Data Analysis of Medical Device FDA Form 483s Issued in FY2013

The author performed data analysis of medical device FDA Form 483s issued in FY2013. Was Design Controls, CAPA, or complaint handling the number one 483?

The FDA recently updated its webpage for “Inspections, Compliance, Enforcement, and Criminal Investigations” (http://bit.ly/FDA483s). The update was the addition of FY2013’s inspection observations (i.e., 483s). Medical Device Academy performed data analysis of the inspection observations report for FY2013. The high frequency of FDA Form 483s referencing CAPA and complaint handling was not a surprise, but the results of the Pareto analysis (http://bit.ly/ParetoChart) might surprise you.

Data without Categories Data Analysis of Medical Device FDA Form 483s Issued in FY2013 — Ranking of Individual Observation References

If you sort the raw data from the FDA, instead of categorizing the observations first, you see that 21 CFR 820.100(a) (i.e., the CAPA procedure requirement) is the most frequently referenced section. Complaint handling, 21 CFR 820.198(a), is the second most frequently referenced section. CAPA even gets the third spot on the table to the left, while the highest-ranking of an individual section for design controls [i.e., 21 CFR 820.30(i)] is eighth. The problem with this approach is that there 244 different sections to review, and it’s difficult to identify which process areas to focus on. Therefore, Medical Device Academy categorized the data by section first and then sorted the data.

The section of the CFR referenced categorized the data from FY2013. For example, there are 15 different sub-sections related to section 21 CFR 820.198. Therefore, all 15 were grouped under one category. The categorization of the data allowed us to reduce the number of observation references from 244 to 32. By doing this, it was clear that CAPA (11.75%) and complaint handling (10.65%) are more frequently referenced in FDA Form 483s than the next most frequent section—medical device reporting (6.24%). However, categorizing the data first shows that design controls (21 CFR 820.30) were referenced more frequently than any other category in FY2013.

You may also expect to see a large percentage of Form 483 observations issued against management responsibilities. However, section 820.20 (i.e., management responsibilities) ranks 13^th out of 32 categories (4.05% in the table below). We even considered that maybe FDA inspectors were issuing fewer 483s against section 820.20 in FY2013 than previous years. However, FY2012 also had slightly more than 4% of the FDA Form 483s issued against this category.

The frequency of 13.25% for design controls may surprise you. However, when all 15 of the different observation references for design controls are combined into one category, there is a total of 582 observations. For the sake of comparison, only 12.68% of the FDA 483 observations were related to design controls in FY2012. Therefore, inadequate implementation of design controls (http://bit.ly/Implementing820-30) remains the most frequently referenced observation.

If you are interested in downloading the Excel spreadsheet that we used to create the above chart and graph, please follow this link: http://bit.ly/Download-Pareto483s.

Preventive Actions

The Pareto analysis can also be used to focus your internal auditors or a mock-FDA inspection. For example, your next audit might start with a review of the CAPA process, since that is the second most frequent observation reference by FDA inspectors (http://bit.ly/CAPAMistakes). Next, you may want to audit complaint records and medical device reporting (http://bit.ly/outsourcing-complaints). These are the third and fourth most frequent observation references. Finally, after you have finished these three areas, you should select a product line that has not been recently inspected by the FDA and perform an audit of the Design History File (DHF): http://bit.ly/AuditDesign. The auditor should verify that all the changes made to the Device Master Record (DMR) have been documented and validated in accordance with your Design Controls procedure.

In addition to performing a mock-FDA inspection, you should also invest in training of employees in each of the four most critical areas:

Design Controls
CAPA
Complaint Handling
MDRs

Signing a training record to indicate that you read and understood a procedure does not meet the requirements for training personnel. You need to develop a training curriculum for each subject area with practical examples—not just bullet points copied from the QSR. In addition to reading and sharing the blogs that are referenced for each of the above areas, you might also consider reviewing the following blog about training effectiveness: http://bit.ly/TrainingExams.

If you are interested in training courses, Medical Device Academy has a library of pre-recorded webinars available: http://bit.ly/QA-RA-Webinars. We also have exams that can be used to verify training effectiveness after each webinar. Please let us know if you are looking for something specific because we develop new customized training webinars every month.

Data Analysis of Medical Device FDA Form 483s Issued in FY2013 Read More »

Jan 31 2014

7 Considerations for Outsourcing Medical Device Complaints

1 Comment / Complaint Handling / By Robert Packard / medical device complaint handling, medical device complaints, outsourcing medical device complaints

Investigating medical device complaints can be a time-consuming task. This blog reviews seven considerations for outsourcing medical device complaints.

Two different clients of mine recently mentioned that they are overwhelmed by the amount of time required to investigate complaints and to file MDRs with the FDA. I suggested outsourcing the complaint handling to a third-party service provider, but they were unaware of any suppliers with that capability.

I was already familiar with several suppliers offering these services, but I wanted to know if companies were looking for these services. Therefore, I decided to post a discussion on one of the LinkedIn groups I manage: http://bit.ly/LinkedIn-ComplaintThread. In just two days, there were 21 different comments. Most of these were from consultants offering their services, but their comments were helpful. For example:

“The majority of complaint handling work typically involves a high volume of less critical tasks. Routine things like ensuring all potential complaints are entered into your system, requesting additional information when its needed, documenting updates when they are received, or drafting complaint/reportability decisions based on company policy are all tasks that can easily be performed by a well-qualified service provider for significantly less than if they were done domestically.” – Matts Bell
“Direct input into ESG is much better and easier than an additional third party software package, as ESG does change often, and the software companies are not keeping up. Keep in mind that each change digs deeper into the quality system and information. What is acceptable today may not be acceptable tomorrow as the validation keys within ESG tighten.” – Courtland Imel
“I too, have provided outsourced complaint, NCMR and CAPA investigations, customer contacts, and root cause analysis to final disposition, sometimes in an FDA remediation project. But it requires active involvement on the part of the client company, with periodic meetings to discuss each case/its resolution, as well as identified trends/their resolution.” – John E. Lincoln
“In the case of adverse events identified through the litigation process, the company cannot contact the complainant directly because the case is in litigation…Utilizing an appropriate third-party service provider to work with you on this process can make this type of adverse event reporting fast, efficient, and cost-effective.” – Melissa Becker

It is true that parts of complaint investigations must be performed internally—such as failure analysis. You also cannot outsource responsibility for review and approval of complaint records or MDRs. However, suppliers can provide trained personnel that are capable of initiating and completing complaint records, performing follow-up with complainants, and determining if complaints are reportable to the FDA and other countries around the world. One of the suppliers I interviewed can translate adverse event reports for countries that require reporting of adverse events in languages other than English, and they have a professional translator verify accuracy. Some personnel even have a medical background (e.g., nursing).

7 Considerations for Outsourcing Medical Device Complaints

Find a supplier that has many years of experience helping medical device manufacturers with complaint handling and adverse event reporting (no rookies)
Ask for a demo of the software—web-based software is best (I’ll explain why shortly)
Ask to see their complaint handling procedure and perform a procedure review
Ask how the supplier handles complaint investigations when the product is not returned (http://bit.ly/DeviceNotReturned)
Verify that the rationale for MDR decisions is based upon the FDA requirements in 21 CFR 803 (http://bit.ly/Part803), and vigilance decisions are based upon MEDDEV 2.12/1 (http://bit.ly/MEDDEV2-12-1rev8)
Ensure that the software system has a tracking of timelines for complaint handling and reporting already built-in
Ensure the electronic forms are adequately designed for capturing information—not just yes/no checkboxes everywhere

Why is web-based software better than hosted?

The US FDA is moving quickly toward Electronic Submission Gateways (ESGs) as the preferred method of submissions (http://bit.ly/Why-FDA-ESG). Unfortunately, there are frequent changes to ESGs that require software modifications and revalidation (http://bit.ly/ESG-FDA). Therefore, unless you prefer to have a full-time person responsible for revalidation of software, web-based software solutions are typically your best choice for regulatory submission software tools. It’s also convenient to be able to access records and print them out for an FDA inspector from any computer. This eliminates any possibility of a 483 being issued against 21 CFR 820.198(f) (http://bit.ly/820-198).

7 Considerations for Outsourcing Medical Device Complaints Read More »

Jan 29 2014

IEC 60601-1 patient applied parts for Medical Electrical Equipment-Notes 1-2-3

7 Comments / IEC 60601 / By Robert Packard / IEC 60601-1, IEC 60601-1 patient applied parts for Medical Electrical Equipment, IEC 60601-1 patient applied parts for Medical Electrical Equipment-Notes 1-2-3

In this blog, “IEC 60601-1 patient applied parts for Medical Electrical Equipment-Notes 1-2-3,” the author uses many figures to explain critical concepts.

Note 1: Figures that explain APPLIED PART concepts

In IEC 60601-1, Figures 3 and 4 (shown below) are used to show where different parts of ME EQUIPMENT are located, and to help explain some of the defined terms in a pictorial way.

In both figures, the APPLIED PART is intended to come into contact with the PATIENT. Figure 3 shows a CLASS I medical device as per sub-clause 3.13. The device is PROTECTIVELY EARTHED (i.e., grounded), in addition to providing BASIC INSULATION. Figure 4 shows a CLASS II medical device per sub-clause 3.14. The device is not PROTECTIVELY EARTHED. Instead, Figure 4 shows how the design uses two levels of protection, which is a basic tenet of the IEC 60601-1 standard. The two levels of protection used are either DOUBLE or REINFORCED INSULATION.

Figures A.1 to A.7 provide examples of the way APPLIED PARTS and PATIENT CONNECTIONS are identified to apply the requirements for PATIENT LEAKAGE CURRENT and PATIENT AUXILIARY CURRENT. APPLIED PART circuits can provide isolation to other parts of the circuitry in the medical device, and these figures present several options for compliance with SPACINGS (i.e., CREEPAGE and AIR-CLEARANCE), DIELECTRIC WITHSTAND (i.e., HiPot test) and INSULATION requirements. The following discussion is limited to Figures A.1 and A.2. For additional information about Figures A.3-A.7, purchase a copy of IEC 60601-1, edition 3.0 (http://bit.ly/IEC60601-1) or edition 3.1 (http://bit.ly/IEC60601Consolidated).

Figures A.1 and A.2 show an ECG monitor that includes the monitor, PATIENT cable, PATIENT leads, and ECG electrodes. The critical elements of figure A.1 are:

1) the APPLIED PARTS includes the electrodes and those parts of the PATIENT leads, or PATIENT cable that need to physically contact the PATIENT in NORMAL USE (sub-clause 3.8 definitions),

2) application of RISK MANAGEMENT might id other parts of the PATIENT leads or PATIENT cable that needs to treated as APPLIED PARTS because of the probability they will come in contact with the PATIENT, (sub-clause 4.6 requirements), and

3) the PATIENT CONNECTIONS consist of the ECG electrodes, which are part of the same function of the APPLIED PART.

Figure A.2 below shows the required F-TYPE APPLIED PART insulation incorporated in the medical device itself. The components within the dotted line form the PATIENT circuit.

Note 2: Parts that are not APPLIED PARTS may need to be treated as an APPLIED PART

Sub-clause 4.6 and Annex A, sub-clause 4.6, provide additional details that apply to the following paragraph below.

Parts of medical devices that are not APPLIED PARTS, but which touch the PATIENT during the NORMAL USE of the device, may need to be treated as APPLIED PARTS. In this case, the part shall not be marked as an APPLIED PART. A RISK ASSESSMENT PROCESS needs to be conducted to determine whether the parts that come in contact with the PATIENT but aren’t APPLIED PARTS should meet the requirements of APPLIED PARTS. Figures A.4 through A.7 all have a statement that roughly states: “The application of RISK MANAGEMENT might identify some parts of the device/system as having to be treated as APPLIED PARTS because of the probability they will come in contact with the PATIENT.” If your RISK ASSESSMENT determines that sub-clause 4.6 is applicable, then all applicable requirements and tests for APPLIED PARTS should be applied to the parts identified in the RISK ASSESSMENT—except for sub-clause 7.2.10 for marking of APPLIED PARTS. These requirements apply to this standard and the relevant collateral and particular standards in the 60601 series of standards. An example of the type of parts that could fall under sub-clause 4.6 could be computer system interface cable (I/O).

Note 3: Definition of associated term PATIENT CONNECTION

A PATIENT CONNECTION is part of the APPLIED PART, as shown in figure A.1. Sub-clause 3.78 defines a PATIENT CONNECTION as: “Individual point on the APPLIED PART through which current can flow between…PATIENT and ME EQUIPMENT in NORMAL…or SINGLE FAULT CONDITION.” In this example, the conductive part of the ECG electrode is considered the PATIENT CONNECTION.

IEC 60601-1 assumes the PATIENT is earthed as a NORMAL CONDITION per sub-clause 8.5.4, 4^th dashed item because there are many opportunities in the normal operation of medical electrical devices where the PATIENT can accidentally become grounded. Therefore, some PATIENT LEAKAGE CURRENT tests are configured with the LEAKAGE CURRENT measuring device (see Figure 12) directly connected to earth on one side and passing thru the measuring device to the APPLIED PART circuit that is being tested. The boxed-in area in Figure 15 is the portion of the PATIENT LEAKAGE CURRENT test measuring circuit that is connected from the PATIENT CONNECTION (item 4) thru the measuring device to earth (left-hand corner of the figure—symbol sometimes called “upside-down Christmas tree”).

Leo Eisner is the owner and founder of Eisner Safety Consultants (http://bit.ly/LeoEisner). If you need help with IEC 60601 compliance, email Leo directly at Leo@EisnerSafety.com or call him at +1 (503) 244-6151. You can also connect on LinkedIn at http://bit.ly/ConnectwithLeo.

IEC 60601-1 patient applied parts for Medical Electrical Equipment-Notes 1-2-3 Read More »

Jan 22 2014

4 Ways to Create Your Own FDA Medical Device Regulatory Updates

Leave a Comment / FDA / By Robert Packard / Creating your own FDA medical device regulatory updates, FDA medical device regulatory compliance, FDA medical device regulatory updates, medical device consultant, medical device consulting, medical device regulatory

Although FDA medical device regulations are centrally located in one place: http://bit.ly/FDA-homepage, this blog discusses four information areas you can monitor to create your own FDA medical device regulatory updates-(guidance docs, standards,), etc.

Guidance documents released (http://bit.ly/FDA-guidance),
Recognized standards (http://bit.ly/Recognized-Consensus-Standards),
Device classifications (http://bit.ly/ProductClassification), and
Total Product Lifecycle (TPLC) database (http://bit.ly/FDA-TPLC).

Guidance Documents

When you check the FDA website for the new draft and final guidance documents, the webpage to monitor is http://bit.ly/newFDAguidance. This page had already had four new guidance documents in 2014, and in October 2013, the FDA released an important update about the eCopy program for 510(k) submissions: http://bit.ly/FDA-eCopy.

Recognized Standards

The FDA has a separate database for all recognized consensus standards: http://bit.ly/Recognized-Consensus-Standards. This database is used to verify which Standards can be used for verification and validation testing of new devices, and the reference of any of these Standards in a device submission must also be accompanied by the completion of Form FDA 3654: http://bit.ly/Form-FDA-3654.

Device Classifications

Changes to device classifications and/or regulatory approval pathways are rare at the FDA, but you should periodically check the classification database to verify that there have been no changes. The most likely changes will be the addition or removal of recognized standards applicable to your devices. The database for looking up device classifications can be found at http://bit.ly/ProductClassification.

TPLC Database

For each 3-letter product classification code, there is a database that shows all the recent 510(k) submissions, all recalls, and summarizes all the medical device reports submitted for serious injuries and deaths. This database, http://bit.ly/FDA-TPLC, should be monitored to proactively identify problems that occurred with similar products before they happen to your product. Also, there may be voluntary reports from user facilities regarding your device that were not reported directly to your company. The possibility of voluntary reports makes this an important database to monitor weekly. Other resources include:

http://bit.ly/CDRH-news-updates – This is the page of the device division of the FDA (CDRH), where news and updates are posted. You may find it helpful to register for receiving the RSS feeds from this page so that you are informed of any updates as FDA posts them.
http://bit.ly/CDRH-Learn – This is the page where CDRH lists all of the online training courses for medical device manufacturers. This includes popular courses such as the “Pre-market Notification Process – 510(k)s” and “Medical Device Recalls.” This page also had four recent updates: 1) “Investigation Device Exemption Process – IDE,” updated on December 6, 2013; 2) “Device Establishment Registration and Listing,” updated on July 31, 2013; 3) “Global Initiatives,” updated on October 31, 2013; and 4) “Unique Device Identification (UDI) System,” updated on December 23, 2013.

Next Steps

Review each of the above streams of information from the US FDA on a scheduled basis as preparation for quarterly management reviews and determine any potential impact on your organization’s quality system and procedures. This gap analysis should be performed by someone familiar with the specific process(es) addressed by the regulations. The most likely actions to be taken are:

Initiate specific changes to existing procedures
Create new procedures, or
Initiate a quality plan for more substantial changes to your quality system

Management Review-Free Webinar Recording

If you need more help preparing for your management review, here’s a link to a free webinar I recorded: http://bit.ly/Clause5-6. You will also receive a management review slide deck, as well.

4 Ways to Create Your Own FDA Medical Device Regulatory Updates Read More »

Jan 15 2014

How Declaration of Conformity (DoC) templates are created

2 Comments / CE Marking / By Robert Packard / CE marking, declaration of conformity for medical devices, declaration of conformity for medical devices template, how to create a declaration of conformity for medical devices

This article about the declaration of conformity for medical device CE Marking identifies three possible sources for creating a template and includes recommendations for making the transition to the proposed EU Medical Device Regulation (EMDR).

Current declaration of conformity requirements

Each of the three “New Approach” Device Directives requires that manufacturers create a Declaration of Conformity (DoC). For the Medical Device Directive (MDD), this requirement is found in Annex II, IV, V, VI, and VII. The “Declaration of Conformity” is part of the title for each of those Annexes. A DoC is required for each CE Marked product family, but the MDD does not guide the format or content. Manufacturers need a controlled template.

Three sources of declaration of conformity examples

There are three possible sources for creating a declaration of conformity template:

Copy another company’s declaration of conformity
Authorized Representatives
Annex III of the proposed European Medical Device Regulations

Most companies are using option number 1—often without knowing it. The problem with this approach is you have no regulatory reference to justify the basis for the content and format of your Declaration.

The second option is to ask your Authorized Representative (AR). The AR is supposed to verify that you have a DoC for each product family and that the company has the required technical documentation for each product family. The AR must provide a DoC for each product they represent to the Competent Authority upon request. Therefore, some ARs provide manufacturers with a template for the DoC to ensure that your DoC meets requirements. This approach gives you a reference of external origin, and you can be sure that the template will meet current requirements.

My new recommendation for Creating A declaration of conformity

Option 3 is my new recommendation for companies. The proposed European Medical Device Regulation (EMDR) was released on September 26, 2012. The proposal provides a prescriptive template for the content of a DoC. This will eventually be required for every DoC. Annex III is only one page long, and there are only ten requirements:

Name of the Manufacturer and the AR
A declaration that DoC Issued under Sole Responsibility of Manufacturer
Unique Device Identifier (UDI)
Product Name and Catalog Numbers
Risk Classification
Declaration Statement of Conformity
Reference to Harmonized Standards and Common Technical Specifications (CTS)
Notified Body Name and Number, Description of Conformity Assessment Procedure and Certificate
Additional Information
Place and Date of Issue, along with the Name and Function of the Person Signing

Instead of waiting for the final approval of the EMDR, I recommend creating a declaration of conformity (DoC) template now that matches the proposed Annex III (you might want to add this to recommendations for improvement in your next management review).

Brigid Glass is the subject matter expert behind most of the conventions that our consulting firm uses for document templates. As with all of our forms, we assign a document control number (e.g., FRM-001), and the revision is “D1” for the first draft. The template is in table format to facilitate easier review by auditors and your AR. The left column of the table lists each of the required elements, and the right column is where the variable data is entered. Variable fields that are examples are in green font, and the content that does not require changing is in black font. There are some comments to explain how to fill in the variable content, and several items that will change when the proposed regulation is approved are identified. The following harmonized symbols from ISO 15233-1 are used in the template, as well:

Please click here to download the Medical Device Academy’s declaration of conformity (DoC) template.

How Declaration of Conformity (DoC) templates are created Read More »

Jan 3 2014

How to Identify New and Revised Canadian Medical Device Regulations

1 Comment / Health Canada / By Robert Packard / Canadian Medical Device Regulations, Health Canada, how to locate new Canadian medical device regulations, new Canadian medical device regulations, revised Canadian medical device regulations

The author reviews four steps for identifying new and revised Canadian medical device regulations and guidance documents for management review meetings.

Several times throughout the year, clients ask me to help them prepare a slide for their Management Review that summarizes new and revised regulatory requirements. My recommendation is to conduct management reviews every quarter and to perform a systematic review of new and revised medical device regulations just before each management review.

Each country has different websites for communicating medical device regulations. For Canada, the information you need can be located in two places. The first location is the Justice Canada website, where the most current version of the Canadian Medical Device Regulations (CMDR) can be downloaded. The second location is the Health Canada webpage that lists legislation and guidance documents.

Identifying New and Revised Canadian Medical Device Regulations-Step 1

You need to look up the most recent version of the CMDR (http://bit.ly/FindCMDR). This link tells you how to search for the Medical Device Regulations on the Justice Canada website (http://bit.ly/Justice-Canada). When you type in “Medical Device Regulations” in the proper search field, it will take you to a page with a link for Canadian Medical Device Regulations (i.e., CMDR or SOR/98-282; http://bit.ly/CanadianMDR). Then you can decide if you want to download the CMDR in HTML, XML, or PDF format.

Why not click directly on the last link I provided?

Because the location on the Justice Canada website may change, and Health Canada does not control the Justice Canada website.

Step 2

Once you download the CMDR, you want to compare it for changes with the previous version you were using. In June 2012, I wrote a blog that explains how to do this: http://bit.ly/CMDRChange. I’ll save you some time; however, the first page tells you what you need to know. The most current version of the CMDR is current to November 26, 2013 (it will change soon), but the last amendment was on December 16, 2011. Therefore, Health Canada has not made any changes to the wording of the CMDR in two years.

Step 3

Once you have reviewed the CMDR, you will want to search for new guidance documents. Health Canada provides a page summarizing the medical device guidance documents in chronological order, from most recent to oldest: http://bit.ly/CanadianGuidance. There have only been four new guidance documents in the past two years:

1. http://bit.ly/LicenseApplications – Final guidance document for Class III and IV medical device license applications was released on July 5, 2012.

2. http://bit.ly/UltrasoundLicenseApps – Updated guidance license applications for ultrasound systems and transducers were published on September 13, 2013.

3. http://bit.ly/CanadianRenewalandFees – Updated guidance on license renewal and fees for the right to sell medical devices was released on November 18, 2013.

4. http://bit.ly/CanadianFeesforReview – Updated guidance on review fees for medical device license applications was released on November 18, 2013.

Note: The most recent fees are now found on the following page http://bit.ly/Canadian-Fees.

Step 4

Review each guidance document and determine if the document impacts your organization’s quality system and procedures. This gap analysis should be performed by someone familiar with the specific process(es) addressed by the regulations. The most likely actions to be taken are:

initiate specific changes to existing procedures,
create new procedures, or
initiate a quality plan for more substantial changes to your quality system.

If you need more help preparing for your management review, here’s a link to a free webinar I recorded: http://bit.ly/Clause5-6. You will also receive a management review PowerPoint training slide deck.

How to Identify New and Revised Canadian Medical Device Regulations Read More »

Dec 19 2013

IEC 60601-1 Definition of Patient Applied Parts

4 Comments / IEC 60601 / By Robert Packard / IEC 60601-1, IEC 60601-1 definition of applied parts

This article reviews the IEC 60601-1 definition of patient applied parts for medical electrical equipment. It includes examples, as well.

Classification of medical electrical devices was discussed in a previous blog (http://bit.ly/IEC60601-FAQ). At the same time, this article focuses on APPLIED PARTS—one portion of the “Protection Against Electric shock” classification in sub-clause 6.2 of IEC 60601-1. ALL CAPITAL LETTERS identifies a defined term for the IEC 60601 series of standards within this blog.

All clause references in this blog are to both IEC 60601-1:2005 (3^rd edition) and IEC 60601-1:2005 (3^rd edition) + Amendment 1:2012 (http://bit.ly/IEC60601-1am1), or the consolidated version IEC 60601-1:2012 ed. 3.1, but the actual text comes from edition 3.1 (http://bit.ly/IEC60601Consolidated).

Definition

To understand what an APPLIED PART is, we first need to understand its definition. Sub-clause 3.8 states that an APPLIED PART is “part of ME EQUIPMENT that in NORMAL USE necessarily comes into physical contact with the PATIENT for ME EQUIPMENT or an ME SYSTEM to perform its function.”

Examples

An APPLIED PART can be a blood pressure cuff or a SpO₂ sensor of a multi-parameter monitor, the tabletop of an MRI, and many other parts of ME EQUIPMENT that manufacturers intend to come into contact with a PATIENT during NORMAL USE.

Electrical-medical devices can have different types of APPLIED PARTS or more than one of the same type (e.g., multi-parameter monitors frequently have temperature sensors, and blood pressure monitoring components in the base configuration and other APPLIED PARTS can be added). As discussed in the previous blog (http://bit.ly/IEC60601-FAQ), APPLIED PARTS can have six different classifications: TYPE B, BF, or CF (and each can be DEFIBRILLATION PROOF). Each of these classifications also has an associated symbol.

The requirements for an APPLIED PART are more stringent because it has to be assumed that the PATIENT’s immune system is depressed. So, the probability of HARM is increased for a sick PATIENT, rather than for a healthy OPERATOR. Therefore, the standard aims to reduce the severity of HARM by requiring more stringent limits upon LEAKAGE CURRENTS. The computer equipment standard (IEC 60950-1 Information Technology Equipment Standard) applying to your home or business computer allows for higher limits for LEAKAGE CURRENTS because the computer equipment standard assumes the user is healthy—just like medical equipment operators.

The level of HARM to a PATIENT by an APPLIED PART can be adversely affected if a PATIENT is not conscious (e.g., during general anesthesia), because the PATIENT may be unable to react while they are unconscious. Therefore, understanding a device’s intended use (i.e., what the device is intended to do), and indications for use (i.e., the environment of use, part of the anatomy and intended population), is critical when you are conducting RISK ANALYSIS and USABILITY ANALYSIS of a device.

Three Notes About the IEC 60601-1 Definition of Patient Applied Parts

There are three (3) notes associated with the definition of APPLIED PART:

Sample figures that show APPLIED PARTS in different system configurations
Parts of the device that are not APPLIED PARTS, but in NORMAL USE necessarily come into physical contact with the PATIENT, shall be treated as APPLIED PARTS, but is not allowed to be marked as an APPLIED PART; and
The associated term PATIENT CONNECTION

The sample figures related to the first note, Figures 3 & 4 and figures A.1 to A.7 of Annex A, show APPLIED PARTS in different system configurations. These figures provide guidance and a rationale for why and what is happening. The second note is important because any part that necessarily comes into physical contact with the PATIENT, for the equipment to perform its function, will also need to be tested as if it were an APPLIED PART. Still, it will not be allowed to be marked as such. The third note regarding PATIENT CONNECTION, in sub-clause 3.78 & Annex A for 3.78, is the part of the APPLIED PART that is intended to contact the PATIENT that current flows through. The next blog will review all three notes in greater detail.

If you need help with the IEC 60601 series of Standards, email Leo Eisner (http://bit.ly/ConnectwithLeo) directly at Leo@EisnerSafety.com, or call Leo at +1-(503)-244-6151. He is the owner and founder of Eisner Safety Consultants (http://bit.ly/LeoEisner).

IEC 60601-1 Definition of Patient Applied Parts Read More »

Dec 3 2013

Risk Control Options for Medical Devices: Deviation #6

1 Comment / ISO 14971:2019 (Risk Management) / By Robert Packard / risk analysis for medical devices, risk control options for medical devices, risk management

This blog discusses risk control options for medical devices; the 6th deviation identified in the European National version of the Risk Management Standard.

Design is not the same as design and construction. This is the interpretation of the European Commission. The sixth of the seven deviations identified in the European National (EN) version of the Risk Management Standard (i.e., EN ISO 14971:2012; http://bit.ly/ISO14971-2012changes), states that “inherent safety by design” is not precise enough. Section 2 of the Essential Requirements (i.e., Annex I of the MDD) states that the first risk control option must be selection of design and construction that eliminates or reduces risk as far as possible, while the international (ISO) risk management standard (i.e., ISO 14971:2007) only states that inherent safety by design is required.

The difference between the requirements of the ISO and the EN standard are not just semantics. If you read part II of the Essential Requirements (ERs; i.e., ER 7-13), there are many examples of how the construction of devices should be considered. The following are three examples:

ER 7.5 – leaking from the device
ER 8.2 – tissues of animal origin
ER 9.2 -aging of materials

Therefore, in order to comply the the intent of the Directive, you must consider far more than just the design of the device. Construction is interpreted as both the risks associated with the materials to fabricate a device and the methods of manufacture. In the proposed EU regulations, the European Commission seeks to clarify the requirements for implementation of risk controls, but the draft legislation still seems vague.

Implementing Risk Control Options for Medical Devices

The following wording for implementation of risk control options in the new proposed second Essential Requirement is below:

“The manufacturer shall apply the following principles in the priority order listed:

a. identify known or foreseeable hazards and estimate the associated risks arising from the intended use and foreseeable misuse;

b. eliminate risks as far as possible through inherently safe design and manufacture

c. reduce as far as possible the remaining risks by taking adequate protection measures, including alarms; and

d. provide training to users and/or inform users of any residual risks.”

In this proposed wording, the word “construction” was replaced by the word “manufacture.” However, in other parts of the new proposed Essential Requirements (http://bit.ly/NewERCGap) the materials of fabrication are specifically addressed, as well. For example:

ER 7.1d) was added as a new requirement…”d) the choice of materials used, reflecting, where appropriate, matters such as hardness, wear and fatigue strength.”
ER 7.6 was added as a new requirement to address risks associated with the size and properties of particles—especially nanomaterials.

The new proposed Essential Requirements also include numerous examples of how the manufacturing processes must ensure proper safety. Essential Requirement 10 specifically references new Commission Regulation (EU) No 722/2012 (http://bit.ly/AnimalTissueReg)–specific to devices manufactured using animal tissues or cells of animal origin.

Even though the proposed regulations are more detailed with regard to application of risk management, they do not specify if it is required to implement risk control options for both materials and methods of manufacture simultaneously, or if the manufacturer may choose between the two. The phrase “taking account of the generally acknowledged state of the art” is used in the second Essential Requirement, but “state of the art” is a moving target, and the European Commission may find existing Standards to be deficient.

For reducing the risk of infection, the Commission does not require that companies implement aseptic processing, antimicrobial materials and terminal sterilization. One of the three is sufficient. This is why we have ISO Standards for sterilization validation, and we define “sterile” as a sterility assurance level of 10-6.

If the Commission maintained the language of the ISO 14971:2007 Standard, “as low as reasonably practicable,” then manufacturers could select risk control options based upon acceptability of risk. However, the EN version of the risk management standard creates significant challenges for implementation, and we are forced to evaluate the risk control measures we implement against those used by other manufacturers during the process of risk option analysis.

If you are interested in ISO 14971 training, we are conducting a risk management training webinar on October 19, 2018.

Risk Control Options for Medical Devices: Deviation #6 Read More »

Nov 24 2013

CE marking 4 digit number for medical devices

1 Comment / CE Marking / By Robert Packard / CE Marking for medical devices, CE marking for medical devices-4 digit number, Notified Body

This article explains the purpose and use of a CE marking four-digit number for medical devices, minimum size requirements, and other considerations.

CE marking a four-digit number

The CE marking four-digit number that is displayed next to the CE mark on some medical devices is the Notified Body (NB) number. If there is no CE marking four-digit number, this means that the medical device is a Class I device that does not require NB involvement (i.e., self-declaration). If the device is a Class I device, and there is an NB number next to the CE mark, then the device either has a measuring function or is sterile.

Requirements for CE marking a four-digit number

The Medical Device Directive is divided into Articles and Annexes. Section 1 of Article 16 indicates that the European Commission is responsible for the assignment of NB numbers. In Article 17, ¨CE Marking,¨ it states: ¨[The CE] shall be accompanied by the identification number of the notified body responsible for the implementation of the procedures set out in Annexes II, IV, V, and VI.¨ Annex XII defines the minimum size (i.e., 5 mm) of the CE. The requirements for the size of the NB identification number is not included in Annex XII, but NBs interpret the requirements for size as half the height of the ¨CE.¨

Companies are responsible for reproducing the CE Mark on their labeling and the product–including the 4-digit number. However, if the space available on the product is too small to allow a 5 mm ¨CE,¨, then the company is not required to reproduce it on the product. Instead, it is sufficient to reproduce the CE Mark on product labeling and the Instructions For Use (IFU). One source of the artwork for the ¨C¨ and ¨E¨ is the Europa website.

If an NB number is required, usually, there are a couple of different orientations that are allowed by the NB. Most NBs specify that the NB number shall be to the right or beneath the “C” and “E.” However, most NBs have specific instructions available for the reproduction of the CE Mark and the proper orientation of their NB number. Often, the NB will also provide artwork for downloading that includes the NB number in one or more orientation.

Product Failure Investigations

Identification of the NB may not seem important; however, the NB number can help caregivers to identify the NB that approved CE Marking of a product when there is an investigation of product failures with an unknown manufacturer. In that case, the NB will then share this information with the appropriate manufacturer to facilitate an investigation. The NB number is also used to differentiate when the oversight by one NB stops, and a new one begins, after transferring from one NB to another.

If someone wants to know which NB is associated with each NB number, the EU Commission operates the NANDO information system as a database, allowing you to search each of the 60+ NBs by CE marking 4 digit number. The database also allows searching by country, annex/article, product, and horizontal technical competence.

If your company is selecting an NB, you can search the product and technical competency categories to identify which NBs are able to issue CE certificates for your product. There are ten possible technical competencies to use as search criteria. For example, if your company manufactures absorbable sutures (i.e., competency, MDS 7009), there are only 32 NBs (shrinking every day) that have the technical competence to assess your Design Dossier for conformity with the MDD.

If your company is developing porcine-based collagen implants (i.e., competency, MDS 7010), then there are only 24 NBs (shrinking every day) able to issue a Design Examination Certificate for CE Marking. If your company needs additional guidance on how to select an NB, you might consider reading a blog on certification body selection.

CE marking 4 digit number for medical devices Read More »

Nov 4 2013

Regulatory Consulting Firm Selection

Leave a Comment / Project Management / By Robert Packard / FDA medical device regulatory compliance, medical device consulting firm, selecting a medical device consulting firm, selecting a medical device quality consulting firm

Things to consider for regulatory consulting firm selection: 1) the project scope, 2) personality, 3) qualifications, and 4) budget.

Regulatory Consulting Firm Selection

This article reviews four key considerations of regulatory consulting firm selection. Even if you already have a vice president of regulatory affairs, you still might need external regulatory consulting expertise. Regulatory consultants specialize in just the regulations and most have sub-specialties because it is impossible to know the medical device regulations in every country. Another reason for hiring a regulatory consultant is that you do not have enough bandwidth to conduct the regulatory work internally. Regardless of the scope of the project, this is a strategic decision rather than a tactical one. Regulatory approval impacts your company’s ability to sell devices and therefore a few months of delay can result in a six or seven-figure loss. In addition, the cost of the regulatory consulting fees is likely to be at least five figures. Finally, a purchasing decision of this magnitude will require C-suite approval and your Board of Directors and/or investors may get involved. Here are four critical areas to consider:

1. Defining the scope of the regulatory consulting project

Ensure that the scope, timeline, roles of the consultant/internal company team, and deliverables are crystal clear during consultant interviews and defined within the consulting contract. Do you need advice or suggestions to be carried out by your internal team? Or is “hands-on” work required (writing procedures, conducting training, executing audits, etc.)? I’ve discovered that “hands-on” can mean something entirely different to your company and the consultant. If it’s not clear who is doing the actual work, your internal resources may end up doing the work that was intended for the consultant.

Once the project scope has been clearly explained, ask the prospective consultant to provide a brief document describing how they would approach the project. This will be helpful later on when drawing up the contract. Ask which software or systems the consultant will be using to keep your project on track. A consultant who does not have any version of project management on their laptop, or is unfamiliar with such tools, is a red flag.

Make sure you select a consultant or consulting firm that matches the size of your project. Select and interview three to five companies, based on the size and complexity of the project. If the project primarily involves working at your location, consider the additional cost and travel time from where the consultant(s) is located. If the project allows for working remotely, focus more on the project management aspects mentioned in the previous paragraph, and how your company will communicate with the consultant.

2. Personality of the consultants

When you are making a regulatory consulting firm selection, don’t base your decision on word of mouth, or someone that you pick randomly online. Interviewing is an essential part of the selection process. Be wary of a consultant who talks more than listens, especially if the conversation is about their illustrious career. The consultant you speak with should be focused on the scope of your project and ask questions about your company’s capabilities. You are the client and ultimately your team will be the hero that brings a new medical device to market. The consultant you hire is an experienced guide that has learned from success and failures. Ideally, the consultant will be able to explain the process in simple terms and help you identify critical tasks in the project. Be wary of the consultant that answers every question with “It depends.” If your team’s style of project management and communication doesn’t fit the consulting firm’s style, keep looking.

3. Qualifications of the regulatory consulting firm

Don’t limit interviewing to the experience of the lead consultant or owner of the consulting firm. Make sure that you also have a resume or CV for each of the other consulting members that will be working on your project. Imagine the dismay of your internal team when you discover that the owner of the consulting firm has hired friends or former colleagues with little or none of the needed expertise. To prevent this scenario from occurring, include a technical person on the interview team to challenge the expertise of the consultant. This will help you identify a firm that knows all the right buzzwords but lacks the knowledge to accurately implement the deliverables and reduce regulatory risk within your company. Ideally, the consulting firm will have a step-by-step plan and they are able to identify the biggest potential obstacles.

You can ask for and check references for past clients for whom they have done similar work, but people seldom give you the name of a referral that will speak negatively about them. Ask for examples of work reports that the consultant has completed for other clients—with any confidential information removed. This is critical in determining if the final job will be “fluff” or real solutions for your company. It will also avoid the “one size fits all” procedures and processes that can rarely be beneficial for your company’s needs. Ask for examples of “out of the box” thinking and best practices that they’ve implemented. How do they remain current on the regulations and standards?

4. Budget for a regulatory consulting firm

Cost should not be the only determining factor in selecting a consultant. When you’re choosing someone to pave your driveway, you may be able to get away with this. When choosing a regulatory consultant for your medical device company, you want several bids, and you want to ensure that each party is bidding against the same scope and deliverables. However, choosing the least expensive bid over the one with the most expertise and best reputation may cost your company more in the long run if the work isn’t properly done or completed on time.

Contracts must be very specific with regard to milestones, timelines, and deliverables with respect to the payment schedule. What recourse does your company have when a consultant assures you during the interview process that they can meet your every need and then doesn’t? No company wants to have to pay for work that hasn’t been done and may never get done.

If the regulatory consultant is working on-site, be clear about work accommodations – office, cube, conference room, phones, access to printers and company databases, so that there are no misunderstandings once the job starts or excuses for why the work can’t get done “under these conditions.”

Conclusion

Making the best regulatory consultant firm selection is critical. If you are careful in your selection of a regulator consulting firm, you should expect an earlier market launch and a predictable process.

Regulatory Consulting Firm Selection Read More »