This article explains how to write a post-market surveillance plan for CE Marking and how to determine if a post-market clinical follow-up (PMCF) study is required.
A post-market surveillance (PMS) plan is only required for the highest risk devices by the FDA (i.e., typically devices that require a PMA or premarket approval). For CE Marking, however, all product families are required to have evidence of post-market clinical follow-up (PMCF) studies or a justification for why PMCF is not required.
Why is a post-market surveillance plan a “hot button” with auditors recently?
Post-Market surveillance is an area of emerging concern around the world. Not just a procedure for PMS, but an actual product-specific plan for gathering post-production data about your product or product family. Product registries, the anticipated launch of Eudamed, and the implementation of UDI regulations are part of this industry-wide movement. The FDA has articulated the US plan for strengthening PMS in a guidance document. At the same time, the European PMS efforts are being debated as a central part of the new European Medical Device Regulations.
The biggest mistake I see
The biggest mistake I see is that manufacturers refer to their PMS procedure as the PMS plan for their product family, and they say that they do not need to perform a PMCF study because the device is similar to several other devices on the market. Manufacturers need to have a PMS plan that is specific to a product or family of products.
How often is post-market surveillance data collected?
Your post-market surveillance procedure needs to be updated to identify the frequency and product-specific nature of post-market surveillance for each product family, or a separate document needs to be created for each product family. For devices that are high-risk, implantable, or devices that have innovative characteristics, the manufacturer will need to perform some PMCF studies. Even products with clinical studies might require PMCF because the clinical studies may not cover changes to the device, accessories, and range of sizes. MEDDEV 2.12/2 provides guidance on the requirements for PMCF studies, but most companies manufacturing moderate-risk devices do not have experience obtaining patient consent to access medical records to collect PMCF data–such as postoperative follow-up data.
Additional Resources
Medical Device Academy has created a post-market surveillance plan template that you can download for free. If you are looking for a procedure for post-market surveillance, please click here. If you are interested in learning more about PMS and PMCF studies, we also have a webinaron this topic.
This article defines software verification and validation for medical devices and provides an overview of CE Marking and 510k requirements. We also provide a link to our free download of a webinar on 510k software documentation.
Software Verification and validation is an essential tool for ensuring medical device software is safe. Software is not a piece of metal that can be put into a strain gauge to see if the code is strong enough not to break. That’s because software is intangible. You can’t see if it is in the process of failing until it fails. The FDA is concerned about software safety since many medical devices now include software. Software failure can result in serious injury or even death to a patient. This places significant liability on the device manufacturer to ensure their software is safe. One way to ensure software safety is to perform software verification and validation (V&V).
What is software verification and validation (V&V)?
Definitions of software verification and validation confuse most people. Which tasks are software verification? And which tasks are software validation? Sometimes the terms are used interchangeably. Even the FDA does not clearly define the meaning of these two terms for software. For example, in the FDA’s design control guidance documentthe following definitions are used:
“Verification means confirmation by examination and provision of objective evidence that specified requirements have been fulfilled.”
“Validation means confirmation by examination and provision of objective evidence that the particular requirements for specific intended use can be consistently fulfilled.”
Specific intended use requirement…specified requirements…what is the difference? To understand the difference between the two terms, the key is understanding “Intended Use.” It is asking the question: “What is the software’s intended use?”
“Intended Use” is not just about a bunch of engineers sitting around a table coming up with really fresh ideas. “Intended Use” refers specifically to the patient/customer of the software and how it fulfills their needs (i.e., “User Needs”). Systematic identification of user needs is required, and the software must address the user needs. Identification of user needs is done through customer focus groups, rigorous usability studies, and consultation with subject matter experts such as doctors and clinicians providing expert insight.
“Intended Use” also ensures the safety of the process through the process of “Hazard Analysis,” whereby any hazard that could potentially cause harm to the patient/customer is identified. For each identified hazard, software requirements, software design, and other risk controls are used to make sure the hazard does not result in harm, or if it does, the severity of the harm is reduced as far as possible.
So if “Validation” ensures user needs are met, what is “Verification” and how does it apply to the software development process. “Verification” ensures that the software is built correctly based on the software requirements (i.e., design inputs), with regard to each task the software must perform (i.e., unit testing), during communication between software modules (i.e., integration testing) and within the overall system architecture (i.e., system-level testing). This is accomplished by rigorous and thorough software testing using prospectively approved software verification protocols.
CE Marking requirements for software verification and validation (V&V)
European CE Marking applications include the submission of a technical file that summarizes the technical documentation for the medical device. To be approved for CE Marking by a Notified Body, the device must meet the essential requirements defined in the applicable EU directive. The technical file must also include performance testing of the medical device in accordance with the “State of the Art.” For software, IEC/EN 62304:2006, medical device software – software life cycle processes, is considered “State of the Art” for the development and maintenance of software for medical devices. This standard applies to stand-alone software and embedded software alike. The standard also identifies specific areas of concern, such as software of unknown pedigree (SOUP). As with most medical device standards, the standard provides a risk-based approach for the evaluation of SOUP acceptability and defines testing requirements for SOUP.
FDA requirements for software verification and validation (V&V)
For 510k submissions to the US FDA, section 16 of the 510k submission describes the software verification and validation (V&V) activities that have been conducted to ensure the software is safe and effective. There are 11 documents that are typically included in this section of the submission for software with a moderate level of concern:
Level of Concern
Software Description
Device Hazard Analysis
Software Requirement Specification (SRS)
Architecture Design Chart
Software Design Specification (SDS)
Traceability Analysis
Software Development Environment Description
Verification and Validation Documentation
Revision Level History
Unresolved Anomalies (Bugs or Defects)
The FDA does not require compliance with IEC 62304 as the European Regulations do, but IEC 62304 is a recognized standard, and manufacturers must comply with all applicable parts of IEC 62304 if they claim to follow IEC 62304. The FDA also provides a guidance document for the general principles of software validation. The above requirements for software verification and validation documentation also apply to software as a medical device (SaMD).
Additional Resources
If you are interested in learning more about the documentation requirements for a 510k submission of a software medical device, please click here to download a free recording of our 510k software documentation webinar.
Medical Device Academy also has a new live webinar scheduled for Tuesday, January 5, 2016, @ Noon (EST). The topic is “Planning Your 2016 Annual Audit Schedule“. We are also offering this live webinar as a bundle with our auditor toolkit.
About the Author
Nancy Knettell is the newest member of the Medical Device Academy’s consulting team, and this is her first blog contribution to our website. Nancy is an IEC 62304 subject matter expert. To learn more about Nancy, please click here. If you have suggestions for future blogs or webinars on the topic of medical device software, please submit your requests to our updated suggestion portal.
Handle FDA inspector egos and incompetencies during an audit of your facility–including requests for exempt quality system records.
This is not how to handle FDA inspectors or auditors!
This topic was submitted to my suggestion portal from a colleague in Australia. Originally I posted this as an announcement for my LinkedIn Group, but the post was limited to ISO certification body auditors and excluded FDA inspectors. The basic approach is the same, but there are some important nuances regarding how to handle FDA inspector incompetencies and ego that I include in this article.
Handle FDA Inspector Distrust
In general, anyone that works for the FDA is genuinely concerned about public health and welfare. They also have a very low tolerance for unethical behavior. This has not always been the case at the FDA, and the agency has fought hard over the past twenty years to eliminate anyone from their ranks that is not ethical. Therefore, if an FDA inspector thinks that you have something to hide, the best approach to handle FDA inspector concerns is to give them anything they ask for–and quickly.
Unlike ISO auditors, FDA inspectors are not allowed to review three types of records:
Management Review Meeting Minutes
Internal Audit Reports
Supplier Audit Reports
The FDA can learn almost everything they want to know by reviewing CAPAs that resulted from Management Reviews, internal audits, and supplier audits. However, some FDA inspectors will still ask to see records that are part of the quality system record exceptions (i.e., 21 CFR 820.180c). Some quality system managers design cover sheets for these three records to specifically show FDA inspectors only the information that they are entitled to. If I am faced with this situation, I handle FDA inspector requests for restricted quality system records in the following way.
“Here is a copy of the quality system record you requested. This is one of the records that are exempt from the requirements in 21 CFR 820.180. However, we have nothing to hide. Therefore, you can take as many notes as you like about the content of this record, but you may not take a copy of the record with you.”
The above approach is intended to convince an FDA inspector that you have nothing to hide. Still, it also requires that you review and edit your records before approval and archiving to make sure that statements made in the records are appropriate–regardless of the audience reading the record.
Handle FDA Inspector and auditor personality
100% of auditors are a little weird (yep, takes one to know one). You travel for a living and tell people what’s wrong with their quality system. If you don’t start drinking scotch, you probably will eventually. However, a little patience, understanding, and communication helps. For example, provide directions (that are accurate). Recommend a hotel (middle of the road, not the Ritz or a fleabag). Tell them about the corporate discount. Ask them in advance if they have food allergies (I’m gluten-free, and not by choice), and then try to remember not to serve only the things they are allergic to (yes, Panera Bread is a crappy choice, but a gluten-free pizza is heaven). If Uber makes sense, recommend it because nobody wants to negotiate with Payless Rent-A-Car at 11:59 pm.
FDA inspectors are in the same situation as auditors with regard to being travel weary. However, FDA inspectors will probably not take your recommendation for a hotel. Instead, they will follow FDA guidelines and stay at a hotel chain where they prefer to accumulate membership points, and they can get a government employee discount. In addition, FDA inspectors will not eat at your facility. It seems as though a few companies entertained FDA inspectors at clubs and fancy restaurants in the past. In order to eliminate any possible perception of unethical behavior, FDA inspectors are now instructed to leave your facility for lunch and return to complete the day. They probably won’t even accept a cup of coffee unless you place a carafe on the table for everyone to drink. You can also count on the FDA inspectors driving a rental car if they do not live locally.
Handle FDA Inspector and Auditor Ego
Everyone has an ego. Auditors typically have a big one, and a few FDA inspectors do too. I’m not shy, I’m smart, and I love a good debate. If I’m you’re auditor; you’re lucky because I’ll admit when I’m wrong or make a mistake. Most auditors will not admit mistakes. In fact, the stronger they argue a point, the more likely that they are insecure on the topic or that they have a personal preference that is a result of a bad experience. Unfortunately, FDA inspectors seem to be even more likely to argue a point when they know very little experience.
Don’t ask FDA inspectors and auditors to prove something is in the regulations or the standard. Instead, try reading Habit 5 by Covey (7 Habits of Highly Effective People). You need to be an empathic listener. The FDA inspector or auditor doesn’t hate you. They might even be trying to help you. They also might be wrong, but try restating what the person is saying in your own words and try explaining why it’s important. This shows them that you were listening, you understand what they said, and you understand how they feel about the issue. Pause. Then tell them how you were trying to address this issue.
One of the areas where the above approach is especially important is when an FDA inspector is reviewing complaint records and medical device reports (MDRs). You want to convince the FDA inspector that you are doing everything you can do to investigate the complaint or adverse event, and you want to prevent a recurrence. Remember that someone was hurt by your device or misuse of your device, and FDA inspectors take public safety very seriously. You will not be able to handle an FDA inspector that believes you are doing less than you could be.
Handle FDA Inspector and Auditor Incompetencies
FDA inspectors rarely have industry experience, but they know the regulations. Therefore, arguing the regulations with an FDA inspector is a huge mistake. The only frame of reference for “industry best practice” is what the FDA inspector has seen at other device manufacturers they audit. Therefore, it is very import to know how experienced your FDA inspector is. If they don’t have a lot of experience, they will be defensive, and you might need to “educate” them.
During ISO audits, you have less time to retrain your auditor. Don’t even try. I do this for a living, and we’re a stubborn bunch of orifices. Instead, try the empathic listening first. 99% of the time, one or both of you are not communicating clearly. Either they can’t find what they are looking for, or they misunderstood what you were telling them. It could be a difference of interpretation, but it’s probably not. If it is, then say, “We were interpreting that requirement as…”. Say this once. If they argue, let it drop for now.
Resolution of 483 Observations and Audit Findings
You shouldn’t just take incorrect findings lying down. Do your homework. Send me an email. Get help. If you’re right, then contest it at the closing meeting in a factual and persuasive way. If the auditor holds their ground, ask what the policy is for resolving disputes. This is supposed to be covered as part of the closing meeting of every audit. If your auditor is just lazy, sloppy and incompetent–request a new auditor. You might even disagree in writing, address the finding anyway, and then request the new auditor. That shows the management of the certification body that you’re not lazy, sloppy, or incompetent.
FDA inspection 483 observations are a little different. If you and the inspector disagree, you should state this in the closing meeting when they give you the 483 observation, and you should be clear that you disagree prior to the end of the inspection when they start preparing FDA Form 483. Once a 483 observation is issued, however, your only recourse is to persuade the district office that the 483 observation is undeserved. The FDA district office will have copies of all your procedures and records and a copy of the FDA inspector’s notes. Be careful with complaints to the district office, though. FDA inspectors are far more likely to retaliate than ISO auditors.
Caution
If you make a habit of disputing everything, your auditor or FDA inspector will come prepared for war. You also will have little credibility with the managers at the certification body or the FDA district office. Dispute only justified things and provide a written, factual justification that is devoid of all emotion.
Responding to FDA 483 Observations
If you do receive FDA 483 observations, it is important that you respond with well-conceived corrective action plans. If you need help with responding to an FDA 483 inspection observation, you might be interested in my webinar on this topic.
This article explains how to write a quality system plan template to revise and update your quality system for compliance with ISO 13485:2016. If you want to download our free template, there is a form to complete at the end of this article.
Templates are the key to writing a quality system plan
Plan, do check, and act (PDCA) is the mantra of the Deming disciples, but does anyone know what should be in your quality system plan template. Everyone focuses on the steps–the “What’s.” Unfortunately, people forget to include the other important pieces of an all-inclusive quality system plan. Why? When? Who? And How much?
The table in the template is an example of “What?” steps to perform, but it is specific to my procedures. You will need to revise the table to reference your procedures, and the changes you make will be specific to your quality system plan. The other sections of the template tell you what needs to be included in that section, but I did not provide examples for those sections.
Why should you create a quality system plan template?
The purpose section of the quality system plan answers the question of “Why?” You need to specify if the purpose of your quality system plan is compliance with new and revised regulatory requirements, preventing recurrence of quality issues, or maybe a faster development cycle. The purpose section of the plan also provides guidance with regard to the monitoring and measurement section of your quality system plan template.
When should you create a plan for quality system changes?
Most changes have deadlines. In the case of ISO 13485:2016, there will be a 3-year transition period. Still, most companies establish internal goals for early implementation by the end of the fiscal year or the end of a financial quarter. Some of the changes can be made in parallel, while other changes need to be sequential. Therefore, there may be specific milestones within your quality system plan that must be completed by specific dates. These dates define “When?” the steps in the quality system plan must be implemented.
Who should write your quality plan?
As my quality system plan template indicates, I recommend defining both individual process owners and teams of process owners where processes can be grouped together. For example, I typically group the following four processes together as part of “Good Documentation Practices (GDPs)”: 1) control of documents (SYS-001), 2) control of records (SYS-002), 3) training (SYS-004), and 4) change control (SYS-006). I cover all four processes in a webinar called “GDP 101.”
It is important to have one person that is accountable and has the authority to implement changes for each process, but only one person should be in control of each process. If you have four related procedures, then the team of four people will need to coordinate their efforts so that changes are implemented swiftly and accurately. For the overall quality system plan template, I recommend assigning a team leader for the team of four process owners described above. One of those people should be responsible for team leadership and writing the quality system plan template.
Monitoring implementation of your quality plan?
Monitoring the progress of your plan ensures the successful implementation of the plan. Sometimes things don’t work as planned, and corrections need to be made. Additional resources might be needed. The plan may have been too optimistic with regard to the implementation time required. I recommend assigning one person the task of retrieving team status reports from each of the teams and consolidating the team reports into an overall progress report.
Free download of ISO 13485:2016 quality system plan template
The sign-up form below will allow you to receive an email with the ISO 13485:2016 quality system plan template attached. This is a two-step process that will require you to confirm the sign-up.
If you have a suggestion for a different type of quality plan, please let us know.
This article is a case study that explains how to implement a new ISO 13485 quality system plan at an accelerated schedule of just four months. The quality system will also be compliant with 21 CFR 820.
ISO 13485 quality system plan
Typically, I recommend implementing a new ISO 13485 quality system plan over a period of 6 months. The reason for this is that people can only read procedures and complete training at an individual pace. Since there are approximately 30 procedures required for a full-quality system, an implementation pace of one procedure per week allows a company to complete 90% of the reading and training in six months.
In October, a new client asked me for a proposal to implement a new ISO 13485 quality system plan. The proposed quality system plan indicated that the project would start in October and finish in March. The client accepted my proposal, but they asked me to help them implement the quality system plan in four months, as indicated in the table above. We just started the implementation of the quality system plan last week, and I have discovered some secrets that dramatically simplify the process. This blog shares some of the lessons learned that help implement the quality system plan at this faster pace.
Outsourcing ISO 13485 quality system development
Not everyone has the skill and experience to write a quality system procedure. Still, if you have a goodtemplate, you understand quality systems–then you can write quality system procedures. Depending upon the length of the procedure, it may take four to eight hours of writing for each procedure. Therefore, an in-house quality manager needs to allocate one day per week if they plan to write all the procedures for their quality system in six months. For a four-month implementation of an ISO 13485 quality system plan, you need to allocate two days per week to writing.
Alternatively, you can outsource the writing of your quality system. However, someone must be responsible for “customizing” generic procedures to fit your company, or the procedures need to be written from scratch. A third and final option is to have a hybrid of in-house procedures and outsourced procedures. If your quality manager has limited time resources, then you can supplement the managers’ time with procedures that are purchased and customized to fit your template. If there are specific procedures that the quality manager needs help with, such asrisk management, then you can also purchase just those procedures.
Continuous Improvement
One of the basic principles of quality management systems is “continuous improvement.” The continuous improvement cycle is also known as the “Deming Cycle.” There are four parts to the cycle:
Plan
Do
Check
Act
When you are developing an ISO 13485 quality system, the first step is to develop the quality system plan. I recommend the following guidelines for a quality system plan. First, plan to implement the quality system at a steady pace. Second, organize the implementation into small groups of related procedures.
In this case study, I have 29 procedures that we are implementing, and there are 11 recorded training webinars. During each of the four months, approximately the same number of procedures are implemented. Then I organized the small groups of procedures around the scheduled webinar training. For example, the month of November will have a total of 24 documents (i.e., eight procedures and 16 associated forms and lists) implemented, and there are four webinar trainings scheduled. Therefore, four procedures related to “Good Documentation Practices 101“ will be implemented as a group under document change notice (DCN) 15-001. Two procedures associated with “Are your Suppliers Qualified? Prove it!“will be implemented as a group under DCN 15-002. The remaining two procedures, design controls, and risk management, will be implemented as a group under DCN 15-003 with two related webinars on design controls andISO 14971.
Document Change Notice (DCN)
The next step in the Deming Cycle is to “Do.” For the implementation of an ISO 13485 quality system plan, “doing” involves the creation of procedures, forms, and lists, but “doing” also involves the review and approval of these documents. The form we use to review and approve procedures is called a document change notice or DCN.
It’s been almost 20 years since I completed my first DCN. For anyone unfamiliar with the review and approval of new and revised documents, most quality systems document the review and approval of procedures and forms on a separate form. The reason for this is that when you make one change, it often affects several other documents and forms. Therefore, it is more efficient to list all the documents and forms that are affected by the change on one form. This results in fewer signatures for reviewers and approvers. Several of the companies that I have helped to implement an ISO 13485 quality system plan for failure to review and approve the documents and forms in a timely manner. I think there are two reasons for this:
they haven’t been responsible for document control before, and
they don’t want to have to create and maintain quality system records any sooner than required.
The first reason can be addressed quickly with training. The second reason, however, is flawed. It is essential to implement the procedures as soon as possible to begin creating quality system records that can be audited by an ISO 13485 certification auditor or by FDA inspectors for compliance with 21 CFR 820. I have struggled with this hesitation in the past, but for this project, I am completing DCNs for the initial release of all the procedures and forms. This ensures that all the procedures and forms will be reviewed and approved shortly after the webinar training is completed. Also, this gives my client multiple examples of DCNs to follow as they make revisions to the procedures and forms over time.
Quality Objectives & Data Analysis
The third step in the Deming Cycle is to “check.” I recommend using quantitative metrics to track progress toward your goal of completing the quality system implementation. For example, if you have 50 documents to review and approve, you can track the % complete by just multiplying each document that is approved by 2%. You can also track the implementation of documents separately by type. Every DCN you route for approval will take a certain number of days to complete. You might consider tracking the duration of DCN approval. As a benchmark, an efficient paper-based DCN process should average about four days from initiation to completion. I have seen average durations measured in months, but hopefully, your average duration of DCN approval will be measured in days. Another metric to consider is the % of required training that has been completed for the company, for each department, and for each employee. Regardless of which metrics you choose to evaluate your quality system implementation, you should pick some of these metrics as quality objectives (i.e., a requirement of ISO 13485, Clause 5.4.1). You should also analyze this data for positive and negative trends as required by ISO 13485, Clause 8.4.
Your first CAPAs
The fourth and final step in the Deming Cycle is to “act.” Acting involves taking corrective action(s) when your data analysis identifies processes that are not functioning as well as they should be. To achieve ISO 13485 certification, you will need some examples of corrective and preventive actions (CAPAs) that you have implemented. The steps you take in response to observed trends during data analysis are all potentialCAPAs.
Download an ISO 13485 quality system plan
Later this week, I will be posting afollow-up blogthat explains how to write an ISO 13485 quality system plan for establishing a new quality system. There will also be a link for downloading a free ISO 13485 quality system plan.
This article explains details of implementing a CAPA preventive action and corrective action for packaging issues. Specifically, containment measures, corrections, corrective actions, and preventive actions to address the root cause identified in part 1 of this case study.
Comparing Incoming Inspection Results as a CAPA Preventive Action
CAPA Step 1: Containment of Product with Defective Packaging
When you learn of a packaging complaint related to a specific lot, you also need to determine if another product associated with the lot is safe to ship to customers. You should not attempt a correction and removal of the product unless you have a reasonably high level of confidence that there is a packaging issue with the lot or a portion of a lot, but you might consider placing product from the same lot in your inventory on hold until your investigation is completed. If you confirm that you have an issue with a specific lot, lots, or portion of a lot, then you should initiate correction and removal of product to prevent potentially, a non-sterile product from being used. This type of problem could result in a Class 1 recall (i.e., the most severe of the three categories). Therefore, you need to act quickly and according to established procedures for corrections and removals.
CAPA Step 2: Correction(s) of Defective Packaging
If you find a problem, there is little you can do to fix the existing defective packaging other than to repackage the product. If the product has only been sterilized once, and you have revalidated the product for resterilization, then you can repackage, relabel and resterilize. To ensure traceability to the lot that has been reworked, you may need to revise the labeling (e.g., add an “R” to the lot number). If you have not revalidated the resterilization of the product, you may want to use this lot for validation of resterilization instead of throwing it out. However, sometimes your best option is to scrap the product.
Additional corrections may involve correcting the calibration of a testing device or performing a repair to sealing equipment. You might modify a specification on a drawing. You might correct a work instruction that did not have the correct, validated sealing parameters. All of these could be corrections.
CAPA Step 4: Corrective Action(s) for Packaging Issues
Investigation of root cause (CAPA Step 3) occurs in parallel with containment (CAPA Step 1) and correction (CAPA Step 2). Corrective actions (CAPA Step 4) prevent the packaging issues from recurring, and they occur after the first three steps because you can only implement corrective actions once you understand the root cause of the quality issue. The best tool for evaluating your current process controls and evaluating the implementation of new corrective actions is a process risk control plan. In order to do this, you need a process flow diagram and a process risk analysis. Each step of the process, from the raw material fabrication of film to the released product, needs to have potential hazards identified, risks evaluated, and risk controls implemented. You should use your process validation to verify the effectiveness of process risk controls quantitatively. If the process capability is greater than 95% for each parameter, and you have addressed every possible source of problems, then you probably won’t gain much from additional risk controls. However, many companies reduce their sampling or rely on certificates of conformity to ensure that the process is controlled adequately.
CAPA Step 5: CAPA Preventive Action for Packaging Issues
You already had a packaging issue with one lot of products, but you could have another issue with a different product or lot for the same reason or a different reason. If the product is the same, and the reason is the same, then the actions taken are corrective actions. If you take action to prevent the occurrence of this issue with a different product, or you prevent other potential causes of packaging issues by initiating more robust monitoring and process controls, then your actions are preventive. Often you will want to implement both types of actions.
In the box plot example provided in this article, Lot D was detected at incoming inspection as having peel test results that were outside the alert limit but acceptable when compared to the specification limit for peel testing. The alert limit was established during validation of the pouches and comparison of lots A, B, C, and D, demonstrate that Lot D is slightly lower in peel strength. The manufacturer may choose to use the lot, but the sampling plan for in-process peel testing may be altered, or the manufacturer may choose to place the new lot in quarantine while an investigation is performed. This is a CAPA preventive action.
Below I have listed six additional potential CAPA preventive actions to consider for your packaging process:
Perform peel testing and/or bubble leak testing of packaging raw materials as part of the receiving inspection process and perform data analysis of the incoming inspection samples to determine if lower or higher alert and action limits should be established for the new lot of raw materials. The limits should be based upon the manufacturer’s seals as well as your seal.
Retain remnants of in-process peel testing, include the remnants with the sterilization load, and then store the remnants for real-time aging.
Consider implementing visual inspection tools that are able to detect sealing imperfections non-destructively.
Increase the number of samples you test (e.g., 1 to 3 or 3 to 5) for each lot of product sealed to increase your confidence that the seals will be within specifications.
Perform statistical analysis of in-process data for seal peel strength in order to identify potential lots with packaging issues prior to release.
Evaluate the performance of the packaging at temperature and humidity extremes that may be higher or lower than the conservative estimates for ambient conditions (e.g., 30C vs. 25C).
Additional Resources
In addition to the previous article that was part 1 of this case study, I have posted ten other blogs specifically on the topic of CAPA. There is also a CAPA procedure you can download from this website.
Risk-based CAPA Webinar
If you are interested in learning more about a risk-based approach to CAPAs, then please click here.
How to use risk management traceability for CE Marking to cross-reference hazards, risks, and risk controls throughout your technical file.
This approach will more efficiently integrate risk management tools into your Design History File (DHF), post-market surveillance documentation, and clinical evaluation reports (CERs). The table above provides a simple template for the nomenclature of risk management elements that you need to cross-reference and provides risk management traceability throughout your technical documentation.
The table does not include a cross-reference code for verification and validation reports because there could and typically are multiple risk controls that are validated and verified for each risk. Many times they are applied across multiple product lines. Therefore, it is more efficient to simply reference the controlled document number for the verification report that is applicable to that risk control.
The basic concept of traceability
The concept of risk traceability is more than being able to identify the verification and validation study that was performed to verify the effectiveness of risk controls in your FMEA because it is in the same row of your table. The best practice is to number your hazards, risks, and risk controls so that you can cross-reference more easily throughout all your technical documentation [i.e., design requirements matrix, risk management file, clinical evaluation report, post-market surveillance plan/reports, and post-market clinical follow-up (PMCF) report].
Design Requirements Traceability Matrix (DRTM)
The design requirements traceability matrix (DRTM) is a combination of two documents that have been used for the past two decades by medical device manufacturers: 1) the design requirements matrix or IOVV (i.e., inputs, outputs, verification, and validation), and 2) the risk traceability matrix. The second document is less commonly used, but an example of one is provided in Figure 3 of the GHTF risk management guidance document SG3 N15R8.
The risk management summary table that is presented in Figure 3 of the guidance also provides cross-references to specific tests, and each test has an identification number for traceability. This approach is also used frequently in risk control plans–an excellent tool for production process controls and planning product realization before process validation.
Risk management traceability to post-market surveillance
I recommend that companies create a post-market surveillance plan for devices or device families during the design transfer process. This is NOT the post-market surveillance procedure. Your procedure should indicate the process you use for post-market surveillance. Still, your plan should be process-specific and identify specific risks that you intend to gather post-production data for. The post-market surveillance plan should provide traceability back to each risk in your risk management file (e.g., R1, R2, R3). You should include a post-market clinical follow-up (PMCF) protocol and report that also cross-reference to these risks and associated risk controls–or provide a justification for not conducting a PMCF study. In 2016, the new European Medical Device Regulations (EMDR) will require that both the protocol and the report be included in your post-market surveillance plan as a required section (see Annex II of the proposed regulations) of the technical file or design dossier. Finally, I recommend that you revise and update your risk management plan for post-production data collection at the time of design transfer. When you make this revision, I recommend moving the risk management plan from the design plan to your post-market surveillance plan as an integral part of the plan (i.e., one of the primary sections of the plan).
Risk Management Traceability for Your Clinical Evaluation Report (CER)
In your clinical evaluation report (CER), if you simply said that “the clinical data reviewed addresses all of the residual risks identified in the risk management summary report,” you are not specific enough. Your clinical evaluation report (CER) should explain how the clinical study data you reviewed addresses each of the risks that you identified in your risk analysis. Personally, I like to have subsections in the discussion section of the clinical evaluation report (CER) for each of the risks identified in the risk management file. I also do this when I write my post-market surveillance plan. When I do this, I include a cross-reference to the applicable hazard in my design requirements matrix, risk analysis, and hazard identification summary report (e.g., “HZ1”, “HZ1” and “HZ3”).
Traceability to warnings & precautions
Disclosing residual risks to users of your device is required in the EU MDR and it is a risk control. However, you cannot claim to reduce the risks of your product by disclosing these residual risks because warnings and precautions are not effective. You should still validate the effectiveness of the instructions for use, technique guide, and training through simulated use studies before product release. Do not claim a quantitative risk reduction in your risk analysis. Of course, there can be a reduction in overall risks when you train users, but you can’t claim it, and the prevalence of use errors demonstrates the limited effectiveness of IFUs and training.
Additional risk management references
Please click here if you are looking for risk management training. There are a number of additional risk management articles on our website that were created in preparation for an international conference in Brussels.
Procedures & templates for risk management
If you are looking for a risk management procedure (SOP), SYS-010 meets the requirements of ISO 14971:2019 and Regulation (EU) 2017/745 for CE Marking.
In this article, you will learn how we created a device description template that can be used for US FDA and CE Marking submissions.
Webinar Training
Medical Device Academy also created a webinar on completing this device description template.
This device description template addresses the FDA Refusal to Accept (RTA) guidance document requirements. The template also serves as a summary technical document (STED) for submission to a Notified Body for CE Marking. You would think that it’s tough to screw up the device description, but the FDA screening reviewer is completing a new refusal to accept (RTA) checklist. That checklist has specific requirements for a device description. If you copy the device description from your draft IFU, you will probably receive an RTA letter on Day 15 of the RTA screening process. The review “clock” is reset to zero, and you have to revise your device description and re-submit.
Note regarding changes in the device description template:
The RTA Checklist is no longer relevant for 510k submissions. 510k must now be submitted using the new FDA eSTAR submission templates. This template is your attachment to meet the “Comprehensive Product Description and Principles of Operation Documentation” requirement. However, the FDA now conducts a technical screening rather than completing the RTA checklist. The section numbers are also no longer applicable in a 510k submission.
There are four specific requirements (questions 9-12) in section “B” of the RTA checklist, which is titled “Device Description.” In addition, there are similar requirements for inclusion in a device description for technical files and design dossier submissions to Notified Bodies. Rather than creating two different device description documents, I prefer a template that addresses each regulatory requirement in a single controlled document. Therefore, I created a template for the 510k submission device description with the following headings for Section 11 of the 510k submission:
Product or Trade Name
General Description – The general description must be consistent with the device description in the labeling, and this section of the document is intended to address section 13 of the refusal to accept (RTA) checklist.
Indications for Use – We recommend keeping this separate section of the device description. You should copy the content of FDA Form 3881 verbatim, or the reviewer will indicate that your submission is inconsistent. In the eSTAR, the indications for use can be automatically populated in the 510(k) Summary from FDA Form 3881. We also have a webinar on indications for use.
List of Devices – A list and description of each device for which a 510(k) clearance is requested in the submission. The list may refer to models, part numbers, sizes, etc. This document section addresses section 14c of the refusal to accept (RTA) checklist. Combining this section with section 3 of the template may be helpful, providing a table with a UDI device identifier for each product listed (if available).
Intended Patient Population – The medical condition to be diagnosed and/or treated, and other considerations such as patient selection criteria.
Intended User(s) -Each potential user group should be identified, and it should be stated if the device is intended for use by a healthcare professional, a layperson or both. Finally, this section should indicate if the device is for prescription use, over-the-counter use or both.
Principles of operation of the device – This document section addresses section 14a of the refusal to accept (RTA) checklist.
Risk class and applicable classification rule – This is only required for CE Marking, and we typically exclude this from our device description in a PreSTAR or eSTAR submission for the FDA. If you are preparing a device description for CE Marking, the risk classification is based on Annex VIII (MDR) and MDCG 2021-24.
Conditions of Use (i.e., Environment of Use) – A description of proposed conditions of use, such as surgical technique for implants; anatomical location of use; user interface; how the device interacts with other devices; and/or how the device interacts with the patient. This section should also state where the product is used (i.e. home use or clinical use). This section of the document is intended to address section 14b of the refusal to accept (RTA) checklist.
Novel Features – This is required for CE Marking, but in a 510k submission, we are trying to demonstrate how the subject device is equivalent to the predicate instead of highlighting novel features. Therefore, any novel features in a 510k should be technological characteristics that you can provide a justification and/or testing to support. This section is not for marketing.
Components – Description of components, accessories, other medical devices, and other products that are not medical devices intended to be used in combination with the device. The 510k number should identify each component/accessory part of a previous submission. Any component(s)/accessory(s) that have not received prior clearance should also be identified. Sometimes, a side-by-side table for USA and EU markets is needed for accessories that are used in different markets. This document section addresses section 12a, b, and c of the refusal to accept (RTA) checklist.
Accessories – Description of accessories, other medical devices, and other products that are not medical devices, which are intended to be used in combination with the device. Each accessory that was part of a previous submission should be identified by the 510k number. Any accessory(s) that have not received prior clearance should also be identified. This document section addresses sections 15a, b, and c of the refusal to accept (RTA) checklist. In the eSTAR, there is a subsection at the end of the Product Description section titled “System/Kit Components and Accessories.” If your device is intended to be marketed with multiple system/kit components or accessories, then you must attach a list of those components or accessories in the PreSTAR or eSTAR (see screenshot below).
Configurations/Variants – Description or a complete list of the various configurations/variants of the device that will be available
Functional Elements – General description of the key functional elements, formulation, composition, and functionality—including labeled pictorial representations (e.g., diagrams, photographs, and drawings)
Raw Materials – This section is a duplicate of the section included for biocompatibility. Any raw materials incorporated into components of the device that are intended to make direct contact with the human body or indirect contact with the body should be listed. Any colorants should be included in this list of raw materials.
Technical Specifications – Technical specifications of the device and any variants and accessories that would typically appear in the product specification are made available to the user, e.g., in brochures, catalogs, and the like.
Drawings, Schematics, Illustrations, Photos and/or Figures – Representative engineering drawing(s), schematics, illustrations, photos, and/or figures of the device. This document section addresses section 14d of the refusal to accept (RTA) checklist. These drawings, photos, videos, etc. can be attached to the PreSTAR or eSTAR using the button shown in the screen capture below. The FDA requests schematics, drawings, or photos of the product packaging as an attachment to the PreSTAR or eSTAR as well. The best thing to attach for this requirement is a work instruction that illustrates where labeling is applied to the device and the different levels of packaging. This will describe the packaging and how the device is packaged and labeled.
Similar & Previous Generations of the Device – Reference to similar and previous device generations. Ensuring these devices are included in the clinical evaluation report is important. If submitting a 510k submission, you want to ensure that any devices are registered and listed with the US FDA in the same product category. Creating a table that organizes the “similar” devices by intended use and technological characteristics may be necessary for a device with multiple predicates.
Requirements Specific to the Special Controls Guidance Document – This template section addresses section 12 of the refusal to accept (RTA) checklist. When you complete the classification section of the PreSTAR or the eSTAR, the PDF template should automatically identify and Special Controls Guidance Documents that are applicable (see example below).
The last section of the device description is for any unique requirements specific to the special controls guidance document for the product classification I am working on. However, most of the requirements for a device description are met by the previous items in my outline. Therefore, I created a table that outlines each requirement of the Special Controls Guidance Document, and I provided a cross-reference to the section of the outline that includes this requirement. If requirements are not covered elsewhere in the document, I address them in the table. If there is no Special Controls Guidance Document, then I state that no Special Controls Guidance Document exists for the product.
This article explains how to determine if your medical device requires a post-market clinical follow-up (PMCF) study for CE Marking. This is currently a non-existent requirement for most 510k submissions. Still, it is an area of emerging concern for all medical device regulations, and this article explains why substantial equivalence is not enough.
Why post-market clinical follow-up is an area of emerging concern.
For CE Marking applications of medical devices, all medical devices must have evidence of a post-market clinical follow-up (PMCF) study protocol or a justification for why a post-market clinical follow-up (PMCF) study is not required. The biggest mistakes I see are that manufacturers refer to their post-market surveillance (PMS) procedure as the post-market surveillance (PMS) plan for their product family. They say they do not need to perform a post-market clinical follow-up (PMCF) study because the device is similar to several other devices on the market (i.e., substantially equivalent).
Why Substantial Equivalence Isn’t Enough
This rationale fails the technical review of most CE Marking submissions because although products can be approved for CE Marking based upon substantial equivalence, the manufacturer must continue to monitor the performance of the device after the product is launched to make sure of two critical things:
Is the substantially equivalent device as safe and efficacious as the predicate device?
Are there new risks that are identified when the device is used for a long duration (e.g., implanted) by a broader user population or to treat a broader patient population / broader indication for use?
A post-market clinical follow-up (PMCF) studyMIGHT be needed
If you have a high-risk device that is implantable, has an innovative design, and you are using moon rocks for the patient contacting materials, you need a post-market clinical follow-up (PMCF) study. If you make a generic version of a sterile bandage with a cartoon character for decoration, you don’t need a post-market clinical follow-up (PMCF) study. Unfortunately, most products fall into the “might be needed” category rather than a “yes” or “no.” If you have any experience in regulatory affairs, you know that regulators love guidance documents and systematic evaluation methods. Here’s my systematic method of evaluation…
Step 2 – Make a table with each of the 17 “might be needed” categories from the guidance document in the far left column.
Step 3 – In the second column, indicate whether the risk category from the table applies to your device–” yes” or “n/a.”
Step 4 – As with all valuable checklists, you must explain your non-applicability rationale wherever the category doesn’t apply. Enter your explanation in the third column next to the “n/a”…PS – nobody cares if the “n/a” is capitalized.
Step 5 – If you typed “yes” in the second column, then you need to provide a cross-reference to the information in your technical file that explains how you address this risk. There are three places you can look: 1) your design requirements trace matrix (if you have one that looks like mine), 2) as a risk control in your risk analysis that you performed during the design process before “design freeze”, and 3) in your clinical evaluation report. Ideally, you can easily cross-reference to a section of your controlled document that is in outline format.
Note: Now, you have another reason to make that document a controlled document with an outline format.
Step 6 – After you add a cross-reference to the risk control(s) in your table, you need to indicate whether the risk controls are adequate. “Yes” is probably the answer only if you can cross-reference to a state-of-the-art guidance document or harmonized standard that has been implemented as a pre-market risk control to evaluate the specific risk. The tests are seldom adequate for the longevity of implants, usability by all intended users, and patient satisfaction, while usability and patient selection are often only evaluated by clinical studies. If the tests and pre-market clinical studies are not adequate, then “No” is your answer, and you need to conduct a post-market clinical follow-up (PMCF) study to address that specific residual risk.
Step 7 – If you indicate that your pre-market risk controls are adequate, then in your post-market surveillance plan, you can indicate “no post-market clinical follow-up (PMCF) study required.” However, if you cannot verify that your pre-market risk controls adequately address one of the 17 risk categories identified in MEDDEV 2.12/2, you may need a post-market clinical follow-up (PMCF) study.
When do existing products suddenly develop the need for a post-market clinical follow-up (PMCF) study?
Even products with pre-market clinical studies might require post-market clinical follow-up (PMCF) because the clinical studies may not cover changes to the device, accessories, and range of sizes. Additionally, specific risks of implantable products cannot be assessed during the average duration of a clinical study (e.g., how long will an implant last). MEDDEV 2.12/2 provides guidance on the requirements for post-market clinical follow-up (PMCF) studies. Still, most companies manufacturing moderate-risk devices do not have experience obtaining patient consent to access medical records to collect post-market clinical follow-up (PMCF) data–such as postoperative follow-up data. If you don’t have expertise in collecting this patient-specific data in a compliant way, you should consult a clinical research associate (CRA) or engage a clinical research organization (CRO). My procedure on clinical studies (SYS-009) explains some of the basics.
PMCF can also help you develop new products
PMS data is also required as an input to your design and development process. If you identify potential adverse events (I.e., incidents that require regulatory reporting), then you should specifically design your PMCF study to collect this safety data. Investigations of adverse events and potential adverse events can be used to help you design a safer technology for the next generation of your product. In fact, the FDA fosters this type of innovation through the Safer Technologies Program (i.e., STeP).
Additional Resources
I also wrote an article in BoneZone: “Post-Market Studies in Lieu of Clinical Studies”. This article emphasized the increasing need for clinical data for device approval and reimbursement, but it focused on using post-market clinical follow-up (PMCF) study data as an alternative to conducting a traditional, pre-market clinical study.
Procedures & Training Related to PMCF
The following procedures and training are available for purchase from our website:
This article explains the key steps to preparing a successful clinical evaluation report (CER) for the submission of a technical file for medical device CE Marking.
Once someone shows you the most efficient path, climbing the wall no longer seems so challenging.
Essential requirement 6a, the clinical evaluation report (CER), is required for all medical devices that are CE Marked. Up until the Medical Device Directive (MDD) was modified in 2010 (i.e., 2007/47/EC), only high-risk devices required a clinical evaluation report. After the MDD was changed, a CER was needed for all medical devices–even Class I devices that do not require a Notified Body. To help manufacturers understand the expectations and comply with this requirement, a guidance document was released for clinical evaluations in December of 2009 (i..e., MEDDEV 2.7/1 rev 3). MEDDEV 2.7/1 indicates that are there are three options for preparing a clinical evaluation report:
perform a clinical study and summarize the results,
perform a literature search of clinical study articles, or
a combination of the first two options.
Preparing clinical evaluations are tedious but not necessarily challenging. I like to compare the preparation of clinical evaluation reports to bouldering problems. Once someone shows you the most efficient path, climbing the wall no longer seems so challenging.
Literature Search Protocol (TMP-004)
Section 6.1 of the guidance document indicates that a literature search protocol should be used to identify, select, and collate clinical study articles for a literature search. Critical elements of your search protocol should include: which search databases you selected and why, intended use and indications for the use of the device, similar devices that are on the market and a comprehensive date range starting with the earliest clinical studies or the last date of a previous clinical evaluation. Your search protocol should specify inclusion and exclusion criteria, and you will need a systematic method for tracking your results.
I created a protocol template, TMP-004, which I use to perform clinical literature searches. The protocol includes suggested databases for literature sources, a list of adverse event databases, and a database for clinical investigations that should be included in your search. The protocol also includes criteria for evaluating the results of the search. Evaluation criteria should consist of the type of clinical study, the number of patients, the study design, etc.
Qualified Individuals
To conduct a clinical evaluation, you need a cross-functional team–as you should have for all post-market surveillance and risk management activities. One of the team members should be an expert in the design of the device or similar devices. Another person should be an expert in performing literature searches to ensure that the review of the literature is comprehensive. Finally, the team needs at least one person with a clinical research perspective to evaluate the clinical data critically. The qualifications of these individuals should be described in an appendix of your clinical evaluation report, and typically this is done by providing a copy of each person’s resume or curriculum vitae. The omission of these qualifications or the failure to rely upon clinical experts to review the data is a common nonconformity raised by technical reviewers from Notified Bodies.
Selection of Databases
When you are writing a literature search protocol, it is essential to specify why you selected certain search databases and to ensure that you include more than one database. Each literature search database has different strengths and weaknesses. Suppose you are not sure which databases to choose and why this is an indication that you need assistance with the literature search methodology. This is typically part of the process for teaching doctoral candidates how to prepare for writing their dissertation. Therefore academic credentials of the individuals contributing to the post-market surveillance activities are relevant.
Selection of Key Words
Often certain keywords are more common in the title of clinical study articles than others, and these keywords can help narrow the number of literature search results dramatically. Therefore, it is recommended to perform some preliminary searches with different keywords to get a sense of which terms will be the most efficient in helping you to identify the articles that meet your inclusion criteria. These terms can also be used to exclude large numbers of articles that are not relevant. For example, if there are a large number of porcine studies in the literature, you might exclude the term “porcine” to ensure that animal studies involving pigs are excluded from your search results.
Inclusion & Exclusion Criteria
Many times articles will mention a keyword or the name of a device, but the device is only mentioned as an accessory in a study rather than being the focus of the study. If the article only says the device but doesn’t include clinical data regarding its use, then the article should be excluded. Only human studies should be included in your results, and if there are a large number of published studies, you may purposely choose to exclude articles with the terms “case study” that may only include one or two patients.
Addressing Risks
Your clinical evaluation report (CER) is intended to assess the safety of your device by identifying any potential risks that you may have overlooked in your risk analysis and to help you estimate the severity of harm and the probability of occurrence for those harms. It is recommended to perform a preliminary hazard identification and risk analysis before conducting the clinical evaluation to identify the most likely risks associated with the device. Each of these risks should be mentioned explicitly in the clinical evaluation–even if the clinical study data does not identify the risk. If a specific risk is identified during your hazard identification with no clinical data to support the safety of the device related to that risk, then it may be necessary to conduct a clinical study or a post-market clinical follow-up (PMCF) study to evaluate the risk further.
Review of Post-Market Surveillance
When your device is first submitted for CE Marking, you may not have any clinical history with the device, and it is only possible to estimate risks. For this reason, it is important to include post-market surveillance information about similar products as an input to your clinical evaluation process. After your product is launched, you will have a complaint handling data and adverse event data specific to your device. Therefore, you should periodically review the post-market surveillance data and compare it with the initial risk estimates. If the results are similar, then the risk analysis does not need to be updated immediately. If the post-market surveillance results are substantially different from your risk estimates, you should update your clinical evaluation report earlier than planned and update your risk analysis. I recommend stating this conclusion in each report summarizing post-market surveillance data–including a specific recommendation to maintain the current plan for the frequency of conducting clinical evaluations or a recommendation to change the schedule.
Appraisal of Clinical Literature
Your appraisal of clinical literature needs to be systematic and documented. Technical reviewers expect clinical data that supports and detracts from the conclusion that your device is safe and effective for the desired indications. Therefore, you should not exclude articles simply because the findings are negative. You need to include appraisal criteria in your protocol to ensure that the evaluation of literature search results is objective and systematic. I have included a recommended grading system for clinical study articles in my procedure for clinical evaluation reports (i.e., SYS-041). The graded results of each article identified are then summarized in the Appendices of the clinical evaluation report (CER).
Review and Update of Clinical Evaluation Reports (CERs)
Preparing a clinical evaluation report (CER) is time-consuming, but the report is also a living document. Therefore, you need to have a post-market surveillance plan for each medical device or device family that specifies the frequency of performing a review and update of your clinical evaluation report (CER). Depending upon the nature of your device and the amount of clinical history you have with that device, you may also need to conduct a post-market clinical follow-up study (PMCF). Any post-market surveillance that you conduct should be included as an input to the clinical evaluation report. This is why my literature search protocol includes adverse event databases.
Procedures & Templates
If you are looking for a procedure and literature search protocol for preparing a clinical evaluation report (CER), please click here. If you are interested in learning more about post-market surveillance and post-market clinical follow-up (PMCF) studies, we also have a webinaron this topic.
Photos shown in this article are two of my sons, Alex Beshay (13) and Bailey Packard (14), at this weekend’s bouldering competition at PETRA Cliffs in Burlington, VT. Every member of our family is an avid rock climber, including my 3-year-old daughter.
