar situation?
If sales site should adopt ISO14971, anyone can advise how to? ISO14971 is very much focused on product related risk for its lifecycle and I don't have idea how to apply the standard for commercial process independently.
Any advice or idea sharing will be appreciated!
- The practical guide is huge…but it still doesn’t contain all the details industry needs.
- The practical guide does not differentiate between new ISO 13485:2016 and old (2003/2012) requirements
- The Practical Guide’s guidance on the risk-based approach (perhaps one of the most significant changes to the 2016 standard) is limited.
I discuss these points in detail in my latest blog. What were you expecting of the guide? What did you like or dislike? What was helpful to you?
The Practical Guide to the ISO 13485:2016 Practical Guide
Three things to consider before picking up the ISO 13485:2016 Practical Guide Manufacturers everywhere have been waiting a year and a half for additional guidance on the requirements of ISO 13485:2…
Philips Healthcare Trick or Treat
If you have not been scared enough by Halloween, read this consent decree announcement made by the FDA on November 1 to Philips Healthcare concerning quality control issues with their automatic ext…
Ultimate Guide to Corrective and Preventive Action (CAPA) for Medical Devices
How to implement and maintain a risk-based CAPA process while avoiding the most common pitfalls at your medical device company.
1- " shall document a procedure"
2- "shall document procedures"?
Does 1 mean that we need to implement one procedure per subject ( internal audit, control of documents..) and 2 means that we can implement the requirements (example 7.3.9 design changes ) in other procedures ?
Do you know if the FDA can inspect your emails if you used email as a record as a proof of compliance?
If you want to learn more abou the FY 2018 user fees and the strategic implications, the following blog article was posted yesterday:
Applying for small business qualification is best approach to reduce you costs of FDA regulatory submissions. If you have not completed a small business qualification form before, you can learn how to prepare your application for small business qualification by registering for a webinar this Friday, September 8, 2017:
FDA User Fee Increase for FY 2018 – Strategic Implications
This article identifies strategic implications of the FDA user fee increase for FY 2018 that was published by the FDA last week.
Trends in EU regulation of software as medical device
Presentation at the Personal Connected Health Alliance about regulatory trends in EU regulation of software as medical device
New legal obligations and liability under MDR and IVDR
Presentation at the MedTech Summit in Amsterdam on 19 June 2017 on the product liability regime under the MDR and IVDR, its nexus with the EU Product Liability Directive and its impact on other provisions in the MDR / IVDR
The following webpage provides FDA guidance on software documentation required in 510(k) submissions: https://www.fda.gov/RegulatoryInformation/Guidances/ucm089543.htm.
To determine the level of concern, you need to answer 7 questions found in the guidance document. If all 7 questions are negative, then the software is a minor level of concern by default.
It is important to read all questions and answer the questions as if you were the FDA. In many companies, the people performing risk analysis will identify risks of delay in treatment as being insignificant risks. However, the FDA typically scores the potential severity of harm much higher. Therefore, it is important to review any guidance documentation provided for your product classification to see if the FDA has already identified the level of concern for your software. If a guidance exists, but the FDA does not specify the level of concern, I recommend sending an email to the person that is responsible for the guidance at the FDA.
For minor and moderate levels of concern, the guidance indicates that less documentation for software validation needs to be submitted as part of your 510(k) submission.
The guidance DOES NOT say that you need to do less software validation or document less. The FDA allows you to submit less documentation for a 510(k), but you still have to do the same work.
A new, 2-day 510(k) workshop will be hosted in Amsterdam by Factory-CRO and my consulting firm. The dates of the workshop are October 11-12, 2017. For more information, please visit the following webpage: http://medicaldeviceacademy.com/amsterdam-510k-workshop/ .
The good new is that you have time to write your procedures and train your complaint handling unit properly. Most manufacturers are not upgrading their quality system to ISO 13485:2016 until 2018 or 2019. In addition, the some of the new EU regulations are not truly finalized, because the Eudamed database is not even ready for manufacturers to use yet.
What should be in your procedure?
Your procedure should be detailed enough to enable a person that has not submitted a mandatory problem report before to do so. In addition, you may need detailed instructions for importers or distributors of your device--who may be required to submit adverse event reports.
Well-written procedures typically state that you should review and update your risk management documentation when you are investigating complaints--especially when there is a new adverse event to report. That’s not good enough.
You really need your reporting procedure to reference your risk management process and to provide guidance for what information needs to be reviewed and updated. Ideally your risk management documentation should be aligned with reporting requirements so it is obvious which events require reporting and which events should not require reporting.
If you are interested in learning more about writing a reporting procedure, please review the blog I posted today: http://medicaldeviceacademy.com/blog/. The end of the blog also mentions a new training webinar on Canadian Device Licensing that will be live on Wednesday, May 24.
Our DHF is system based e.g. Cervical plate system including plate, screw and etc. I am wondering whether the design changes require same documentation including design input, output, verification, validation, review and transfer like formal design controls when the change occurrs including screw design changes, some of size addition to previous models without no changes to intended use. In my opinion, the above case indicates that design input is changed so it requires same documentation from input.
I read an article said that.. it is worthy to document DHF when the design plan, design input, design output changes and the risk analysis affected. I'm not clearly understood when I consider those "changes" occurred. Could anybody give me an easy example?
Thanks for reading my posting.
After your IFU is validated, and you obtain regulatory approval for your product, you may still need to make updates to your IFUs as new risks are identified. In order to decide whether you need to update your IFUs you need to gather post-market surveillance data.
Post-market surveillance is not just asking customers if they are satisfied. You need to continue to monitoring adverse event databases, your own complaint database and any service records to determine if there are any new risks and to verify that the risks you identified were accurately estimated with regard to severity and probability of occurrence of harm. In fact, clinical studies and PMS are the only way you can gather data regarding probability of occurrence of harm. When you design your post-market surveillance questions, make sure you include questions specifically targeting the residual risks you identify in your IFU. You should also ask, “What indications do you use this device for. Specifically, please identify the intended diagnosis, treatment and patient populations.” This wording is more effective than asking if a physician is using your product “off label.”
If you want to learn more about using a risk-based approach to developing IFUs, validating IFUs and performing post-market surveillance to monitor the effectiveness of your IFU, then visit my blog posting from earlier today (http://www.medicaldeviceacademy.com/blog) or the following webinar page to register for our webinar on Friday, April 21:
It would be really good to hear from anyone who has taken the plunge and transitioned to only ISO 13485, how did it go? How was the change received both internally and externally by customers and suppliers?