Author name: Robert Packard

Implementing Procedures for CAPA, NCMR & Receiving Inspection

1 Comment / ISO 13485 / By

Learn how to implement procedures for a new ISO 13485 quality system. Specifically, CAPA, NC product, and incoming inspection. This is the second in a series. The first month of procedure implementation was covered in a previous article titled, “How to implement a new ISO 13485 quality system plan in 2016.”

Implementing Procedures Implementing Procedures for CAPA, NCMR & Receiving Inspection

Typically, I recommend implementing a new ISO 13485 quality system over six months. Still, recently I a few clients have requested my assistance with implementing a quality management system within four months. In November, I wrote an article about implementing a new ISO 13485 quality system. That article described implementing procedures for the first month. Specifically, the implementation of the following procedures was covered:

  1. SYS-027, Purchasing
  2. SYS-001, Document Control
  3. SYS-002, Record & Data Control
  4. SYS-004, Training & Competency
  5. SYS-011, Supplier Quality Management
  6. SYS-008, Product Development
  7. SYS-010, Risk Management
  8. SYS-006, Change Control

These eight procedures are typically needed first. This article covers the implementation of the next set of procedures. During this month, I recommend conducting company-wide quality management system training for the ISO 13485 and 21 CFR 820.

Square subscribe to our blog button 281x300 Implementing Procedures for CAPA, NCMR & Receiving Inspection

Receiving Inspection Procedures

During the first month, procedures for purchasing components and services are implemented. As these products are shipped and received by your company, you need to create records of incoming inspection. It is not sufficient to merely have a log for receiving inspection. You need records of the results of the inspection. You may outsource the inspection activities, but receiving personnel must review the records of inspection for accuracy and completeness before moving product to your storage warehouse or production areas. Even if the inspection is 100% outsourced, it is still recommended to verify the inspection results independently on a sampling basis periodically. This should be a risk-based sampling that takes into account the importance of the item being inspected and the existence of in-process and final inspection activities that will identify potential nonconformities.

The most challenging part of this process is typically identifying inspection procedures and calibrated devices for inspection. Your company must find a balance between inspections performed by suppliers, incoming inspection, in-process inspection, and final inspection. Each of these process controls requires time and resources, but implementation should be risk-based and take into account the effectiveness of each inspection process–as determined by process validation. Sample sizes for inspection should also be risk-based.

Implementing Procedures for Identification and Traceability

The lot or a serial number of components must be identified throughout product realization–including incoming inspection, storage, production, final inspection, and shipping. In addition to determining what things are, you must also identify the status of each item throughout the product realization process. For example:

  • Is the product to be inspected or already inspected?
  • After the inspection, is product accepted or rejected?
  • Which production processes have been completed?
  • Is the product released for the final shipment?

The procedure for identification and traceability should be implemented immediately after the purchasing process, implemented during 1st month, because traceability requirements should be communicated to suppliers as part of supplier quality agreements and as part of each purchase order.

Initially, when this process is implemented, there is a tendency to complete forms for every step of the process and to distribute copies of the forms to communicate status. Completing forms and copying paperwork requires labor and adds no value. Therefore, learn manufacturing methods and visual indicators such as color-coding are recommended as best practices for identifying products and their status.

CAPA Procedures

When a product is identified as nonconforming, corrective actions need to be implemented to prevent a recurrence. Procedures need to include the requirement for planning corrective actions, containing a nonconforming product, correcting nonconformities, and implementing actions to prevent any future nonconformities. These procedures also need to address negative trends to prevent nonconformities before the product is out of specification (i.e., preventive actions). Procedures also need to provide guidelines on how to verify the effectiveness of corrective and preventive actions. Initially, the actions implemented will be specific to a purchased product that is received and rejected. However, over time data analysis of process monitoring and internal auditing will identify additional corrective and preventive actions that are needed.

The effectiveness of CAPA processes, in general, requires three key elements:

  1. A well-designed CAPA form
  2. Proper training on root cause analysis
  3. Performing effectiveness checks

In the CAPA training provided during the second month, the best practices for CAPA form design are covered. The training includes several methods for root causes analysis too. Finally, the training emphasizes using quantitative measurements to verify the effectiveness of corrective actions. It is recommended to identify the quantitative acceptance criteria for an effective corrective action before initiating actions to ensure that the actions planned are sufficient to prevent a recurrence.

Monitoring Your Procedure Implementation Process

As indicated in the previous article, I recommend using quantitative metrics to track the progress of procedure implementation. For example:

  1. % of procedures implemented,
  2. duration of the document review and approval process, and
  3. % of required training completed.

Implementing Procedures for ISO 13485:2016

If you already have a quality system in place, you are implementing procedures that are modified for ISO 13485:2016 compliance; some of the same lessons apply. If you are interested in ISO 13485:2016 training, you can register for an on-demand two-part course (i.e., 1-hour Stage 1 video, and 2-hour Stage 2 video) on the ISO 13485 page. The training includes two quizzes for training effectiveness.

Implementing Procedures for CAPA, NCMR & Receiving Inspection Read More »

FDA 483 Inspection Observations Pareto Chart for FY 2015 Data

3 Comments / FDA / By

This article presents a Pareto Analysis of FDA 483 inspection observations from FY 2015. It compares the trends observed with a similar Pareto analysis that was performed a couple of years ago on FY 2013 data.

FY 2015 Pareto Analysis of FDA 483s FDA 483 Inspection Observations Pareto Chart for FY 2015 Data

Method of Data Analysis for FDA 483 Inspection Observations

The FDA posts Excel spreadsheets on the website to download data for FDA 483 Inspection Observations. These spreadsheets include inspection results for all the divisions of the FDA. To perform data analysis for FY 2015 results, I deleted the sheets that were not specific to medical device manufacturer inspections (i.e., only used data from CDRH). I sorted the data by the regulation that was referenced. For example, all the sub-clauses for 21 CFR 803 were combined into one category for the Pareto analysis. The combined categories were then sorted from the most frequent 483 inspection observations to the least frequent 483 inspection observations. The data was then added to the graph that I produced in February 2014 using FY 2013 results as a second data set. The resulting graph is shown above.

Comparison of FDA 483 Inspection Observations between FY 2013 and FY 2015

For MDR Compliance (i.e., 21 CFR 803), there was a slight increase in the number of 483 observations issued from FY 2013 to FY 2015. However, the difference was only a 1% increase from 6.2% to 7.2% of the total number of 483s issued. There was an even smaller increase in the number of findings related to purchasing controls (i.e., 5.6% increased to 6.1%). I noticed a slight drop in the number of findings related to design controls, CAPA, and complaint handling. However, the overall trend for FY 2013 and FY 2015 is essentially the same.

There are two other categories where an increase was observed: 1) process validation increased by 0.7% from 4.8% to 5.5%, and 2) control of nonconforming product increased 0.8% from 4.3% to 5.1%. These areas are important. Control of nonconforming product is one of the major sources of CAPAs and often results in design changes. Therefore, FDA inspectors are reviewing your data for a nonconforming product during inspections to help them identify potential CAPAs and design changes that may have been made. The typical sequence is 1) nonconformity, 2) investigate nonconformity as part of a CAPA, and 3) initiate a design change as a corrective action.

Process validation is a completely different area that is separate from CAPA, complaint handling, and MDRs. However, inadequate process validation is a common root cause of nonconformities. Therefore, inspectors often follow an audit trail from a nonconforming product record back to a process change that was implemented but inadequately validated. Thus, an increased focus on nonconformities may be the reason for an increase in FDA 483 inspection observations related to process validation.

So what’s the big deal?

This proves that the FDA inspectors continue to be predictable. The “playbook” for FDA inspections is the QSIT Manual. It hasn’t changed since 1996. Yet, companies continue to be shocked and amazed by FDA inspectors.

Additional Resources

If you want to learn how to prepare for FDA inspections, I recorded a webinar you can download (FREE). I recorded the webinar in May of 2014, but it’s been a couple of years, and I’ve learned a few new tricks. Therefore, I’m going to re-record the webinar and update it for lessons learned. I’ll even share a few tools and approaches to avoid findings and reduce the risk of warning letters. I’m also evaluating a new application that is designed for teams to have private chats and file sharing during an inspection. Stay tuned to my webinars page, and I’ll post that webinar soon. Maybe I’ll record something from Germany next month.

Until then, I am working on a webinar specific to medical device reporting. Many companies have still not updated their MDR procedures to reflect the eMDR process using electronic submissions gateways. Therefore, I’m releasing an updated procedure for MDRs, and I am offering a webinar bundle to train people on how to comply with 21 CFR 803 and the procedure. You might also be interested in my previous webinar specific to control of the nonconforming product.

FDA 483 Inspection Observations Pareto Chart for FY 2015 Data Read More »

Finally, New European Medical Device Regulations are Confirmed!

1 Comment / CE Marking / By

This article announces confirmation of the New European Medical Device Regulations by negotiators of the Dutch presidency of the Council and EU Parliament.

Confirmed Finally, New European Medical Device Regulations are Confirmed!

Announcement of New European Medical Device Regulations

Yesterday, May 25, the European Parliament and the Dutch presidency of the Council reached an agreement and it was announced in press release.

The agreement is subject to confirmation by permanent members of the Council and Parliament’s Envi Committee. The new regulations include the following substantial changes:

  • A scrutiny process for high risk (i.e., Class IIb implants and Class III) products
  • Eudamed database will be expanded to provide public access to information about Notified Bodies, Economic Operators (i.e. – manufacturers, importers, distributors, authorized representatives, etc.) and comprehensive product information
  • Eudamed database will become publicly accessible for searching market surveillance and vigilance data (similar to the FDA’s MAUDE database)
  • Implementation of a Unique Device Identifier (UDI) requirement in Europe.

The Eudamed database will be an invaluable global resource for manufacturers, physician and patients.

Next Steps for New European Medical Device Regulations

The next step in the process of approving the new regulations is an invitation of the Council’s Permanent Representatives Committee and the Parliament’s ENVI Committee to endorse the agreement. The regulations will finally be adopted by the Council and the Parliament after Committee approvals and we can expect implementation of the regulations this fall. The new regulations will have a three year transition after publication for medical devices and a five year  transition for in vitro diagnostic medical devices.

MedTech Summit June 13-17

On June 13 I will be in Brussels at the MedTech Summit hosted by Informa Life Science. There will be 300+ attendees with a fantastic assembly of industry experts representing the Competent Authorities, Notified Bodies and manufacturers. This meeting provides a unique opportunity to learn and discuss the details of the New European Medical Device Regulations and the challenges we will all face in the preparation for the transition to the New European Medical Device Regulations. I will have the pleasure of speaking about risk management and its integration with device design, post-market surveillance and labeling. I will also be Chairperson for the Labeling Stream in June 16.

Please stay tuned to my blog feed. I will be posting related blogs over the next month.

Register for the MedTech Summit

Click on the blue text above to register or you can also call Informa Life Sciences at: +44 (0) 20 7017 7481 or registrations@informa-ls.com.

New Live Webinar on MDRs June 9, 2016

I’m releasing an updated procedure for MDRs and I am offering webinar bundle to train people how to comply with 21 CFR 803 and the procedure. The webinar is scheduled for June 9. I’m even offering two times to accommodate companies in Europe as well as the USA.

Here’s a link for the webinars page.

Finally, New European Medical Device Regulations are Confirmed! Read More »

Time management to prevent work overload: Top 10 ideas

1 Comment / ISO 13485 / By

This article lists my top 10 ideas for time management to help prevent work overload–including suggestions for apps and other resources.

Handling Work Overload 1 Time management to prevent work overload: Top 10 ideas

I am a workaholic and I don’t recommend it–unless overweight, out of shape, friendless and divorce sounds like a great life plan. I work with regulatory affairs and quality assurance managers at every client, and 100% of them have insufficient resources. Expectations internally and externally never decrease. The saying used to be, “Do more with less.” Now it feels like we have one egg, one basket and we are expected to save the world.

Stop feeling sorry for yourself. Every department manager feels this pressure. If you don’t believe me, look around you. Everyone is popping 400mg of ibuprofen and stressed to their limit.

So what can you do to make things better?

That question is critical. It shows that internally you acknowledge that you can do something to make things better. I obviously don’t have all the answers, but I have found some tools in the past year that really made a magnificent difference in helping me with time management. 100% of these ideas were suggested by others that appear to be more at peace and happier than I was last year.

#1 Get some sleep

Two years ago I woke up after 3-4 hours of sleep every night. Last year I was almost up to 6 hours of sleep on a good night. Now I am consistently getting 6-8 hours of sleep, and once I slept for 9 hours. There are lots of suggestions for how to get more sleep, and I’ve tried them all. What works for me is: 1) no alcohol or coffee within 4 hours of bedtime, 2) melatonin just before bed, 3) exercise every day, 4) eating well, and 5) a habit of reading each night to calm myself and relax. I also use a white noise app on my phone.

#2 Budget your time management

You will never get everything done. It’s a fact. Just like money, you can always spend more. Instead, decide how much of your life you want to spend doing things. Don’t micromanage your time. Think of the big picture. There are 168 hours in a week, and >42 hours should be spent sleeping. 40-50 hours a week will be spent working. 5-10 hours per week will be spent getting to work. More than two-thirds of your life is spent sleeping and work-related–if you’re not a workaholic. Be very selfish of how you budget the remaining third of your life. I like to re-read habit #3 from Steven Covey’s book “7-Habits of Highly Effective People.” It will help you remember what’s important. Your priorities should be physical health, mental health and your family. If you devote an hour a day to each of those, you might have time left for eating, grooming and reading a book. Yes, you need vacations too!

#3 Minimize multitasking

Some people believe time management is managing multiple tasks at once, but it is actually less efficient to multitask. Picking something up, putting it down, picking it up again…didn’t you learn from your lean manufacturing training that motion, waiting and queue are all muda (i.e., waste). You need to start a task, finish that task and then start the next task. If you want more advice on this topic, try reading “Getting things done” by David Allen. This one was recommended to me by an uber-productive orthopaedic surgeon.

#4 Don’t forget to “sharpen the saw”

This is the seventh habit from Covey’s book. You should never stop improving. For example, entrepreneurs need to learn marketing. I don’t have time for an executive MBA to learn marketing. Instead, I teach myself every day while I’m working out. I have a bicycle on a trainer set-up in front of my TV. The TV is only connected to the internet. If I need a break, I watch Netflix while cycling. However, usually I’m listening to podcasts, watching YouTube videos about marketing and software tools or I’m reading books on my Kindle. I also purchase a lot of audiobooks that I listen to in the car while driving my children to rock climbing, soccer, plays and during my two-hour ride to and from the nearest airport. This is the only kind of multitasking I’m good at.

#5 Just say no.

You need to put first things first (i.e., habit #3). On a scale of 0-10, how important is it. Is it important to you, your boss, your spouse, your children or your best friend. If not, why are you wasting your precious time on it. Say no. If it’s a 9 or 10 to your spouse, say yes–even if it’s a 2 on your scale. If you have a time conflict with two items that are high on the scale, then you need to find a win-win (i.e., habit #4). This is why communication skills and empathic listening (i.e., habit #5) are the most important skills you will ever learn.

#6 Don’t read your emails “real-time”

You should have a plan for what you are going to do each day. Reading your emails throughout the day will result in reactive behavior that will always result in time management failure. Be proactive (i.e., habit #1). Read your emails just before lunch in a batch and just before you go home in a batch. You should also read “Getting things done” by David Allen. He has fantastic advice for how to process emails. This is an area I’m still working on, but I get 400+ emails a day and that doesn’t include spam, social media or promotions. You should also tell people you work with, “Call me or text me if it’s important.” Good advice for any client of mine. For example, you should probably text me if the FDA is coming on Monday and you need my help.

#7 Use productivity apps for time management

Microsoft seems to have a strangle hold on corporate America, but Outlook is a horrible tool for managing your tasks and time. You need something for personal time and personal tasks, because you have less time available for the things that are more important in your life (i.e., health, family and friends). If I empty the milk carton, I grab my phone and add milk to my “Out of Milk” app. I also use this app for planning what I need for trips, meetings and Christmas present ideas for the kids. Evernote is an uber-app. It organizes everything. Website links, blog ideas, business cards, photos, an address, directions, photos of the person I’m meeting and I use it for lists too (if I already have it open instead of Out of Milk). If you want to know how the most productive people in the world use apps like Evernote, John Lee Dumas includes apps like Evernote in every entrepreneur interview he does–1,303 podcasts and counting.

#8 Block off time to get work done

Some people believe that time management only involves scheduling meetings. You schedule weekly meetings with your boss. You schedule lunch meetings. You should also block off some time for getting work done–without interruptions. You might try blocking off every day from 11:30-Noon for emails, Noon-1pm for a lunch and a walk and 4:30-5pm for emails. If you need to review complaints each day for the need to report as an adverse event, block off some time for that each day. My advice would be to devote time to reviewing CAPAs, complaints and MDRs every day. These are the most critical areas for FDA inspections and you can’t afford to let these tasks fall behind. If you have these tasks assigned to you, then you work on the most urgent task and get it done. Then you schedule the next step for that CAPA, complaint or MDR and go onto the next task you scheduled. If you manage these processes, then you should block off time for reviewing metrics and investigate the exceptions. If it seems like you never have enough time in your schedule for all the tasks, maybe you need to delegate some of those tasks to other departments or people in your department.

#9 Schedule shorter meetings

Not all meetings deserve 1 hour. Some things can be done in 15 minutes, 30 minutes or 45 minutes. Learn about good meeting etiquette, make an agenda and manage the meeting so it’s done on-time or early. Make sure you show up on-time and get it done on-time or early. If people leading meetings are poor at time management, do not let them lead the meeting.

#10 Schedule breaks too

Outlook will allow you to schedule back-to-back meetings from 7am to 7pm (or longer). That doesn’t mean that you should, and that is definitely not good time management. Time management needs to create windows of time where you can rest too. I drive a lot. In order to survive 50,000 miles of driving a year with a congenital spine defect (i.e., L5 fused to pelvis one one side), I need to take breaks and stretch. When I don’t do this I pay dearly. The same thing happens to me when I try to work 12 hours straight without a break. You will be more focused and productive if you take a break once and while.

Time management to prevent work overload: Top 10 ideas Read More »

Special Controls Guidance Document – Content and Format

1 Comment / 510(k) / By

This article explains the content and format of a special controls guidance document issued for Class 2 medical devices regulated by the CDRH division of the US FDA.

Searching Guidance Documents Special Controls Guidance Document Content and Format

There are many differences between Class 1 and Class 2 medical devices regulated by the FDA, but one of the primary differences is that many (not all) Class 2 medical devices have a special controls guidance document. Class 1 devices only have “general controls.” These “special” guidance documents can be found on the FDA website by searching the guidance document database. The title of each guidance document typically begins with “Class II Special Controls Guidance Document.” The middle of each title specifies the device type, and the end of the title states, “- Guidance for Industry and FDA Staff.” However, there are many exceptions.

Status of a Special Controls Guidance Document

A guidance document may be a final guidance or a draft guidance. Only the final guidance is considered official, however, draft guidance often indicate what the FDAs current thinking is on a topic. Draft guidance documents sometimes take years before they are approved as a final guidance. Sometimes the draft is so controversial that it will even be withdrawn. The FDA also publishes a list each year of planned guidance documents for the next fiscal year. Some of the final versions of special controls guidance documents were written in the 1990’s, but these documents remain the current final guidance until a new final guidance is approved. Often there is no urgent need to update a guidance document, because there are one or more active ISO Standards specific to the product classification and the standard(s) is recognized by the FDA.

Outline of a Recent Special Controls Guidance Document

Here is the general outline that is currently being used by the FDA for a special control guidance document for Class 2 devices:

  1. Introduction
  2. Topic – Background
  3. Pre-Market Notification – Background
  4. Scope
  5. Risks to Health
  6. Specific Device Description Requirements
  7. Performance Studies
  8. Device Specific Labeling
  9. References

Each product classification has the potential for slightly different requirements due to the differences in types of devices. For example, in vitro diagnostic products do not have animal studies and typically have human clinical study requirements for the performance section of the guidance document. However, an implant is more likely to have details about the materials of construction, biocompatibility and sterilization.

Searching the Guidance Database

There are 8 fields that are searchable for the guidance database.

  1. Product
  2. Date Issued
  3. FDA Organization
  4. Document Type
  5. Subject
  6. Draft or Final
  7. Open for Comment
  8. Comment Closing Date on Draft

For a De Novo application, I sometimes need to create a proposed draft special controls guidance. For this activity, I prefer to find a representative template. In order to do this, I will typically use four of these search fields. First, I narrow the product field to “medical devices” and the FDA organization to “CDRH.” Second, I select “guidance documents” for the document type. Finally, I select “premarket” for the subject and “final.” This narrows the list to 374 documents. Not all of the 374 documents are specific to a product classification, because some of these documents cover more general premarket issues such as risks of wireless telemetry.

You can further narrow your search by adding a word or words to the keyword search field. Therefore, if you are looking for a specific guidance you can find it very quickly.

Format of Special Controls Guidance Documents

If you submit a proposed draft guidance to the FDA (anyone can do this), there is no specific required format. However, I recommend copying the most recent format used by the FDA in order to minimize the amount of work required by the FDA for modifying the guidance prior to publishing your guidance as a draft. You also do not need to include all the sections of a guidance. Some of the guidance documents only update certain sections where technological characteristics have recently changed significantly. Most importantly, if you have a strong reason for deviating from what the FDA has always done–do it. The format of guidance documents has changed since the 90’s and will continue to do so.

Additional Resources

If you are preparing a premarket notification (i.e., 510k submission), you might have more questions than just guidance document availability. You might be interested in purchasing “How to Prepare Your 510k in 100 Days” or the on-line 510k Course or one of our Live 510k Workshops.

Special Controls Guidance Document – Content and Format Read More »

Minimum Data Points Constituting a Trend Is 3?

1 Comment / CAPA / By

This article explains why three is never the right answer, and this article explains why asking how many minimum data points are needed to identify a trend is the wrong question.

Minimum Data Points for CAPA Minimum Data Points Constituting a Trend Is 3?

Recently a client sent me an email asking the same question about data analysis in two different ways. The first question asked, “How many of the same situation need to occur before it is considered a trend?” The second question asked, “How many nonconformities can occur before a CAPA should be opened?” This question can be asked a hundred different ways, but it’s the wrong question.

Minimum Data Points for Variable Data

In the graph above we have variable data rather than attribute data. When you have variable data, the answer regarding the number of minimum data points is always a quantitative answer that is objective rather than subjective. Typically the new data point lies outside of the upper or lower specification for the element being measured (i.e., >6.6 or <6.1 in the graph above). Even if the new data point remains within specifications, a CAPA may still be issued if the new data indicates that there has been a shift in the normal distribution of data.

In our graph above, on March 13 the newest data point was 6.37. Although this value is within specifications, in fact close to the center of the range, this value represented a shift in the trend that exceeded the normal distribution of data observed for the previous 12 days of the month.  The mean for the first 12 days was 6.54 and the standard deviation was 0.0250. Many people establish alert limits that equal mean +/- 2x standard deviation (i.e., 6.59 and 6.49) and the action limit is often set equal to the mean +/- 3x standard deviation (i.e., 6.62 and 6.47). Therefore, a value of 6.37 is well outside the normal distribution for the first 12 days of the month–but not outside specifications.

The shift in data values for this graph indicates a shift, but the process was capable of remaining within specifications before the shift and process capability actually appears to be slightly better after the shift. In this case, there is no need for a CAPA but if the reason for the shift is unknown an investigation would be recommended. However, if different lower specification were chosen (e.g., 6.4) then the new data point on March 13 would be outside the specification and product would be identified as nonconforming.

Nonconforming results should always trigger in an investigation?

If the process was validated and the mean +/- 2x standard deviations remains within the specifications, then greater than 95% of the product should be conforming. If the the mean +/- 3x standard deviations remains within the specifications, then greater than 99.5% of the product should be conforming. Therefore, based upon the data from the first 12 days of March any data points that are lower than 6.47 should be very rare unless there is a process shift.

An investigation of the data point on March 13 should result in a CAPA unless the outlying data can be explained and a new trend with a lower mean is expected. If the new data point cannot be explained, then only one new data point is needed and the data does not even need to be nonconforming. If no actions are taken the drop in the measured value could continue and nonconforming product could result, while any action taken on March 13 is a preventive action.

Minimum Data Points for Attribute Data

In the case of the first question, the negative customer situation that is reported to a company may be an attribute rather than variable data. For example, “customer unsubscribed” after an email blast went out is a negative customer situation. If you know the % of customers that unsubscribed when email blasts go out, then you have variable data. If you only know that one person unsubscribed, then you only have an attribute (i.e., unsubscribed instead of continued subscription). The first time an unsubscription occurs, you should do an investigation to see if there is an issue other than frequent email blasts that exceed a customer’s expectations in frequency. The action taken could be to establish an alert and action limit for unsubscribed emails based upon industry norms or the % calculated from the first event.

What are the right questions?

Instead of asking how many minimum data points are needed to initiate a CAPA, we should make sure we are measuring the right variables. The % of unsubscribed is a valuable variable data point, but knowing that one person unsubscribed without knowing how many people received that email blast is not nearly as helpful in making future decisions. Another question is to ask, “Why did the person unsubscribe?” If the reason is unknown, you may want to contact the former subscriber and ask them–but probably not by email. If you have a theory why people are unsubscribing you can also perform an experiment to test your hypothesis. If you think the cause is that emails are being sent too frequently, then you can split your list and send the same emails to two halves of a list at different frequencies. If you are correct, then the list that has more frequent emails should also have a higher % of unsubscribers. This type of design of experiment (DOE) is one of the root cause investigation tools I recommend in my Risk-Based CAPA webinar.

Recommendations for Trend Analysis

Whenever you establish a new metric or quality objective, you should also establish a limit for when you intend to investigate and when you intend to take preventive or corrective actions. If you simply start measuring a variable or attribute, you may have difficulty recommending actions to management during your next management review and explaining why actions were not taken during an FDA inspection or an audit.

Additional Related Reading
If you are interested in reading more about how this might be applied to inspection results, please read my blog titled, “21 CFR 820.80: 3 Ways to Record Inspection Results.”

Minimum Data Points Constituting a Trend Is 3? Read More »

Class 1 Device Requires Clinical Evaluation Report (CER) too!

1 Comment / Design Control / By

Article explains how to write a clinical evaluation report (CER) for CE Marking Class 1 medical devices when there is little or no clinical study literature available. The history behind this European CE Marking regulatory requirement is explained as well.

Clinical study for this e1446901425122 Class 1 Device Requires Clinical Evaluation Report (CER) too!

In 2010 the European Medical Device Directive was updated to include many tougher regulatory requirements for medical devices of all types. One of this changes is criticized frequently by industry–the change to make essential requirement 14 to a general requirement for all devices. That requirement is now essential requirement 6a in Annex I of the current MDD (93/42/EEC as modified by 2007/47/EC). The general requirements are required for all devices–event products that do not require a Notified Body’s involvement.

Typical Search Strategy for a Class 1 Device

Class 1 devices do not typically have clinical studies performed for three reasons:

  • the products are low in risk and therefore do not require clinical studies for regulatory approval
  • the products have been on the market for a long time and therefore there is little innovation in these products
  • clinical investigators are not interested in researching devices that have been used for a long time

Since there is typically no requirement for a clinical study for a Class 1 device, companies will perform a literature search in order to meet the requirements of Essential Requirement 6a. That search will typically result in articles that mention the device or a competitor device, but the device is typically just part of a clinical study that was performed for another device (i.e., the device of interest is merely an accessory). If there are clinical studies, the studies may be quite old and it may be more helpful to search for review articles first. In the end, you may end up finding no clinical studies for the type of device you are designing, but a clinical evaluation report is still required for CE Marking for Class 1 devices.

It may be painful for you and your company to conduct a clinical evaluation, even using the literature route, when there are no new clinical studies to find. However, the CE Marking regulations are written to address all devices and material innovations alone are driving the need for companies to reconsider the “state of the art” for even Class 1 devices. It is also important to consider emerging issues such as infection control with antibiotic resistant strains and the trend toward using disposable instruments such as drill bits.

Reference Articles for Clinical Evaluation Reports and PMS

I have published 3 previous blogs specifically on the topic of clinical studies and post-market surveillance over the past couple of years. Please click here if you are looking for more information on this topic.

Procedure/Template for Class 1 Device Clinical Evaluation Report (CER)

If you are looking for a procedure (SOP) and associated literature search protocol template for a clinical evaluation report (CER) please click here. The purpose of this 6-page procedure is to define the process for performing a clinical evaluation of literature in accordance with MEDDEV 2.7/1. There is also template provided for performing a literature search (i.e., TMP-004).

Class 1 Device Requires Clinical Evaluation Report (CER) too! Read More »

483 Response: Which corrective action plan should you write first?

1 Comment / FDA / By

Article explains how to determine which FDA Form 483 response you should write a corrective action plan for first and why.

chicken and egg 483 Response: Which corrective action plan should you write first?

In a perfect world, you would not receive any inspection observations from your next FDA inspection. However, most companies get at least one observation resulting from an FDA inspection and often there are multiple observations on an FDA Form 483. If you

Most Common FDA 483 inspection observation

Companies that have not experienced an FDA inspection before worry too much and prepare too little. Inspections are predictable and certain inspection observations are much more common than others. A couple of years ago I wrote an article analyzing the most common FDA inspection observations. The most common observations are specific to design controls (i.e., 21 CFR 820.30). However, this fact is distorted because many companies receive multiple observations during the same inspection related to design controls. For example, a client of mine recently received three from one inspector: 1) lack of design reviews, 2) lack of design validation, and 3) lack of risk analysis. All three were found during the review of the same design history file and the one corrective action addresses all three observations.

how to determine which FDA Form 483 response you should write a corrective action plan for first

2nd Most Common FDA 483 inspection observation

The second most common observation is specific to corrective and preventive actions (i.e., 21 CFR 820.100). Typically the company has inadequate procedures for verifying and validating effectiveness of corrective actions taken. If this is one of your FDA 483 observations, then you may have a problem with CAPA training or with the design of your CAPA form. If there is no place on the CAPA form to document your effectiveness check, then you might easily forget to perform the verification and validation of effectiveness. Another possibility is that personnel are confused between verification of implementation and the verification of effectiveness.

What if you have multiple FDA 483 observations?

Other common FDA 483 observations include medical device reporting, complaint handling and rework of nonconforming product. If you receive more than one FDA 483 inspection observation, you need to assume there is a chance that the inspection outcome will be “Official Action Indicated” (OAI). In this case, you need to provide a 483 response to your FDA district office within 15 business days. With such a short time to prepare your 483 response, you need to be efficient. Which 483 response should you initiate first and why?

If one of the inspection observations is related to the CAPA process, that 483 response should be your top priority. The reason for this is that the FDA will want to see objective evidence of implementing corrective actions whenever possible. If you use your CAPA procedure and form to document the 483 response, then you can show the FDA how the revised procedure or form will be used in your 483 response. If you write your 483 response for other inspection observations first, then the other 483 responses are using the existing procedure or form that the identified as inadequate.

Your first step should always be to implement corrective actions to address an inadequate CAPA process by revising the procedure or the form. Once the procedure or form is updated, then you can use the new process to document the rest of your 483 responses.

Training Webinar for an FDA 483 response

If you need help preparing an FDA 483 response, click here for our webinar explaining the 7 steps for responding to an FDA Form 483 inspection observation. You can also download a CAPA procedure and CAPA form from our SOP page.

483 Response: Which corrective action plan should you write first? Read More »

Three (3) important technical file and 510k submission differences

4 Comments / 510(k), CE Marking / By

This article explains the three (3) critical technical file and 510k submission differences: 1) risk, 2) CER, and 3) PMCF.

3 different apples Three (3) important technical file and 510k submission differences
Three important technical file and 510k submission differences

There are many differences between a technical file and a 510k submission, including the fact that technical files are audited annually while a 510k submission is reviewed only once. ISO 14971 requires a risk management file, whether you are selling a medical device in the EU or the USA, but the US FDA doesn’t require that you submit a risk management file as part of the 510k submission. If you design and develop a medical device with software, you must submit a risk analysis if the software has a moderate level of concern or higher. However, risk analysis is only a small portion of a risk management file.

Only 10-15% of 510k submissions require clinical studies, but 100% of medical devices with CE Marking require a clinical evaluation report (CER) as an essential requirement in the technical file. The clinical evaluation report (CER) is an essential requirement (ER) 6a in Annex I of the Medical Device Directive (MDD). Even class 1 devices that are non-sterile and have no measuring function require a clinical evaluation report (CER). Yes, even adhesive tape with a CE Mark requires a clinical evaluation report in the technical file.

Annex X, 1.1c of the Medical Device Directive (MDD), requires that medical device manufacturers perform a post-market clinical follow-up (PMCF) study or provide a justification for not conducting a post-market clinical follow-up (PMCF) study. In the past, companies attempted to claim that their device is equivalent to other medical devices, and therefore a post-market clinical follow-up (PMCF) study is not required. However, in January 2012, a guidance document (MEDDEV 2.12/2) was published to provide guidance regarding when a PMCF study needs to be conducted. This guidance makes it clear that PMCF studies are required for many devices–regardless of equivalence to other devices already on the market.

Risk management file for technical file and 510k submission

The FDA only requires documentation of risk management in a 510k submission if the product contains software, and the risk is at least a “moderate concern.” Even though you are required to perform a risk analysis, a knee implant would not require submission of the risk analysis with the 510k. If a product is already 510k cleared, you may be surprised to receive audit nonconformities related to your risk management documentation for CE Marking. The most common deficiencies with a risk management file are:

  1. compliant with ISO 14971:2007 instead of EN ISO 14971:2012
  2. reduction of risks as low as reasonably practicable (ALARP) instead of reducing risks as far as possible (AFAP)
  3. reducing risks by notifying users and patients of residual risks in the IFU
  4. only addressing unacceptable risks with risk controls instead of all risks–including negligible risks

If you are looking for a risk management procedure, please click here. You might also be interested in my previous blog about preparing a risk management file.

Clinical evaluation report (CER) for technical file and 510k submission

The FDA does not require a clinical evaluation report (CER), and up until 2010, only some CE Marked products were required to provide a clinical evaluation report (CER). In 2010 the Medical Device Directive (MDD) was revised, and now a clinical evaluation report (CER) is a general requirement for all medical devices (i.e., Essential Requirement 6a). This requirement can be met by performing a clinical study or by performing a literature review. Since 510k devices only require a clinical study 10-15% of the time, it is unusual for European Class 1, Class IIa, and Class IIb devices to have clinical studies. This also means that very few clinical studies are identified in literature reviews of these low and medium-risk devices.

The most common problem with the clinical evaluation reports (CERs) is that the manufacturer did not use a pre-approved protocol for the literature search. Other common issues include an absence of documented qualifications for the person performing the clinical evaluation and failure to include a copy of the articles reviewed in the clinical evaluation report (CER). These requirements are outlined in MEDDEV 2.7/1, but the amount of work required to perform a clinical evaluation that meets these requirements can take 80 hours to complete.

If you are looking for a procedure and literature search protocol for preparing a clinical evaluation report (CER), please click here. You might also be interested in my previous blog about preparing a clinical evaluation report (CER).

Post-Market Surveillance (PMS) & Post-Market Clinical Follow-up (PMCF) Studies for technical file and 510k submission

Post-market clinical follow-up (PMCF) is only required for the highest risk devices by the FDA. For CE Marking, however, all product families are required to have evidence of post-market clinical follow-up (PMCF) studies or a justification for why post-market clinical follow-up (PMCF) is not required. The biggest mistake I see is that manufacturers refer to their post-market surveillance (PMS) procedure as the post-market surveillance (PMS) plan for their product family, and they say that they do not need to perform a post-market clinical follow-up (PMCF) study because the device is substantially equivalent to several other devices on the market.

Manufacturers need to have post-market surveillance (PMS) plan that is specific to a product or family of products. The post-market surveillance (PMS) procedure needs to be updated to identify the frequency and product-specific nature of post-market surveillance (PMS) for each product family or a separate document that needs to be created for each product family. For devices that are high-risk, implantable, or devices that have innovative characteristics, the manufacturer will need to perform some post-market clinical follow-up (PMCF) studies. Even products with clinical studies might require post-market clinical follow-up (PMCF) because the clinical studies may not cover changes to the device, accessories, and range of sizes. MEDDEV 2.12/2 provides guidance on the requirements for post-market clinical follow-up (PMCF) studies. Still, most companies manufacturing moderate-risk devices do not have experience obtaining patient consent to access medical records to collect post-market clinical follow-up (PMCF) data–such as postoperative imaging.

Procedures & Webinars

If you are looking for a procedure for post-market surveillance (PMS), please click here. If you are interested in learning more about post-market surveillance and post-market clinical follow-up (PMCF) studies, we also have a webinar on this topic.

Three (3) important technical file and 510k submission differences Read More »

Post-market surveillance plans: How to write one for CE Marking.

2 Comments / Design Control / By

This article explains how to write a post-market surveillance plan for CE Marking and how to determine if a post-market clinical follow-up (PMCF) study is required.

Screenshot 2015 12 15 at 6.18.57 AM Post market surveillance plans: How to write one for CE Marking.

A post-market surveillance (PMS) plan is only required for the highest risk devices by the FDA (i.e., typically devices that require a PMA or premarket approval). For CE Marking, however, all product families are required to have evidence of post-market clinical follow-up (PMCF) studies or a justification for why PMCF is not required.

Why is a post-market surveillance plan a “hot button” with auditors recently?

Post-Market surveillance is an area of emerging concern around the world. Not just a procedure for PMS, but an actual product-specific plan for gathering post-production data about your product or product family. Product registries, the anticipated launch of Eudamed, and the implementation of UDI regulations are part of this industry-wide movement. The FDA has articulated the US plan for strengthening PMS in a guidance document. At the same time, the European PMS efforts are being debated as a central part of the new European Medical Device Regulations.

The biggest mistake I see 

The biggest mistake I see is that manufacturers refer to their PMS procedure as the PMS plan for their product family, and they say that they do not need to perform a PMCF study because the device is similar to several other devices on the market. Manufacturers need to have a PMS plan that is specific to a product or family of products.

How often is post-market surveillance data collected?

Your post-market surveillance procedure needs to be updated to identify the frequency and product-specific nature of post-market surveillance for each product family, or a separate document needs to be created for each product family. For devices that are high-risk, implantable, or devices that have innovative characteristics, the manufacturer will need to perform some PMCF studies. Even products with clinical studies might require PMCF because the clinical studies may not cover changes to the device, accessories, and range of sizes. MEDDEV 2.12/2 provides guidance on the requirements for PMCF studies, but most companies manufacturing moderate-risk devices do not have experience obtaining patient consent to access medical records to collect PMCF data–such as postoperative follow-up data.

Additional Resources

Medical Device Academy has created a post-market surveillance plan template that you can download for free. If you are looking for a procedure for post-market surveillance, please click here. If you are interested in learning more about PMS and PMCF studies, we also have a webinar on this topic.

Post-market surveillance plans: How to write one for CE Marking. Read More »

Scroll to Top