Medical Device Academy Blog Archive Medical Device Academy

Smile, because you should never be scared of a surprise FDA inspector

Posted by Rob Packard on July 7, 2021

If you have a surprise FDA inspector visit, you should never be scared because there is no difference between the best and worst-case outcome.

Why are you scared of an FDA inspector?

There are a number of reasons why you might be scared of an FDA inspector, but if you keep reading you will learn why 95% of your fear is self-induced. A small percentage of device manufacturers evaluate the performance of quality managers based upon the outcome of FDA inspections, but you have no control over whom the FDA Office of Regulatory Affairs (ORA) assigns to perform your inspection. If your company belongs to this 5% minority, you need to change top management’s approach to regulators or you need to find a new employer. For the majority of us, we are scared of embarrassment, failure, or being “shut down.”

There are rare examples of where the FDA has taken action to stop the distribution of medical devices, but this is only done as a last resort. Usually companies cooperate with the FDA with the hope of being able to resolve quality issues and resume distribution after corrective actions are implemented. Not only is this type of action rare, there will be a prior visit to your facility and prior written communication from ORA before you receive a warning letter–let alone removal of your company’s device(s) from the market. You can’t pass or fail an FDA inspection. The FDA inspector is verifying compliance with the FDA Quality System Regulation (i.e. 21 CFR 820) as well as the requirements for medical device reporting (i.e. 21 CFR 803), reports of corrections and removals (i.e. 21 CFR 806), investigational device exemptions (i.e. 21 CFR 812), and unique device identification (UDI). FDA inspectors only have time to sample your records, and with any sampling plan there is always uncertainty. When you do receive an FDA 483 inspection observation you should not consider it to be a condemnation of your company. Likewise, an absence of 483 observations is not a reason to celebrate.

Why you should not be embarrassed when you receive a 483 from an FDA inspector

The most irrational response to an FDA 483 inspection oberservation is embarrassment. Our firm specializes in helping start-up medical device companies get their first product to market. This includes providing training and helping them to implement a quality system. When our clients have their first FDA inspection, it is not uncommon to receive an FDA Form 483 inspection observation. Start-ups have limited resources, limited experience, and most of the employees have never participated in an FDA inspection before. Experience matters, and immature quality systems have only a limited number of records to sample. Any mistakes are easy for an inspector to find.

Instead of feeling embarrassed, acknowledge and embrace your inexperience. For example, during the opening meeting with an FDA inspector you might say, “We are a new company, and this is our first FDA inspection. I am also a first-time quality manager. If you find anything that we are doing incorrectly, please let us know and we will make immediate corrections and start working on our CAPA plan.” You can say this with a smile :), and you can genuinely mean what you said because it’s true.

Anticipation is always worse than reality

Another reason you are scared of an FDA inspection is because you don’t know exactly when the inspection will be. Only Class III PMA devices, and a few Class II De Novo devices with novel manufacturing processes, require a pre-approval inspection. For the rest of the Class II devices, ORA prioritizes inspections based upon risk. There are a few companies prioritized for inspection within the first six months of registration, such as reprocessors of single-use devices and contract sterilizers. For the rest of the Class II device manufacturers, your first inspection should be approximately two years after your company registers with the FDA. If you are located outside the USA (OUS), your first inspection might take three years to schedule. Finally, for Class I device manufacturers and contract manufacturers, you are unlikely to ever be inspected by the FDA. If you didn’t know what the typical timeline was for ORA to schedule your first inspection, you probably just breathed a HUGE sigh of relief when you read this paragraph.

Even if you already knew the approximate timeline and priorities for FDA inspections, it’s normal to feel a little anxiety when the date of your first visit is unknown. Your boss and the rest of top management are probably feeling just as much anxiety as you are, or even more if they have no idea what the timeline and priorities are. You should make sure that everyone in your company understands what they are supposed to do during an FDA inspection, and if you forget to tell them you might cause a lot of unneeded drama when they find out an FDA inspector is in the front lobby. Preparing for an FDA inspection is no different from conducting a firedrill. Everyone should know the procedure, and you should practice (i.e. conduct a mock-FDA inspection). Practice ensures that everyone knows what to do during the first 30 minutes of an FDA inspection, and nobody in your company will panic when an FDA inspector actually arrives.

Let’s define “surprise” visits by an FDA inspector

A surprise visit from an FDA inspector is extremely rare, but in the USA inspectors will call on Friday to confirm that your company will be open the following Monday for an inspection. The FDA has jurisdiction over medical device manufacturers located in the USA, and they are not required to give advanced notice. However, inspectors need time to prepare in advance for their inspection–just like a ISO 13485 auditor. Therefore, before an inspector will arrive on-site for a routine (Level 2) inspection, the inspector will first make a courtesy call to the official correspondent identified in your establishment registration.

What happens when an FDA inspector travels outside the USA

In the case of OUS medical device manufacturers, the FDA inspector does not have jurisdiction. Therefore, they will contact the official correspondent 6-8 weeks in advance to schedule an inspection. Inspectors will typically make contact via email, and you may be given a couple of weeks to choose from for the FDA inspection. The duration off your inspection should be 4.5 days. The inspector will arrive on Sunday, and the inspection will begin on Monday morning. The inspector has four major process areas to cover, and Friday morning will be focused on generating a preliminary report of 483 inspection observations. The reason why you can predict this OUS routine with a degree of certainty is two-fold: 1) these are government workers following a procedure, and 2) the FDA inspector needs time to get to the airport for their flight home.

What is the outcome of a FDA inspection?

FDA inspections have three possible outcomes:

No action indicated – there were no FDA 483 inspection observations identified by the FDA inspector
Voluntary action indicated – there was at least one FDA 483 inspection observation identified by the FDA inspector, and the FDA inspector requests submission of a CAPA plan to prevent recurrence
Official action indicated – there was at least one FDA 483 inspection observation identified by the FDA inspector, and the FDA inspector requires submission of a CAPA plan to prevent recurrence; if a plan is not received in 15 business days, a warning letter will automatically be generated on the 16 day

Even in the rare instances with there is “no action indicated” (i.e. best case scenario), I have always noticed one or more things during and FDA inspection that were overlooked and we needed to be initiate a new corrective action plan(s). In the other two possible scenarios, the FDA inspector identified the need for one or more corrective action plans. Therefore, regardless of whether you FDA inspection results in the best-case scenario or the worst-case, you will always need to initiate a new corrective action plan(s).

If the outcome is always a CAPA, what should you do?

Give your FDA inspector a big smile and say, “We are a new company, and this is our first FDA inspection. I am also a first-time quality manager. If you find anything that we are doing incorrectly, please let us know and we will make immediate corrections and start working on our CAPA plan.” Making sure that you have a genuine smile is just as important as what you say. Smiling will relax you and the anxiety and stress you are feeling will gradually melt away. Smiling will encourage the FDA inspector to trust you. Maybe your smile will even be contagious.

If you need help responding to an FDA 483 inspection observation, or you want to conduct a mock-FDA inspection, please use our calendly app to schedule a call with a member of our team. We are also hosting a live webinar on FDA inspections on July 26, 2021 @ Noon EDT.

About the Author

Robert Packard is a regulatory consultant with 25+ years of experience in the medical device, pharmaceutical, and biotechnology industries. He is a graduate of UConn in Chemical Engineering. Robert was a senior manager at several medical device companies—including the President/CEO of a laparoscopic imaging company. His Quality Management System expertise covers all aspects of developing, training, implementing, and maintaining ISO 13485 and ISO 14971 certification. From 2009-2012, he was a lead auditor and instructor for one of the largest Notified Bodies. Robert’s specialty is regulatory submissions for high-risk medical devices, such as implants and drug/device combination products for CE marking applications, Canadian medical device applications, and 510(k) submissions. The most favorite part of his job is training others. He can be reached via phone 802.258.1881 or email. You can also follow him on Google+, LinkedIn or Twitter.

Posted in: FDA

How to pass the FDA Refusal to Accept (RTA) Screening Process

Posted by Matthew Walker on June 29, 2021

This article helps you understand how to pass the FDA Refusal to Accept (RTA) screening process 510k submissions – updated Sept 2019 version.

What is an RTA Checklist?

The “RTA” in RTA Checklist stands for Refuse to Accept. The FDA uses this tool to determine if your 510(k) submissions will be accepted or not for a substantive review. Accepted, not approved because this is simply a verification that the required information is included in your submission. As stated in the 2019 FDA guidance document for the FDA’s Refuse to Accept Policy for 510(k)s “a minimum threshold of acceptability and should be accepted for substantive review.”(Ref.1). That does a nice job summarizing the RTA checklist. It is a tool used to help assess whether or not your submission contains the required information to continue with a more thorough review of the contents of the submission itself.

What does the Refusal to Accept (RTA) policy apply to?

The Refusal to Accept (RTA) policy applies to all 510k submissions. The RTA checklist or more checklists apply specifically to each 510(k) submission type:

Traditional 510k
Abbreviated 510k
Special 510k

There is a different RTA checklist for each submission type. The checklists can be found within the Refuse to Accept Policy for 510(k)s guidance document. Specifically, in the PDF document that the FDA reissued on September 13, 2019, the checklists can be found in the following areas:

Traditional 510k – Appendix A. Page 20 (numbered page 21)
Abbreviated 510k – Appendix B. Page 55 (numbered page 56)
Special 510k – Appendix C. Page 91 (numbered page 92 )

Note that in the title of the checklist it is referred to as an ‘acceptance checklist.’ It is not called the RTA checklist until you get to the footer of the page. It is also listed as an acceptance checklist on the FDA website. The best way to think of the process is as preliminary screening by the FDA.

What does the FDA look at during the Refusal to Accept (RTA) screening process?

During the screening process, the assigned RTA screener will review 510k submission and try to identify all of the requirements listed in the applicable RTA checklist. The person screening your submission is required to answer “yes,” “no,” or “n/a” to the questions in the checklist. This person must also enter the document and the page where the information can be found in the submission. Finally, if an element required by the refusal to accept (RTA) checklist cannot be found, then the screener adds a comment at the end of that section in the checklist. The comment will state what your deficiency is and it may even identify a guidance document that can help you address the issue. If you are missing requirements, you will receive an email from the RTA screener with the completed RTA checklist attached. We call this an “RTA Hold” letter. If your submission is not rejected, then your 510k is administratively complete and you will receive an automated email indicating that your submission was accepted and the substantive review will now begin.

Refusal to Accept (RTA) Time Frame

As stated in the guidance document the Refusal to Accept policy includes “an early review against specific acceptance criteria and to inform the submitter within the first 15 calendar days after receipt of the submission if the submission is administratively complete, or if not, to identify the missing element(s).” (Ref. 1). If the assigned screening person is unable to complete the process within 15 calendar days, then you will receive an automated email stating that they were unable to complete the RTA checklist within 15 calendar days and your submission is automatically moved to the substantive review stage of the 510k review process.

Taking the time to perform your own gap analysis before you submit could avoid a simple error. For example, if you forget to include the signed Truthful and Accuracy Statement in your submission it could take 15 days to be notified of that missing element. The person screening your submission could email you to provide this missing element in an interactive review to avoid placing your submission on hold, but they are not required to give you a chance to provide this interactively by email. If you do receive an RTA Hold letter, you might be able to correct missing elements on the same day, but the 510k review clock is automatically reset when your 510k is placed on RTA Hold. There will be another 15-day refusal to accept (RTA) screening of your submission when you respond to an RTA Hold letter.

What to do with the information in the comments of the RTA checklist?

The RTA checklist is the criteria that your submission is being evaluated against. If your submission has deficiencies during the initial review against the RTA Checklist, the FDA will refuse to accept it and the substantive review will not begin until those deficiencies have been corrected. Since the FDA does not hide what they are looking for, or how they will evaluate your submission, use that to your advantage. Assuming that you have correctly determined the type of 510k submission you have, perform a gap analysis of your submission against the RTA checklist. Either perform these actions in-house, or hire an outside consultant to do them for you, but make sure you don’t make the mistake of trying to check your own work because you will miss something.

Scope of the FDA Refusal to Accept Guidance Document

The scope of the FDA guidance document that is provided for the benefit of the FDA personnel that are reviewing your submission and not specifically for the 510k submitter. It is also for the purpose of providing a loose framework for systematically reviewing submissions in a consistent manner. This ensures all submissions receive equal nonbiased treatment. There are some things that this guidance document does not address or alter by its own admission. One of those things is the “substantial equivalence decision-making process once the submission has been accepted for review.” The refusal to accept (RTA) guidance also does not address FDA user fees. Other guidance documents address those issues.

What are the most common reasons for FDA refusal of your 510k submission?

Although there are dozens of reasons (43 to be exact) why the FDA could reject your submission in the 35-page RTA checklist, most of the refusals (~80%) result from a small percentage (~20%) of reasons. The most common is that your submission is poorly organized. Either you did not provide a table of contents, your submission is not organized in accordance with the sections outlined in the guidance, or the pages of your submission are not properly numbered. When you are trying to review a 1,200-page submission, poor organization is extremely irritating and wastes the reviewer’s time. If it were my decision, I would refuse to complete the entire checklist until you gave me a properly organized submission.

The second most common reason for refusal is the submission of a device description that is not adequate. The FDA needs more detail than most companies provide for the device description because they need to understand what the differences are between your device and the predicate device. This includes much more than just the indications for use. Who are the intended patients and users? What is the intended environment of use? What are the materials for patient-contacting components? What is the source of power for your device? Which design features does your device include when compared to the predicate? What is the user interface for your device? Which accessory devices are needed with your device? You can even make the mistake of being inconsistent in your submission by not repeating the content in the device description in other sections of the 510k submission. It is important to duplicate certain content verbatim in other documents such as the 510k summary, the executive summary, the substantial equivalence comparison, and the instructions for use. Paraphrasing and summarizing certain information will not work.

The third most common reason for refusal of your submission is likely to be related to software validation documentation. In addition to complying with the recognized IEC 62304 standard, you also need to comply with the five software guidance documents that the FDA has published. The FDA and 3rd-party reviewers use an 11-item checklist based upon the 2005 FDA guidance document on software validation documentation. In addition, if your device has any of the following 5 elements, your submission must also comply with the two FDA guidance documents on cybersecurity:

Cloud communication
Network connection (active or not)
Wireless communication in any form
USB/serial ports/removable media
Software upgrades (this includes patches)

Finally, biocompatibility is the one testing section of your 510k submission that is most likely to result in refusal to accept by the FDA out of the seven sections requiring testing reports. There are several reasons why biocompatibility results in more refusals than the other six testing sections. First, the FDA requirements go above and beyond the requirements of the ISO 10993-1 standard. Second, the FDA requires that you submit full testing reports for biocompatibility while you can submit summaries for other sections (e.g. sterilization validation). Third, many submitters try to provide a rationale for why testing is not required for their device, but the FDA has very stringent requirements for the use of a biological risk assessment or a biocompatibility certification statement in lieu of testing.

Do you have to follow the RTA checklist exactly?

You can, but you are also not bound by it. Like all guidance documents they “contain nonbinding recommendations”. The checklist is released as part of a guidance document, so it is a guidance and not a regulatory requirement. That being said, if your submission is missing an element in the checklist, your 510k submission will be considered administratively incomplete unless you provide a clear explanation as to why the checklist element is not applicable to your submission or you explain how you meet the 510k submission requirement in another way.

Medical devices vary wildly and there is no one size fits all approach. The FDA recognizes that and includes some wiggle room that gives them some discretion in reviewing submissions. However, 100% of the 3,500+ submissions received each year are screened using the refusal to accept (RTA) checklist and the screening person’s job is to verify that your submission meets the criteria. As it says in the guidance document:

“The purpose of the 510(k) acceptance review is to assess whether a submission is administratively complete, in that it includes all of the information necessary for FDA to conduct a substantive review. Therefore, the submission should not be accepted and should receive an RTA designation if one or more of the items noted as RTA items in the checklist are not present and no explanation is provided for the omission(s). However, during the RTA review, FDA staff has the discretion to determine whether missing checklist items are needed to ensure that the submission is administratively complete to allow the submission to be accepted. FDA staff also has the discretion to request missing checklist items interactively from submitters during the RTA review. Interaction during the RTA review is dependent on the FDA staff’s determination that outstanding issues are appropriate for interactive review and that adequate time is available for the submitter to provide supporting information and for FDA staff to assess responses. If one or more items noted as RTA items on the Acceptance Checklist are not present, FDA staff conducting the acceptance review should obtain management concurrence and notify the designated 510(k), contact person, electronically that the submission has not been accepted. “ (Ref. 1).

The portion above notes that explanations may be provided for omitted portions of the submission. So, the answer to the question is that no, you do not have to follow the RTA checklist exactly. However, if you should purposefully omit a section you should provide an explanation and your rationale justifying why the omission is appropriate for your individual device and 510(k) submission. Again, just because you have included an alternative approach or justification does not automatically mean it will be accepted. The FDA personnel that are conducting the acceptance review will judge whether or not your deviation is acceptable.

What if your 510k submission is refused?

If your submission is refused you will be provided with a copy of the completed RTA checklist and each of the deficiencies you must address will be highlighted. Sometimes there will be an attachment to the checklist that has additional issues that are not in the RTA checklist, but the reviewer thinks you may need to address later. You might also see comments that are not highlighted. These are suggestions from the reviewer that you may or may not choose to address.

There is a 180-day timeline for response to an RTA Hold letter. The response must be submitted to the CDRH Document Control Center (DCC) as an eCopy, and the response must be received within 180 days. If the response is not received within 180 days, your submission will be automatically withdrawn on the 181st day. Your response may not be piecemeal. You must address all of the issues in the RTA checklist or your submission will be placed on RTA Hold again (i.e. RTA2). If you are not sure how to organize your response, a previous blog posting and YouTube video address this topic directly.

About the Author

Matthew Walker – QMS, Risk Management, Usability Testing, Cybersecurity

Matthew came to us with a regulatory background that focused on OSHA and NFPA regulations when he was a Firefighter/EMT. Since we kidnapped him from his other career, he now works in Medical Device Quality Management Systems, Technical/Medical Writing, and is a Lead Auditor. Matthew has updated all of our procedures for He is currently a student in Champlain College’s Cybersecurity and Digital Forensics program, and we are proud to say that he is also a member of both the Golden Keys and Phi Theta Kappa Honor Societies! Matthew participates as a member of our audit team and has a passion for risk management and human factors engineering. Always the mad scientist, Matthew pairs his professional life in regulatory affairs with hobbies in the culinary arts as he also holds a Butchers/Meat Cutters certificate from Vermont Technical College.

Email: Matthew@FDAeCopy.com

Connect on Linkedin: http://www.linkedin.com/in/matthew-walker-214718101/

Posted in: 510(k), FDA

How is your response to an Additional Information Request different from an RTA response?

Posted by Rob Packard on June 22, 2021

A poor RTA response will cause a two-week delay, but an additional information request only gets one chance to avoid the dreaded NSE letter.

An Additional Information Request (i.e. AI Request) is typically received just before the 60th day in a 90-day 510k review, while a Refusal to Accept (RTA) Hold is typically received on the 15th day. If your response to your first RTA Hold (i.e. RTA1) is inadequate, the reviewer will issue another RTA Hold letter (i.e. RTA2) and your 510(k) review clock will be reset to 0 days. You will have another 180-days to respond to RTA2, and issues identified in an RTA Hold are usually easy to address. Most RTA Hold issues also have one or more guidance documents that are available to help you to obtain an RTA Accept letter. You can always request a submission-in-review (SIR) meeting to clarify what information the reviewer needs to address the RTA deficiencies too. If you want to learn more about responding to an RTA Hold, please read last week’s blog. The rest of this article is specific to responding to requests for additional information.

What happens after 60 days during a 510k review?

On the 60th day of the 510k review clock, or a few days prior to the 60th day, the lead reviewer must determine if they need to issue an Additional Information (AI) Request. The alternative to an AI Request is for the lead reviewer to issue a letter indicating that you have entered the Interactive Review Phase. This only happens if the reviewer believes they can make a decision regarding substantial equivalence in the next 30 days. If the decision is to issue an Interactive Review Letter, then the lead reviewer believes that only minor issues remain and there is only the need for interactive email responses between the lead reviewer and the submitter. An interactive review is the ideal outcome of the substantive review process but it rarely happens.

If you receive an Additional Information Request, what are your options?

The AI letter will indicate that you have 10 days to request a clarification meeting with the reviewer. The wording of this section of the AI letter is provided below:

“FDA is offering a teleconference within 10 calendar days from the date on this letter to address any clarification questions you may have to pertain to the deficiencies. If you are interested in a teleconference, please provide (1) proposed dates and (2) a list of your clarification questions via email at least 48 hours before the teleconference to the lead reviewer assigned to your submission. We would like to emphasize that the purpose of the meeting is to address specific clarification questions. The teleconference is not intended for the review of new information, test methods, or data; these types of questions could be better addressed via a Submission Issue Q-Submission (Q-Sub). For additional information regarding Q-Subs, please refer to the Guidance for Industry and FDA Staff on Medical Devices: Requests for Feedback and Meetings for Medical Device Submissions at https://www.fda.gov/media/114034/download.”

If you wait too long to request the teleconference, then FDA will require you to submit a formal pre-sub meeting request or “Submission in Review” (SIR) meeting request. If you request a SIR meeting within 60 days of receiving an AI Request, the FDA will schedule a SIR meeting with you within three weeks of receiving the request–assuming resources are available. If you wait longer than 60 days to request the SIR meeting, then the FDA will default to their normal target of 60-75 days for scheduling a pre-sub meeting. For example, if you submit your SIR meeting request on day 75, and the FDA takes 75 days to schedule the meeting, you will be granted your SIR meeting at 150 days and you will only have 30 days remaining to respond to the AI Request before your submission is automatically withdrawn.

Therefore, it is important to request a clarification meeting immediately after you receive the AI Request. While you are waiting for your clarification meeting, you should immediately begin preparing any draft testing protocols that you want the FDA to provide feedback on during a SIR meeting. Then after you have the clarification meeting, you should submit your SIR meeting request and include any draft testing protocols you have prepared. This may include a statistical sampling rationale, a proposed statistical analysis method, a summative usability testing protocol, or a draft protocol for some additional benchtop performance testing. The FDA can review examples of preliminary data, a protocol, or a proposed method of analysis. The FDA cannot, however, provide a determination of substantial equivalence.

The Most Common Mistakes in Responding to an Additional Information Request

Most companies make the mistake of asking the lead review if they provide specific additional information, “Will this be sufficient to obtain 510(k) clearance?” Unfortunately, the FDA is not able to provide that answer until the company has submitted the additional information and the FDA review team has had time to review it thoroughly. This is done only when the submitter delivers an FDA eCopy to the Document Control Center at CDRH, and the review team is able to review the information. This new information is assigned a supplement number (e.g. S001), and it will typically require three weeks to review the information. Then the lead reviewer may request minor modifications to the labeling, instructions for use, or the 510k summary. This request is an interactive request, and the submitter must respond within a very short period (e.g. 48 hours), and the wording of the request may be “Please provide the above information by no later than COB tomorrow.”

FYI: “COB” means “close of business.” Wow. The FDA loves acronyms.

Best Practices in Responding to an Additional Information Request

If you receive an AI request on a Friday afternoon, 58 days after your initial submission, you should immediately request a clarification teleconference with the FDA reviewer for the following week. The only exception is if you only have minor deficiencies that you feel are completely understood. During the days leading up to the clarification teleconference, your team should send a list of clarification questions to the lead reviewer and begin drafting a response memo with a planned response to each deficiency. After the clarification meeting, you will have approximately 6-7 weeks to submit a SIR meeting request. However, you should not wait that long. Your team should make every effort to submit your SIR meeting request within 2-3 weeks. If the FDA takes 3 weeks to schedule your meeting, then you will have used approximately 6 weeks of your 26 weeks to respond to the AI Request.

In your SIR meeting request, you should always try to provide examples or sample calculations to make sure the FDA review team understands what you are proposing to submit in your supplement. For example, the FDA reviewers do not have enough time to review your entire use-related risk analysis (URRA) in a SIR meeting request. However, you can provide an example of how you plan to document a couple of use-related risks. Then you can show how these risks would translate into critical tasks. Finally, you could provide a draft summative usability testing protocol for FDA feedback. The FDA review team doesn’t have enough time available to review much more. You will only have one hour for your SIR meeting.

How to Prepare Your Response

In section “V” of the FDA guidance on deficiency responses, the FDA recommends that you restate the issue identified by the reviewer in your response. Next, your response should include one of the following:

the information or data requested, or
an explanation of why the issue is not relevant, or
alternate information with an explanation of why the information you are providing addresses the issue.

Before you respond to an AI Request, you should look up any FDA guidance documents referenced in the AI Hold letter to make sure that you address each requirement in the applicable FDA guidance document(s).

The most important technique to learn when you are responding to regulators is to organize your response in a tabular format that is numbered in exactly the same order that the request was made. Typically there will also be sub-parts to certain issues. In that case, you should duplicate the numbers and/or letters of each sub-part and segregate each sub-part in a different row of the table. Personally, I like to alternate the color of the font I use in the table to make it even more obvious which information is a restatement of the reviewer’s comment and which information is the company’s response to the AI Request.

Why you don’t get a second chance to respond to an AI Request

Once you respond to an AI Request, and the DCC receives your FDA eCopy, the FDA review clock will then resume the countdown to 90 days. In our example above, you received the AIR Request on the 58th day. The FDA must review everything you submitted and make a final substantial equivalence decision before the 83rd day because they still need to submit their recommendations to senior management in their branch. If any changes to the labeling, instructions for use, or the 510k are required, you should receive those requests several days before (i.e. 76-83 days). You can respond to interactive requests via email, and then the final SE decision will be made. If you do not respond to all of the deficiencies in the AI Request, the FDA reviewer will not have enough time to request that you address the remaining gaps and finish their review. Therefore, an incomplete AI Response will certainly result in a non-substantial equivalence (NSE) letter.

If you need to respond to an additional information request from the FDA reviewer, we can review your planned response to identify potential gaps. If you need help please use our calendly app to schedule a call with a member of our team.

About the Author

Posted in: 510(k)

Leave a Comment (0) →

What are the secrets to success in responding to an FDA RTA Hold?

Posted by Rob Packard on June 15, 2021

When an FDA reviewer places your 510k on RTA Hold, there are secrets you can learn to improve your chances of a successful response.

Test your knowledge about the FDA RTA Hold process

Did you know that approximately 50% of 510(k) submissions are placed on RTA Hold? Did you know that you can be placed on RTA Hold multiple times for the same submission? Did you know that the 90-day review clock is reset to “0” when you submit your response? Do you know how to respond to the FDA when the reviewer is incorrect? Did you know that you can avoid the RTA screening process for any 510(k) submission if you use the correct template? Every year there are more than 1,000 submissions placed on RTA Hold, but did you know there is an FDA guidance specifically telling you how to respond to deficiencies? You can learn the secrets to responding to an FDA RTA Hold just by reading this article.

What is an FDA RTA Hold?

When the FDA receives a Traditional 510k submission FDA eCopy, the eCopy is uploaded to the FDA system within hours of the submission being received. If the eCopy does not meet the eCopy format requirements, then the submission will be placed upon eCopy Hold. The official correspondent will receive an automated email indicating that the submission is on eCopy Hold, and the submitter will be asked to correct the submission format to meet the eCopy submission requirements and provide a replacement eCopy. If the FDA user fee has not cleared, then the submission will be placed on User Fee Hold. It is possible to be placed on eCopy Hold and User Fee Hold at the same time.

If your eCopy is accepted, then a reviewer is assigned to screen your submission for compliance with the FDA Refusal to Accept (RTA) policy. The reviewer has 14 days to complete this review, and on the 15th day the reviewer must do one of three things: 1) issue a RTA Hold letter to the submitter, 2) issue an RTA Acceptance letter to the submitter, or 3) issue a letter that states the RTA screening was not completed on-time and the submission was automatically accepted. If your receive an RTA Hold letter, it will be via email from the reviewer and the RTA Checklist will be attached. In the checklist, there will some items highlighted in yellow and deficiencies will be noted in those sections. The reviewer may add additional comments to the checklist, but you are only required to respond to the highlighted sections. The process that the reviewer follows for RTA screening is defined in the FDA guidance for the Refusal to Accept process, and the guidance includes a checklist for traditional, abbreviated, and special 510k submissions. Some companies will fill in these checklists themselves and submit a copy of the checklist with the 510k submission. This is intended to help the reviewer identify where all of the requirements in the RTA checklist can be found. Third-party reviewers require that the company complete the RTA checklist and provide it to them with the eCopy.

How many times can you be placed on hold for the same submission?

Technically there is no limit to the number of times a submission can be placed on RTA Hold, and our firm has seen a few submissions placed on RTA Hold twice in a row. The first RTA Hold is referred to as RTA1, and the response to that RTA Hold is referred to as the first supplement (i.e. K123456/S001). If a second RTA Hold is issued, that hold is RTA2, and the response to that RTA Hold is referred to as the second supplement (i.e. K123456/S002). A response to an eCopy Hold is referred to as an amendment (i.e. K123456/A001).

What happens to the 90-day review clock when you are placed on RTA Hold?

When the FDA reviewer places your submission on RTA Hold, the 90-day review clock is automatically reset. Therefore, even if you respond to an RTA Hold on the same day you receive the RTA Hold, and your submission is received the next day, the “real” review timeline is now 106 days instead of 90. If your submission is placed on RTA Hold twice, then the “real” review timeline is now 122 days instead of 90. If the lead reviewer of your 510k requests additional information, this is referred to as an “AI Request.” We will address this in a future blog, but an AI Request does not reset the review timeline. The AI Request, however, will increase the review timeline. Although we rarely have an RTA Hold, we almost always have an AI Request. This is why our average submission is approximately 125 days (i.e. ~30 days are required to respond to the AI Request.

How should you respond if the FDA reviewer is incorrect?

The average 510(k) submission has grown over time from 300 pages to more than 1,200 pages, but the FDA review “clock” is still 90 days and the RTA screening is limited to 15 days. Therefore, it is not reasonable for you to expect the reviewer to understand and absorb every detail of your submission. If the reviewer can’t find the information they are looking for quickly, the reviewer may state that they could not find the information in the submission or that you did not provide it. If the information is found in the submission, you should provide a reference to the section of the submission, including the document and page number, in your RTA response. You may even choose to quote the information in your response memo if it is brief.

Other times the reviewer may not understand why certain information is not relevant to your submission. In this case, you should restate why the information requested is not relevant. You may want to review relevant FDA guidance documents that explain how to justify why information is not required. For example, if you did not provide biocompatibility testing reports for some of the endpoints that are identified in ISO 10993-1:2018, then you should either provide a detailed biological risk assessment in accordance with the FDA guidance on the use of ISO 10993-1, or you should provide a biocompatibility certification statement.

If you are not sure why the FDA reviewer stated the information you provided is not acceptable, you might try calling or emailing the reviewer to ask for clarification. If you do this, be respectful of their time and be brief. You should identify who you are (you must be the official submission correspondent to speak with the reviewer), you should identify which submission you are contacting the reviewer about (they are working on many simultaneously), you should restate the issue identified by the reviewer (it may have been an issue of another member of the review team), and then you should indicate where the information can be found in the submission. If they believe this addresses the issue, then they will instruct you to provide that information in an RTA response. If the information does not address the issue, usually they will explain why. Your chances of receiving an email response are also better than speaking to the person on the phone–especially during the Covid-19 pandemic.

FDA eSTAR submissions are not subjected to the RTA screening process

When you use the FDA eSTAR submission instead of creating an eCopy, your submission should already meet all of the RTA screening requirements. The eSTAR includes automation to validate that the submission is administratively complete and therefore the reviewer does not need to do an RTA screening of an eSTAR submission. Therefore, most companies should realize a shorter overall 510k clearance timelines, because they will only have an AI Request and the review clock will not be reset.

Does the FDA offer any guidance on how to respond to deficiencies?

When the FDA writes deficiencies, the reviewer is supposed to follow the FDA guidance for deficiency content and format. However, the RTA checklist deficiencies typically are shorter and may not be as clear as a deficiency in additional information (AI) requests or non-substantial equivalence (NSE) letters. The first part of the deficiency is a reference to the information that was provided by the submitter (i.e. section, page number, or table). In an RTA checklist, each deficiency is provided in the comments section at the end of the section of the checklist. Therefore, if you have a deficiency related to your device description, the deficiency will be written at the end of the device description section of the RTA checklist. The comment will be highlighted in yellow, and there will be a checkbox next to the specific checklist item indicating that the requirement was not met. In the far-right column of the checklist, there will be a reference to the page of the submission where the deficiency can be found.

In the comment there reviewer should explain why the current information does not meet the requirement of the RTA checklist. The reviewer should also clarify the relevance of the deficiency with regard to the substantial equivalence determination. For the example of a deficiency related to your device description, usually, the issue is that your submission has inconsistencies between the various submissions or there is insufficient detail about your device. At the end of the comment, the reviewer should provide an explicit request for the information needed to address the RTA Hold.

the information or data requested, or
an explanation of why the issue is not relevant, or
alternate information with an explanation of why the information you are providing addresses the issue.

Before you respond to an RTA Hold, you should look up any FDA guidance documents referenced in the RTA Checklist to make sure that you address each requirement in the applicable FDA guidance document(s).

Regardless of how well your response is organized, you must respond within 180 days. On the 181st day, your submission will be automatically withdrawn. The agency has granted extensions of an additional 180 days during the Covid-19 pandemic, but that will end and you should verify if you can obtain an extension from the reviewer rather than assume that this will happen. If the 180th day is on a weekend or US holiday, the Document Control Center (DCC) at the FDA will not receive your submission until the next business day. Therefore, you will need to ship your submission earlier to ensure the delivery is received on time. Since most companies are shipping their RTA response via FedEx or UPS to the FDA, you also will want to make sure you take into account customs clearance for international shipments and local holidays where you are. If you are shipping from the UK, for example, you can’t expect FedEx to ship on a British holiday. If you need help with printing and shipping your RTA response, Medical Device Academy offers an eCopy print and ship service for $99/eCopy (including the overnight FedEx fee).

If your 510k submission was placed on RTA Hold by the FDA, we can help you respond to the deficiencies identified by the FDA reviewer. We can also review your planned response to identify potential gaps. If you need help please use our calendly app to schedule a call with a member of our team.

About the Author

Posted in: 510(k)

Which changes are forgotten in your MDR labeling procedure?

Posted by Rob Packard on June 10, 2021

Did you forget any of the MDR labeling procedure requirements when you were updating your device labeling for CE Marking?

Don’t forget to subscribe to our YouTube channel for more medical device quality and regulatory training. The topic of this article is how to create an MDR labeling procedure for compliance with Regulation (EU) 2017/745 (MDR) for CE Marking of medical devices. The MDR does not actually include a requirement for a labeling procedure. In fact, the MDR doesn’t even specifically require that you have ISO 13485:2016 certification. ISO 13485:2016, clause 7.5.1 states that you shall implement “defined operations for labeling and packaging,” but the standard doesn’t specifically say that “the organization shall document procedures” for labeling. In 21 CFR 820.120, the FDA states that “each manufacturer shall establish and maintain procedures to control labeling activities.” But there is no similar requirement in the MDR.

MDR Quality System Requirements

Article 10 is the section of the MDR that defines the obligations for device manufacturers to create quality system procedures, but a labeling procedure is not specifically mentioned. Article 10(9)(a) states that your quality system shall include “a strategy for regulatory compliance, including…procedures for management of modifications to the devices covered by the system,” and this would include label changes. The next paragraph states that your quality system shall include, “identification of applicable general safety and performance requirements.” The general safety and performance requirements (GSPRs) are found in Annex I of the MDR, and the very last GSPR (i.e. GSPR 23) is for your label and instructions for use.

Then, which changes do you need to make for the MDR labeling procedure?

The GSPRs in Annex I of the MDR are longer than the Essential Requirements that were in the MDD. In addition to the new requirements for UDI compliance (which you should address in a UDI Requirements Procedure), GSPR 23 has new general requirements (i.e. 23.1) and new requirements for information on the sterile packaging (i.e. 23.3). There is also a more detailed specification for the information on the label (i.e. 23.2) and the information in the instructions for use (i.e. 23.4). The approach for demonstrating compliance with the GSPRs suggested in the MDR is to provide a checklist. Therefore, most manufacturers of CE Marked devices have replaced their Essential Requirements Checklist (ERC) with a GSPR checklist. However, if you are reviewing a draft label for approval, you don’t want to review and update your entire 22-page, GSPR checklist for every label.

The more efficient approach is to create one or more labeling checklists that are specific to the requirements in GSPR 23. If you create a separate checklist for the label, the information on the sterile packaging, and for the information in the instructions for use, then you would have three shorter checklists to complete. The label checklist and the checklist of the information on the sterile packaging would be only one page each, while the checklist for the instructions for use would be approximately four pages. There may be additional labeling requirements for specific countries and types of devices. Electrical medical equipment also has specific labeling requirements in IEC 60601-1 and IEC 60601-1-2. You will also need to create a user needs specification that can be used as criteria for summative usability testing (i.e. validation that the design and risk controls implemented meet the user needs specification). You should also document a use-related risk analysis (URRA), and perform formative testing, in order to identify critical tasks which need to be in the instructions for use to prevent use errors.

Are there any other MDR requirements that you should address in a labeling procedure?

There are two other requirements that should be addressed in your labeling procedure. The first is the general labeling requirements in GSPR 23.1. Withing GSPR 23.1, there are actually nine “sub-requirements.” The first “sub-requirement” in GSPR 23.1 is to provide the identity of the device, your company, and any safety and performance information needed by the user on the packaging or the instructions for use, and on your website. Many manufacturers do not want to make this information available on their website, because it makes it easier for competitors to copy the instructions for use, but this is not optional. This requirement and the other eight requirements in GSPR 23.1 could be included in your procedure or as part of a fourth labeling checklist associated with your MDR labeling procedure.

The second requirement is the requirement to translate your instructions for use into an official Union language(s) determined by the member state where your device will be made available to the intended user or patient. Creating these translations, and verifying the accuracy of the translations, can be expensive and burdensome–especially if your device is sold in most of the member states.

You might also consider implant cards as labeling requirements and try to add them to your MDR labeling procedure. However, if the requirement for implant cards (see Article 18 of the MDR) is applicable to your company you should create an implant card procedure instead because this is a detailed and critical requirement that will not apply to most of the other labels in your company. You should make sure that the implant card procedure is compliant with MDCG 2021-11 released in May 2021 and MDCG 20201-8 v2 release in March 2020. These guidance documents also have great examples of how to design your implant cards.

Other changes in labeling requirements

The ISO 15223-1:2016 standard has been revised and was expected for release at the end of 2020. However, only draft versions are currently available (i.e. ISO/DIS 15223-1:2020). This new version of the standard for symbols to be used with labeling will also need to be updated shortly in your MDR labeling procedure. This new version is already referenced in the medical device standard for information provided by the manufacturer (i.e. EN ISO 20417:2021)–which supersedes EN 1041:2008. Consultants and chat rooms have argued over whether the requirement for identifying the importer must be on the label or if it could be presented in other documents. EN ISO 20417:2021 resolves this dispute in section 7.1: “Where necessary, the label of a medical device or accessory shall include the name or trade name and full address of the importer to which the responsible organization can refer.” In the note following that clause, it clarifies that “This can be required by the authority having jurisdiction.” There is even a new symbol referenced for importers (i.e. Symbol 5.1.8 in ISO 15223-1).

If you have specific questions about device labeling or MDR compliance, please use our calendly app to schedule a call with a member of our team. You can also purchase our labeling and translation procedure (SYS-030) to save yourself the time and effort of making your own versions of the labeling checklist described above.

About the Author

Posted in: CE Marking

Leave a Comment (0) →

Software as a medical device (SaMD)

Posted by Rob Packard on June 1, 2021

Can you combine the software development lifecycle with design controls when you are developing software as a medical device (SaMD)?

Don’t forget to subscribe to our YouTube channel for more medical device quality and regulatory training. There has been a remarkable increase in the number of medical devices developed in the past few years that consist of only software. The medical device industry refers to these products as software as a medical device (SaMD). Along with the increase in the number of SaMDs on the market, there has also been an increase in the number of companies that are developing these SaMDs without any prior medical device industry experience. Medical Device Academy specializes in helping start-up medical device companies, and we see common characteristics shared by these MedTech start-ups. First, they are usually successful in demonstrating proof of concept for their software device within months. Second, the development team is typically virtual (i.e. everyone lives in a different state or even in different countries). Third, the development team does not include anyone with quality or regulatory responsibility. Fourth, the company has not implemented software design controls or started a design history file (DHF). Fifth, the company is not even aware of the existence of IEC 62304 (less expensive than other websites) –the international standard that defines the life cycle requirements for medical device software.

The above situation is quite common, but it is not a serious problem. These Medtech start-ups just need guidance on how to comply with medical device regulations without creating an overly burdensome quality system and excessive documentation. At the same time, these companies need to stay small, agile, and thrifty. Most people believe that the quality system and software documentation process slows down the development process, but the intent is to prevent mistakes and to help you plan the design and development of your SaMD so that the resulting software is safe and performs as you intended (i.e. efficacious). In order to create a quality system and software documentation process that is lean and efficient, there are some common pitfalls you should avoid.

When do you need to implement a quality system for software as a medical device (SaMD)?

When a quality system is required depends upon which market you are launching your product in first. If you are launching your product in Canada, you need a special kind of quality system certificate before you can apply for a Canadian Medical Device License (i.e. MDSAP Certificate for ISO 13485:2016). MDSAP stands for “medical device single audit program,” and there are only 16 organizations that can issue this type of certificate. If you are launching your product in Europe, you will go through your ISO 13485 quality system certification in parallel with obtaining the CE Certification of your SaMD. If you are launching your product in the USA, you do not need your quality system to be complete until after you obtain 510(k) clearance and you are ready to register and list with the FDA. You also do not need ISO certification for the US market. If your SaMD is a Class 1 device in any of these three markets, you may have fewer quality systems and regulatory requirements.

Regardless of which market you are planning to launch your product in, you should not invest in a complete quality system and then develop your SaMD. You should either develop both in parallel, or you should develop your SaMD first. The only processes that are really important to implement at the beginning of product development are 1) design controls, 2) software development, 3) risk management, and 4) usability engineering or human factors testing. You can wait to implement the other 20+ procedures until you are entering the design transfer phase of your design and development project.

Do you need separate procedures for design controls, change control, and software development?

If you are developing a complex system that includes hardware and software you should probably have three separate procedures. The reason for this is that there are different quality systems and regulatory requirements for changes to hardware and software. If you are only developing SaMD, then you can easily combine these three processes into one procedure. The video at the beginning of this blog describes how to combine these three into one procedure, but the following outlines the software documentation that should be covered in each stage of your design process:

Phase 1 – Design planning requires identification of the software risk classification (i.e. A, B, or C) in accordance with IEC 62304, and the Level of Concern (LoC) for your software in accordance with the FDA guidance for software documentation. Regardless of what the LoC is for your SaMD, you will still need to develop the documentation required for the risk classification in IEC 62304–even if the FDA does not want to review all of that documentation in your 510(k) submission. You will also need to identify the regulatory pathway for your SaMD. Your design plan will identify the team members and each person’s role and responsibility. This phase is when you should document your software development environment, create a draft software description, and create a draft software architecture diagram.
Phase 2 – Design inputs must be documented and approved in the second phase. These inputs are testing requirements. Therefore, you need to develop a testing plan for your product based upon the regulatory pathway for that product, recognized international standards or common specifications, and any guidance documents that are specific to your type of SaMD. Typically, it is recommended to review your testing plan with a regulator in a pre-submission meeting prior to conducting your verification and validation testing–especially if animal preclinical studies or human clinical studies are required. This phase is when you should conduct a hazard analysis and approve your software requirements specification (SRS). The hazard analysis should include use-related risk analysis (URRA) and cybersecurity risk analysis.
Phase 3 – Design outputs are iteratively developed during the third phase. This is typically the longest phase of your development process, and the “Waterfall Diagram” is not an accurate depiction of most software development processes. The “V-Diagram” presented in IEC 62304 is a better representation of the software development process because you continuously repeat steps as you debug your code and add functionality to your software. Only the simplest firmware is written in a linear fashion without multiple debug and retest cycles, and lean product development methods (i.e. Agile programming) are intended to be iterative. This phase of development is complete when you conduct a “design freeze” and begin your verification and validation testing. Typically, companies that are developing SaMD can complete most of their unit testing and integration testing prior to the design freeze, but system validation may not be conducted until phase 4. Unfortunately, the unit testing and integration testing can only proceed so far if you have an embedded system (i.e. software embedded in hardware). If the SaMD requires human clinical studies, that software validation is performed during Phase 4. Phase 3 is when you should be documenting your software design specifications (SDS), unit testing, and integration testing. Any formative testing required for the user interface would be done during this phase. Formative testing may include: 1) evaluating very software functions, 2) developing directions for use, and 3) developing a training program for users. You should write testing protocols for system validation and summative usability testing during this phase as well. It is important to identify all of the critical tasks related to use-related risks during this phase and document them. These critical tasks determine the summative usability testing required. It is also an excellent idea to start drafting a traceability matrix during this phase to ensure that each hazard and SRS item is being addressed in your verification and validation plan.
Phase 4 – Design verification and validation of your SaMD are completed during this phase. At the end of this phase, you should have a complete traceability matrix, you should create a summary report of your unit testing and integration testing, and you should create a system validation report–including any benchtop, animal, or human performance testing is conducted. You should also create a revision history document and a bug report identifying any known bugs in the software with a justification for why the software is safe to release with these bugs. This phase is also when you should complete your risk management file and your summative usability testing report. Finally, you need to complete a final draft of your user manual for the software that includes directions for use and the indications for use. When all of this documentation is completed, you are ready for your regulatory submission.
Phase 5 – Product release is the last phase of design and development. Once you receive 510k clearance for your SaMD, then you can begin the final release of your product. You will need to update your “splash” or “about” screen for the software to include a Unique Device Identifier (UDI). The information will need to be uploaded to the FDA’s GUDID. You can assign the DI for the UDI anytime, but the GUDID data elements cannot be finalized until you have 510k clearance from the FDA. You will also need to manage revisions of your software for this minor change and revalidate the code. This type of change will not require a new 510k, because it is a minor device modification. However, you will need to review the FDA guidance on software changes for other types of software revisions you make in the future.

Should you outsource software documentation for software as a medical device (SaMD)?

You can outsource all of your software documentation for a SaMD, but the person(s) creating that documentation will still need the documents mentioned in phase 2. If you do not provide any documentation of hazards, a software description, or a crude sketch of your software’s architecture, it will be nearly impossible for anyone to create your software documentation. It is also extremely expensive to outsource software documentation. Even if you do outsource this task, you still will need to review and approve that documentation. Most people outsource tasks because they don’t know how to do it, but it is critical for medical device companies to learn how to document their software development because they will need to maintain that documentation when the software is updated to fix a software bug or to patch cybersecurity weaknesses. Everyone that is developing software for a SaMD should receive basic training on the requirements of IEC 62304 early in your project. Your team does not need to be an expert in IEC 62304, but you need to create draft documents that you can present to experts for feedback. Your team should also review all four of the guidance documents that the FDA released for software documentation:

Creating your documentation is the hard part that your team should be doing while reviewing and editing your documentation is a great task to hire an expert consultant for your first SaMD project. This will ensure your team is writing the software documentation to the correct level of detail, and that you are not missing anything critical. Expert consultants can also provide you with templates for your software documentation.

Does software as a medical device (SaMD) require an electronic quality management system (eQMS)?

There are two types of quality systems: 1) paper-based, and 2) electronic. Most start-up companies chose the paper-based option because they don’t want the extra hassle of having to validate an electronic system. However, if your company is smart enough to validate SaMD, you are smart enough to validate software for your quality system too. The applicable standard for validation of software tools is ISO/TR 80002-2:2017. You can also purchase templates for software tool validation from Medical Device Academy. Companies are always asking for a referral of which eQMS system to purchase. The problem is that every year software has more functionality and costs less. Therefore, my general advice is to never pay more than $10,000 for eQMS as a start-up and consider starting with free database software to organize all of the documentation that is in your traceability matrix. You can migrate the data into an eQMS later by mapping your free database to the new eQMS software database.

Who should be responsible for QA and RA for software as a medical device (SaMD)?

Quality and regulatory are two different functions, and it doesn’t always make sense to have one person be responsible for both requirements. The two primary standards that are applicable to the quality assurance of SaMD are 1) IEC 62304, and 2) ISO 13485. Anyone you are considering for the position of quality manager should be familiar with both standards, and they should be making sure that your development team is documenting the software verification and validation as you proceed through the iterative software development process that is typical of Agile software development teams. The person doesn’t need to be able to code software, but they should be able to help review software documentation and suggest changes. This person’s role is extremely important to make sure that software revisions are managed properly, your software is only released when all of the validation and revalidation are complete. This person should also be able to determine if a new 510(k) is required for software modifications.

The regulatory process is the preparation of the 510k submission and communications with the FDA. This is an activity that you will probably need to perform once every two years. The FDA requirements for a 510k change more frequently than once every two years, and it is extremely difficult to become proficient when you are filling out government forms so rarely. For these reasons, it is recommended to work with an expert regulatory consultant with SaMD experience until your company has enough software products and revisions that you need to file multiple 510k submissions each year. Therefore, a less experienced quality manager can gradually learn the regulatory requirements over time and they will need less help from a regulatory consultant each year.

How do you measure quality for SaMD?

A lot of software developers struggle with identifying quality metrics if they are developing software as a medical device (SaMD). There are many aspects of software development that you can measure. Here’s a list of examples:

customer feedback
the velocity of Agile sprints
coding errors
what is the development lead time?
how fast does the software load?
technical support requests
software configuration errors
duration of software validation
software validation documentation burden
post-market surveillance of use errors
How many software bug remain?

Do you need a corporate office?

Many MedTech companies are virtual companies, but the FDA will require a physical address to visit for an FDA inspection. FDA inspectors have visited the home of the company founder at other companies, but you probably will be more comfortable with an office space for the FDA inspector to visit. The FDA is unlikely to visit your company during the first year after you initially register your product. An inspection is more likely in the second year after initial registration and listing. Therefore, you might consider renting a co-working space where you can reserve a conference room if an FDA inspector visits. If you don’t have the funds to afford rent until after you launch your product, don’t worry. FDA inspectors are unlikely to visit so soon, and if they do–just relax and be honest about the situation. You are not alone.

About the Author

Robert Packard is a regulatory consultant with 25+ years of experience in the medical device, pharmaceutical, and biotechnology industries. He is a graduate of UConn in Chemical Engineering. Robert was a senior manager at several medical device companies—including the President/CEO of a laparoscopic imaging company. His Quality Management System expertise covers all aspects of developing, training, implementing, and maintaining ISO 13485 and ISO 14971 certifications. From 2009 to 2012, he was a lead auditor and instructor for one of the largest Notified Bodies. Robert’s specialty is regulatory submissions for high-risk medical devices, such as implants and drug/device combination products for CE marking applications, Canadian medical device applications, and 510(k) submissions. The most favorite part of his job is training others. He can be reached via phone at 802.258.1881 or by email. You can also follow him on Google+, LinkedIn, or Twitter.

Posted in: Design Control, Software Verification and Validation

Before 510k clearance, 10 quality tasks you need to prevent unexpected delays

Posted by Matthew Walker on May 20, 2021

The US FDA does not require that 100% of your quality system be implemented before 510k clearance, but these 10 activities need to be done.

The form above allows you to register for a live webinar we are hosting on Friday, May 21, 2021 @ 1 pm EDT. The webinar will share the 510k project management lessons learned by our team since 2016. In addition to 510k project management, MedTech companies also need to implement their quality system in parallel with their regulatory submissions. Some people say that you need to implement your quality system before you submit your 510k. That is not an FDA requirement, but you do have quality system activities that need to be done before you will have all of the technical documentation you need to submit a 510k. This article describes 10 quality tasks you need to prevent unexpected delays.

Design & Risk Management Planning

Design & Risk Management Planning is your 1st priority because you want to identify all of the major activities that need to be completed in your design and risk management processes and which activities are critical path items. Otherwise, you will have unexpected delays. You can and should add details to the plan as you go, but items 2-9 listed below should be included in that initial plan–along with your design and risk management activities.

Risk Management Activities are Needed Before 510k Clearance

Risk Management is your 2nd priority because it’s an input to almost everything else listed below – this includes hazard identification, creating a use-related risk analysis (URRA), and identifying cybersecurity risks if you have software/firmware. Reference: ISO 14971:2019 Medical devices — Application of risk management to medical devices. Cybersecurity depending on the device should evaluate security as an overlapping but separate area from risk management. (Reference AAMI TIR57: 2016 Principles For Medical Device Security – Risk Management.)

Formative Usability Testing

Formative Usability Testing is your 3rd priority because this helps you evaluate your device design while it’s still evolving. Formative testing helps you identify opportunities for improvement, provides confirmation that your design is moving in the right direction, and identifies potential use errors while there is still time to implement effective risk controls such as alarms and other safety features. References:

Software Validation is Needed Before 510k Clearance

Software Validation is your 4th priority because it must precede electrical safety testing for electromedical devices and most companies underestimate the time required to document software validation in accordance with IEC 62304:2006 / AMD 1:2015 and the FDA’s five guidance documents:

Supplier Qualification is Needed Before 510k Clearance

Supplier qualification is your 5th priority because you do not want to order all of your prototype parts for the initial testing parts and then find out that the supplier is not capable of supporting you commercially. If you have to switch suppliers you might be forced to repeat biocompatibility testing and other design verification testing due to changes in the manufacturing process. Implementation of a supplier qualification process before 510k clearance is needed.

Label & IFU Requirements Specifications

Label requirements and instructions for use requirements specifications is your 6th priority because you cannot perform electrical safety testing or design validation (including summative usability testing) of your device without labeling and instructions. These requirements are the design inputs for information provided to the user and these must be controlled under design controls rather than document control.

Packaging Specifications

Packaging specifications is the 7th priority you should implement before 510k clearance because the packaging is needed to maintain sterility, to ensure product stability, and to protect the product from shipping. Companies are also frequently surprised by the long lead times associated with ordering custom packaging and you may not have the budget to validate sub-optimal “stock” packaging for your 510(k) submission and then repeat the validation for the optimized packaging later.

Quality System Implementation

Quality system implementation is the 8th priority for implementation before 510k clearance because you will need a fully functional quality system by the time your 510(k) is cleared. Quality system implementation typically takes 6+ months while the 510(k) review should take 4 months or less. Quality system implementation includes writing 25+ procedures, reviewing and approving those procedures, training your employees, and actually using those procedures to begin generating quality system records. For companies that are pursuing Canadian Licensing or CE Marking, the quality system must be fully implemented and certified before the regulatory submission is possible. (Quality System Requirements for the U.S. FDA are outlined within 21 CFR 820-Quality System Regulation)

Summative Usability Testing

Summative usability testing should happen after Design Freeze or you risk having to backtrack in your design process if this validation test reveals a need for device changes. The FDA’s 2016 Usability Guidance explicitly defines this validation testing as just a portion of overall design validation. (Reference Applying Human Factors and Usability Engineering to Medical Devices Guidance for Industry and Food and Drug Administration Staff (2016))

Apply for Small Business Status Before 510k Clearance

Application for small business status should be the 10th priority for implementation before 510k clearance because this can save your company $9,000+ but it requires that you submit your application at least 60 days before you need to pay the 510(k) user fee.

About the Author

Matthew Walker – QMS, Risk Management, Usability Testing, Cybersecurity

Matthew came to us with a regulatory background that focused on OSHA and NFPA regulations when he was a Firefighter/EMT. Since we kidnapped him from his other career, he now works in Medical Device Quality Management Systems, Technical/Medical Writing and is a Lead Auditor. He is currently a student in the Champlain College’s Cybersecurity and Digital Forensics program, and we are proud to say that he is also a member of both the Golden Keys and Phi Theta Kappa Honor Societies! Matthew participates as a member of our audit team and has a passion for risk management and human factors engineering. Always the mad scientist, Matthew pairs his professional life in regulatory affairs with hobbies in the culinary arts as he also holds a Butchers/Meat Cutters certificate from Vermont Technical College.

Email: Matthew@FDAeCopy.com

Connect on Linkedin: http://www.linkedin.com/in/matthew-walker-214718101/

Posted in: 510(k)

Leave a Comment (0) →

Contract Manufacturers Need Strong Risk Management Processes

Posted by Rob Packard on January 5, 2021

This blog discusses why contract manufacturers need to have a strong risk management process, and your company needs to help your contract manufacturers. This article was updated on April 28, 2022, and the original publication was January 05, 2011. Please ignore the date of publication at the top of the post for articles that are more than a year old.

Risk management is not our responsibility Contract Manufacturers Need Strong Risk Management Processes

Can contract manufacturers exclude risk management from the scope of their quality system?

Most contract manufacturers in the medical device industry exclude design from their Quality Management Systems. Unfortunately, most of the contract manufacturers also associate risk management with only the design process. Risk Management cannot be “not applicable” in an ISO 13485 Quality Management System. The requirement of section 7.1 is: “The organization shall establish documented requirements for risk management throughout product realization. Records arising from risk management shall be maintained.” The Standard also references ISO 14971 as a source of guidance on Risk Management.

Medical Device Academy also offers a Two-Part Risk Management Training Webinar for ISO 14971:2019.

Have you experienced an audit dialogue at a contract manufacturer similar to this?

The auditor asks, “How do you manage risk throughout the production process?” Then the auditee responds, “That is the responsibility of our customers. We will prepare a risk analysis if customers pay for it, but usually, customers do the risk analysis.”

For a contract manufacturer, compliance with ISO 14971 is not my primary concern as an auditor. My primary concern is to verify that contract manufacturers analyze risks associated with the processes that they perform and do their best to minimize those risks. What I don’t understand is why more companies don’t want to have strong risk management processes. Risk management is how we prevent bad things from happening. Bad stuff like scrap, complaints, and recalls. Should we expect our suppliers to have a strong risk management process?

Duh.

Why your company needs to be involved in the risk management process?

Risk is a process 1 1024x1024 Contract Manufacturers Need Strong Risk Management Processes

Contract manufacturers should be doing everything they can to get better at risk management. During pre-production planning, they should be asking, “What happens if…” The contract manufacturer knows best HOW things will fail in production, while the customer knows best WHAT happens when things fail in production. To be safe and effective, both companies need to collaborate on risk analysis.

In any risk analysis, you need to estimate the severity of potential harm and the probability of occurrence of that harm. For production defects, the contract manufacturer can estimate the probability of occurrence of defects (i.e., P1 in Annex E of ISO 14971:2007), but the likelihood of occurrence of harm is less. The probability of occurrence of harm is the product of multiplying P1 and P2. The probability that occurrence will result in harm is P2, and P2 is a number that is less than 100% or 1. Your company can gather pre-market clinical data and post-market clinical data to estimate P2, but before launching your product, you can only guess at the value of P2. Your contract manufacturer, however, is not able to estimate P2 at all. It’s ok to estimate risk without P2 during the design phase because this will overestimate risks and result in more conservative decisions.

In addition to P2, your contract manufacturer is also not capable of estimating the severity of potential harm. As the designer of the medical device, you will know best how your device is used and what the likely clinical outcomes are when a device malfunctions. There may even be multiple possible clinical outcomes. The contract manufacturer knows what can go wrong during manufacturing, but you will need to define the clinical outcomes due to malfunctions.

Why do contract manufacturers avoid doing risk analysis?

The reason contract manufacturers avoid doing risk analysis is because it’s time-consuming and tedious.

Too bad, so sad.

Balancing my checkbook is time-consuming and tedious too, but I balance my checkbook to prevent an overdraft charge. Not doing a risk analysis can be much more painful. Scrapping out a part can cost tens or hundreds of dollars. Complaints can cost thousands of dollars. Recalls can cost millions of dollars.

If I owned a contract manufacturing company, I would ensure that everyone in the company is involved in risk management. We don’t want scrap, we can’t afford mistakes that lead to complaints, and a recall could put us out of business.

How Medical Device Academy Can Help?

Medical device academy can help both the contract manufacturer and the specification developer utilizing a contract manufacturer as a supplier! We offer training on 14971:2019 as well as procedures on risk management and supplier quality management.

Two-part Risk Management Training Webinar for ISO 14971:2019 – Part 1 of this webinar will be presented live on Tuesday, March 29 @ 9-10:30 am EDT. Part 2 of this webinar series will be presented live on Tuesday, April 5 at 9-10:30 am EDT. Purchase of this webinar series will grant the customer access to both live webinars. They will also receive the native slide decks and recording for the two webinars.

Tags: contract manufacturers, risk analysis, Risk Management

Posted in: ISO 14971:2019 (Risk Management)

Supplier Qualification: How To Get The Best Results

Posted by Rob Packard on November 17, 2020

supplier SOP Supplier Qualification: How To Get The Best Results

This article discusses how to utilize various strategies for obtaining greater results related to supplier qualification. This article was updated on April 21, 2022, and the original publication was November 17, 2010. Please ignore the date of publication at the top of the post for articles that are more than a year old.

(Check out our procedure- SYS-011 Supplier Quality Management).

Supplier Qualification in ISO 13485:2016

Section 7.4 of EN ISO 13485:2016 states that companies shall “evaluate and select suppliers… based on their ability to supply product in accordance with the organization’s requirements.” This requirement is quite vague, but the medical device industry has developed a surprisingly limited number of approaches to address the requirement of this clause.

The most common approach is to ask for some combination of the following:

ISO certification,
a copy of the Supplier’s Quality System Manual,
completion of a Supplier Questionnaire and
performing a Supplier Audit.

Unfortunately, all four selection criteria are flawed.

ISO Certification

I think the best way to explain why these criteria are flawed is to use an analogy. Let’s compare qualifying a new supplier with recruiting a new employee. ISO certification is sort of like a college degree. You can make some general assumptions about a potential job candidate based upon which school they got their engineering degree from, but the degree is still just a piece of paper on the wall. As the old joke goes:

” What do you call the person that graduated last in their class at medical school?“

Doctor

Some registrars have a better reputation than others. Still, the name of the registrar is only as good as its worst client—who had four major nonconformities during their last audit and is about to lose that certificate. To improve this approach to supplier qualification, a potential customer could ask for a copy of the most recent audit report. This information is dependent upon the quality of the audit, but this would be a significant improvement over requesting a copy of the certificate.

CAUTION: Audits are still just samples—tiny samples.

Again, like degrees, certification must be relevant. ISO 9001:2015 may be a ‘nice-to-have’ quality for potential suppliers. However, it doesn’t hit the mark if you need them to have ISO 13485:2016 certification. Perhaps you need a European Normative version, or A11:2021 as well. For example, sometimes any law degree might be appropriate. Sometimes you specifically need a degree in healthcare law.

This makes it important to establish the criteria for your supplier evaluation early on in the process. Not just because it is required for standard compliance. It is difficult to evaluate a supplier with no guidance on how or what to evaluate them against.

Supplier Quality Manual

The second selection criteria mentioned is The Quality Manual. The Quality Manual is analogous to a resume. The purpose of a resume is two-fold: 1) to provide an interviewer with information, so they can ask the interviewee questions without looking like an idiot, and 2) to provide objective evidence that a company did not illegally discriminate against a candidate that the hiring manager did not like.

I suppose you could argue that the purpose is to help candidates get a job, but in my own experience, less than 10% of resumes submitted result in a job interview—let alone a job offer. The purpose of a Quality Manual is NOT to help a company get new customers. If I am wrong about this, I need to do a much better job of marketing my Quality Manuals in the future.

Some suppliers have the nerve to say that their Quality Manual is proprietary. Humbug! Proprietary information should not be in the Quality Manual. You can copy a manual from another company and edit a few of the details. I will gladly write you a Quality Manual in less than a week that will pass any auditors review. You can even buy a Quality Manual online (In fact, Medical Device Academy sells one… Online! POL-001 Quality Manual). This almighty document just explains the intent of the Quality System—which is to conform to the requirements of the ISO Standard. Several auditors will tell you that this can be done in just four pages.

When you request a Quality Manual from a supplier, your primary intent for supplier qualification should be to use this document for planning a supplier audit. Any other purpose is just a waste of your time—unless you need to write a Quality Manual of your own.

Supplier Qualification Questionnaire

The third selection criteria I mentioned was: a supplier questionnaire or supplier survey. Questionnaires are analogous to employment applications. Coincidently, supplier questionnaires are often required by companies when a Quality Manual or ISO Certificate is not available. Do you find the similarities eerie?

Questionnaires are typically 15-20 page documents that someone has plagiarized from a previous employer. I have seen various versions of this questionnaire, but several of them appear suspiciously similar. Hmmm?

I am not sure what the original intent of this type of document was, but I think it was intended to capture detailed information about potential suppliers for a company in the Fortune 500^®.

For most companies, 80% of the information on the questionnaire is meaningless. Customer requirements for a supplier are typically few in number and specific to the product or service being purchased. Therefore, please use your MRP system as a template and ensure that the questionnaire answers all the information you need to add the supplier to your system as an approved supplier. You should also have a product or service specification that gives you some more questions to ask.

Ideally, your questionnaire will be organized in the same order that you enter the information into the MRP system. Then this questionnaire will make the data entry easier for the purchasing agent, adding the supplier to the database. Questionnaires and surveys are great, but brevity is next to Godliness.

Supplier Qualification Audits

Finally, we come to the auditor’s favorite—supplier audits. Audits are similar to job interviews. Ideally, you want a cross-functional audit team, and you might need to visit more than once. Unfortunately, most companies cannot afford to audit every supplier. Some companies suppliment with remote audits. I guess I think of a desktop audit as a “phone interview.” I use phone interviews to prescreen candidates before I pay more money and waste other peoples’ time with on-site interviews. Desktop audits of suppliers should not be used as a replacement to an on-site audit, so your supplier quality engineers do not have to spend so many nights at the Hampton Inn.

If audits are your best selection criteria, how can you make the most of your auditing resources? Also, how can you audits for supplier qualification if you only have enough auditors to audit 5% of the approved supplier list? I have the following suggestion: “Start at the end.”

ISO 13485:2016 Clauses 8.5.2 / 8.5.3 CAPA

What I mean by this cryptic, four-word phrase is that auditors should start at the end of the ISO Standard with sections 8.5.2 & 8.5.3 (Corrective and Preventive Action (CAPA) Process). This is the heart of a Quality System. If you disagree, remember that FDA inspectors are required to look at the CAPA system during every Level 1 inspection. Registrars also look at the CAPA process during every assessment—not just the certification audits. The purpose of the CAPA process is to fix problems, so they don’t come back—ever.

If you think that a new supplier is never going to make a mistake, you might as well quit looking. You want suppliers with strong CAPA systems. If a supplier has a strong CAPA system, problems will be fixed quickly and permanently. To sample the CAPA process, an auditor only needs the following: 1) the CAPA procedure(s), 2) the CAPA log(s), and 3) a handful of completed CAPA records—selected not so randomly from the log(s). This can all be done remotely in a desktop audit. If suppliers are resistant to giving you the log or actual records, ask them to redact any sensitive information. If you have executed a nondisclosure agreement, the supplier should agree with this approach.

Analysis of Data for Supplier Qualification

ISO 13485:2016 Clause 8.4 Analysis of Data

Working from the back of the Standard, the next process to sample is clause 8.4 (Analysis of Data). There are four requirements of this clause. If the company has a requirement for customer satisfaction to be measured (ISO 9001:2008 section 8.4a), this is a great place to focus. There are also requirements to look at the trend of product conformity (8.4b), process metrics (8.4c), and trends in supplier data—such as on-time delivery and raw material nonconformities (8.4d). The quality of the analysis will tell an auditor as much about the company as the data itself. This process audit can also be performed remotely as a desktop audit.

A lot has changed since this article was first written. For example, if your potential supplier isn’t using ISO 9001:2015 you may want to verify that other areas of their quality management system aren’t outdated as well.

ISO 13485:2016 Clause 8.3 Control of Nonconforming Materials

Clause 8.3, Control of Nonconforming Materials, is the third area to look at. To sample this area, you will need the “Holy Trinity” again: 1) procedure, 2) log, and 3) records. In this desktop audit, you want to look very closely at any nonconforming materials that are reworked or accepted “as is” (i.e., UAI). Either of these two dispositions should be ULTRA-RARE. Everything else should be processed efficiently as scrap or Return To Vendor (i.e., – RTV).

If a potential supplier passes all three “tests” described above, you are ready to address clause 8.2.4—Monitoring & Measurement of Product. In this section, there is a requirement to maintain records of product release and to verify that product requirements are met. for supplier qualification, if you think you can effectively audit this by paperwork alone, the supplier is a good candidate for “desktop only.” However, if the lot release paperwork, batch record, or Device History Record (DHR) is a 50-page tome—then you better make your flight plans.

The good news is that very few suppliers will pass the first three tests and implode during the on-site audit. Also, with three process audits complete, you should be able to reduce the duration of your on-site audit. Finally, for low-risk suppliers, you have a strong basis for provisional approval of suppliers to proceed with prototype runs before you schedule an on-site audit.

For more information on supplier controls, quality systems, auditing and regulatory submissions visit our Youtube Channel!

Tags: ISO, supplier qualification

Posted in: Supplier Quality Management

Leave a Comment (0) →

What is 510k Content Format

Posted by Rob Packard on July 5, 2020

This article defines the 510k content format for an FDA 510k pre-market notification submission in accordance with the September 13, 2019, FDA guidance.

What is a 510k?

A 510k submission is a pre-market notification submission to the FDA. The “510(k)” designation refers to the applicable section and sub-section of the Food Drug & Cosmetic Act. The “pre-market” designation is a reminder that companies must submit a 510k submission before marketing their products. Finally, the “notification” part of the phrase is used instead of the word “approval” because the FDA does not consider the 510k review process to be an endorsement or approval of your product. Instead, the 510k review process is a review by the FDA to determine if your product meets the requirements of substantial equivalence with a predicate device. The FDA initially performs a prescreening of the 510k submission to verify that it meets the minimum requirements for 510 content format. Then during the 510k substantive review process, the reviewer must answer six questions in the substantial equivalence decision tree:

Is the predicate device legally marketed?
Do the devices have the same intended use?
Do the devices have the same technological characteristics?
Do the different technical characteristics of the devices raise different questions of safety and effectiveness?
Are the methods acceptable?
Do the data demonstrate substantial equivalence?

The 510k process was not intended to be the primary process for regulatory approval by the FDA. The 510k process was intended to be a simplified approach for clearance of devices that are of moderate-risk and similar in design and intended use to another moderate-risk device that is already on the market. However, the process was manipulated as a loophole by device companies to avoid the more rigorous pre-market approval (PMA) process that requires conducting a clinical investigation.

Recent changes to the 510k review process are much deeper than the 510k content format

In approximately 2010, the FDA gradually started making changes to the 510k process. The FDA started publishing more guidance documents specifying both collateral guidance documents that apply to all device classifications (e.g., biocompatibility and human factors ), and particular guidance documents that apply to only a small number of product classifications (e.g., CADe). In 2012, the FDA implemented a new policy called the Refusal to Accept (RTA) Policy for 510(k)s. The FDA implemented this policy to improve the general quality of 510k submissions. All submissions are now subject to a 15-day review of the 510k content format to ensure that the submission includes all 20 required sections required by the FDA, the submission includes a table of contents and page numbering, and the various sections of the 510k include basic elements that are frequently forgotten by companies. Initially, more than 60% of the 510k submissions were rejected during the RTA screening process. Still, submissions have improved, and training of the FDA personnel performing the RTA screening has resulted in a more consistent application of the RTA policy. The FDA also systematically converted each of the remaining Class 3 devices that were eligible for 510k clearance to Class 3 devices requiring a PMA. The most recent changes were the elimination of requiring the submission to include a printed hardcopy of the submission (i.e., FDA eCopy only) and no longer allowing predicates that are more than ten years old.

FDA requirements for 510k Content Format

The FDA requires that your 510k submission is organized into 20 sections as described in section V of the table of contents of the September 13, 2019, FDA 510k guidance document. The FDA no longer requires a hardcopy of the submission. Now the FDA only requires an electronic copy (i.e., FDA eCopy) with a hardcopy of the 510k cover letter. The cover letter may be included in the eCopy, but it is not required. The FDA eCopy guidance document was updated on December 16, 2019.

The FDA eCopy guidance gives you the option of organizing the 20 sections of a 510k into 20 volumes with multiple documents in each volume or to submit sequentially numbered documents. The word “volume” refers to electronic folders in the FDA eCopy rather than physical binders. There is no right or wrong choice regarding volumes—if your eCopy uploads. The answer to this question is personal preference. The FDA recommends that multiple volumes be used for more extensive submissions, but using the same process for every 510(k) submission makes submission teams more efficient. It also is more comfortable for the FDA to navigate between documents when they are not in separate volumes. Therefore, the document structure is generally best for the FDA, and the volume structure is usually best for the company to prevent the need for renumbering files and file names. We always use the volume structure for every submission, even pre-submissions. Submissions are organized into 20 volumes to match the 20 sections of a 510k submission. If we include an RTA Checklist, then we add a 21st volume. The FDA recommends using the 21st volume for miscellaneous appendices, but the volume structure of the submission makes it easy to insert miscellaneous content directly into the applicable sections by adding documents after the initial section summary document.

Overall Numbering or Numbering within Sections?

Again, this is a personal preference. However, there are always last-minute changes to documents. Therefore, whichever numbering system you use should minimize the need for the last-minute renumbering of the entire submission. This is especially painful when you number the overall submission, and then you add a page to the middle of the submission when you are trying to ship out your submission that day. By numbering only the sections, you reduce the amount of rework required. Our firm deviates slightly from the “numbering within sections” requirement. In the table of contents, we indicate how many pages are associated with each document in a volume, and then we start each document with page 1. One FDA reviewer recently requested that we modify this to “page x of y,” where “x” is the page number of that document, and “y” is the total number of pages in the document. Therefore, we updated all of our templates to reflect the “page x of y” format for page numbering.

510k Format Content: Using Your Table of Contents for Project Management

When I was less experienced, I used project management software and action item lists to manage submission projects. Experience has taught me to simplify. Now I only use an action item list to track the progress of individual tasks. To track the overall submission, I now use the table of contents as my project management “report.” If you color-code the rows of your table of contents, you can communicate the status of each document in the submission. At the beginning of the project, all the rows indicate documents are not yet started—signified by the color red. Once I being a document, I change the color to yellow. Finally, when the document is completed, I change the color of the row to green. Three documents require the signature of the official correspondent with the FDA:

510k Cover Letter
Certification Regarding Confidentiality
Truthful and Accuracy Statement

Once these three documents are completed, they still need a signature that should only be applied just before we prepare the eCopy. Therefore, I signify the status of documents waiting for signatures with blue rows. A couple of people struggle with reformatting row colors, but every single person on your team will understand that they want the table of contents to gradually change from red, to yellow and finally to 100% green.

Posted in: 510(k)

Leave a Comment (0) →

Page 5 of 29 «...3 456 7...»