Blog

Archive for FDA

How to request FDA Device Classification information – 513(g) Alternative

This blog provides a five-step process on how to request FDA device classification information. A screenshot of the FDA website for each step is included.

If your company is currently registering with the US FDA, you are probably reviewing the guidance document this month for the FY2013 user fees. On pages six and seven, there is a table of these fees, but you might have overlooked 513(g). Section 513(g) is a provision in the law that allows companies to request device classification information from the FDA.

For example, if your company was developing a new product, and you were having difficulty identifying the regulatory pathway, 513(g) is your friend. In my opinion, these fees are modest: $5,061 = Standard Fee, and $2,530 = Small Business Fee (updated for FY 2022). Most consultants will charge at least ten hours of consulting to identify the regulatory pathway for a company. I would charge quite a bit less because it takes me a lot less than ten hours. I still think the FDA’s pricing is a good deal because getting information directly from the source is always more valuable than an “expert.”

The US FDA has published a guidance document explaining the process for 513(g) requests. This guidance document was released on April 6, 2012 (updated in 2019). The guidance explains what information companies need to provide in order to submit a 513(g) request. The guidance also has a fantastic list of FDA resources on page five. These are the very same resources that the “experts” use—including yours truly.

Just as any good lawyer tries to avoid asking questions that they don’t already know the answer to, I recommend that you first try using these resources yourself. Once you think you know the answer, your request for classification information will be easier to organize.

Here’s how I would proceed to request FDA device classification information: 

Step 1 – Are there similar devices on the market?

Identify another device similar to yours. If you can’t do this, you need serious help. You need a similar device that is already sold on the market to use as a predicate device. If you cannot identify a predicate, then you can’t use the 510(k) process—or you don’t know your competition. Either way, there are challenges to overcome. For example, if you are trying to launch a new topical adhesive made from cyanoacrylate—”Dermabond” might be the first predicate device that comes to mind.

registration and listing How to request FDA Device Classification information   513(g) Alternative

Step 2 – Search the Registration Database for FDA Device Classification

Use the registration and listing database on the FDA website to find the company that manufacturers the device. The link for this is #4 on my helpful links page (updated). This link also will provide you with connections to the classification database—which you can use to find the classification for any device. However, the registration and listing database is less likely to lead you astray. When I type “Dermabond” into the field for the proprietary device name, I get a list of five different product listings.

5 listings for dermabond How to request FDA Device Classification information   513(g) Alternative

Step 3 – Select one of the competitor links to identify the FDA Device Classification

Clicking on any one of these five will take you to a listing page for the corresponding company. On that page, you will find the three-letter product code that identifies the device classification and the applicable regulations for that device.

device listing for dermabond1 How to request FDA Device Classification information   513(g) Alternative

Step 4 – Your found the FDA Device Classification

Clicking on the three-letter product code (i.e., – “MPN” in our Dermabond example) takes you to the Product Classification page. This is where you will find that Dermabond, and other tissue adhesives, are Class II devices that require a 510(k) submission. Also, the Product Classification page identifies an applicable guidance document to follow for design verification and validation testing. This is also called the “Special Controls Document.”

mpn product classification How to request FDA Device Classification information   513(g) Alternative

Step 5 – TheTPLC Report lists all the recent 510(k) submissions

Click on the “TPLC Product Code Report” link. This link will provide you with a report of all the 510(k) ‘s recently granted to your competitors, problems customers have experienced with their products, and recalls for the past five years. This is extremely valuable information as a design input—as well as competitive information for your marketing team.

tplc total product life cycle report for mpn How to request FDA Device Classification information   513(g) Alternative

TPLC Report for Product Code “MPN” – Topical Adhesive

Posted in: FDA

Leave a Comment (1) →

10 FDA Inspection Strategies that DON’T Work

If you were just notified of an FDA inspection and you don’t think you are ready, using tricks to hide your problems is a huge mistake. I have heard a few recommendations over the years for “secrets” to hide those problems. In this post, I share my favorite “secrets”–and why they DON’T work.

Here are my top 10 ways to make an FDA inspection worse:

10. Stalling when the investigator makes a request – This just irritates investigators. At best, the investigator will use the waiting time to identify additional documents to sample or to review the information you have provided more closely. At worst, the investigator will accuse the company of not cooperating with the inspection, and the investigator may return the following week with several more team members to help them. Whenever this occurred during a third-party audit that I conducted, I would move onto another area and interview someone. However, before I left the person that was slow to respond, I provided the person with a list of documents and records that I expected to be waiting for me upon my return. In extreme cases, I had to bluntly tell the management representative that I needed documentation more quickly. As an instructor, I teach auditors techniques for coping with this tactic.

9. Suggesting records for the investigator to sample – This is specifically forbidden in the case of third-party inspections and audits. The FDA has work instructions for identifying sample sizes, and samples are supposed to be selected randomly. In reality, samples are rarely random, and usually, the investigator is following a trail to a specific lot, part number, etc. When clients offered me samples, I tried to be polite and review the record they provided. However, I also would request several other records or follow a trail, as I have indicated above. Another approach I often use is to focus on high-risk items (i.e., – a risk-based approach to sampling). In general, you can expect the FDA investigators to sample more items than a registrar–and sample sizes are often statistically derived if the number of records is sufficiently large. When sample sizes are quite small, I recommend sampling 100% of the records since the previous inspection/audit. This is not always possible for third-party auditors, but internal auditors often can achieve this.

8. Outsourcing processes to subcontractorsThe FDA recently reinstated the requirement for contract manufacturers and contract sterilizers to be registered with the FDA by October 1, 2012. Therefore, hiding manufacturing problems from the FDA by outsourcing manufacturing is increasingly more difficult to do. In addition, the FDA focuses heavily on supplier controls and validation of outsourced processes. Therefore, an investigator will identify high-risk processes performed by subcontractors and request documentation of process validation by that supplier. If the company does not have the validation reports, this could quickly escalate to a 483, and possibly a visit to the subcontractor.

7. Trying to correct problems during the inspection – This is what I like to call the document creation department. At one company I worked for, we noticed a mistake across several of the procedures and made a change overnight between the first and second days of the audit. When the auditor asked for the procedures in the morning, he asked, “Is the ink dry yet?” The auditor then proceeded to request records that demonstrated compliance with the newly minted procedures. As you might have guessed, this resulted in several nonconformities. When clients attempt to correct problems found by an investigator, the investigator typically will respond with the following statement, “I applaud you for taking immediate action to contain and correct the problem. However, you still need to perform an investigation of the root cause and develop a corrective action plan to prevent a recurrence. To do this investigation properly may take several days.” I also teach auditors to memorize this phrase.

6. Writing a letter to file – When companies make minor design changes, one of the most common approaches is to “write a letter to file.” This phrase indicates that the design team is adding a memo to the Design History File (DHF) that justifies why design validation is not required or why regulatory notification/approval is not required. The FDA used to publish a decision tree to help companies make these decisions. In fact, such a decision tree is still part of the Canadian significant change document. The FDA recently withdrew a draft document that eliminated many perceived opportunities to utilize the “letter to file” approach. However, the FDA will still issue a 483 to a company if the investigator can identify a change that required validation that was not done, or a 510(k) that was not submitted for a design change. In fact, the FDA looks explicitly for these types of issues when an investigator is doing a “for cause” inspection after a recall or patient death.

5. Shut it down – Not running a production line that has problems is an ideal strategy for hiding problems. However, the FDA and auditors will simply be forced to spend more time sampling and reviewing records of the problematic production line. If you need to shut a line down, ensure everything is identified as nonconforming, and carefully segregate rejected product from good product. You should also use these problem lines as an opportunity to show off your investigation skills and your ability to initiate CAPAs. If you simply forgot to validate a piece of equipment, or do some maintenance, take your lumps and keep production running. If you are a contract manufacturer, never shut it down without notifying the customer. If you do not tell your customer, you will get a complaint related to on-time delivery and a 483.

4. Storing all records off-site – I first heard about this tactic during an auditor course I was co-teaching. During the course, we had many reasons why the company should be able to provide the records in a timely manner. However, I have experienced this first-hand as a third-party auditor. When this happens, I do three things: 1) increase my sampling of records that are available, 2) carefully review supplier controls and supplier evaluation of the storage facility (assuming it is outsourced), and 3) verify that the company has a systematic means for tracking the location (i.e., – pallet and box) for every record sent to storage. FDA investigators will simply move along to another record and follow-up on their earlier request with a second visit, or a request to send a copy of the document to them after the inspection.

3. Identifying information as confidential – A company can claim information is confidential and may not be shared with the public. Still, very little information is “confidential” concerning the FDA or Notified Bodies. Therefore, this strategy rarely works. In fact, this will enrage most FDA investigators. In training courses, I train auditors to ask the auditee to redact confidential information. For example, a CAPA log may have confidential information in the descriptions, but the trend data on opening and closing dates are never confidential.

2. The FDA is not allowed to look at those records – Although this statement is technically true for internal audit reports and management reviews, the FDA always says that they can access this information through the CAPA system. What the FDA means is that there should always be evidence of CAPAs from internal audits and management reviews. If there is not, then this will quickly become a 483. Another person I met tells the story that when they agreed to share the management review records with the investigator, the inspector rarely issued a 483. When they refused to share the management review with the FDA, the inspection went quite badly from that point forth. I don’t agree with being vindictive, but it happens.

1. Show me where that is required – This is just silly. Investigators and auditors are trained on the regulations, while you are educated on your procedures. Spend your time and effort, figuring out how your procedures meet the regulations in some way. Challenging the investigator excites the investigator. We all like a challenge–and we rarely lose. One auditee tried this approach with me in front of their CEO. This experience allowed me to show off that I had memorized the clause in question–and the corresponding guidance document sections. I think the CEO realized quickly that the management representative was not qualified.

My final advice is to do your best to help the investigator do their job, and treat every 483 as “just an opportunity to improve.” Just ensure you submit a response in 14 days, or you will receive a Warning Letter too!

Posted in: FDA

Leave a Comment (4) →

But What About FDA Regulations?

The author writes that when you are auditing, you should always read the FDA regulations again to ensure accuracy.  

I hear this question, or a question with similar wording, quite frequently when I am auditing. Typically, the question is in response to a better way to do something that seems simple and efficient. Most people seem to approach regulatory requirements with the approach of…let’s bury the regulator in paperwork. While it’s true that auditors expect a certain amount of paperwork with each regulatory requirement, they frequently accept a broader range of documentation than people realize (i.e., one page can be enough).

For example, a design control procedure could be a one-page flowchart that references forms and work instructions, or twelve separate documents, with a minimum length of ten pages and a maximum of forty pages per document. As long as the procedure has sufficient detail for personnel performing these tasks, and all the required elements are included, ISO clauses 7.3.1-7.3.7. An auditor should identify the process as conforming.

However, some people are FDA inspectors looking for NONCONFORMITY!

In the case of inspectors, it is critical to present your information in such a way that it is easy for the inspector to see how you meet the requirements of the regulations. One of the best ways to do that is to reference the requirements directly in your procedures.

For those that prefer finesse try to organize information following the regulations. For example, if I am writing a procedure for an ISO registration audit, I write the procedure to specifically address the ISO sub-clauses. I might even use a document control number like SOP-73 for my “Design and Development” procedure.

In my previous blog posting, http://bit.ly/AuditHours, I suggested a slight change to the scheduling of internal audits. To ensure this meets FDA requirements, the key is to READ THE REGULATIONS AGAIN. Concerning internal auditing, the applicable FDA regulation is 21 CFR 820.22:

“Each manufacturer shall establish procedures for quality audits and conduct such audits to assure that the quality system is in compliance with the established quality system requirements and to determine the effectiveness of the quality system. Quality audits shall be conducted by individuals who do not have direct responsibility for the matters being audited. Corrective action (s), including a reaudit of deficient matters, shall be taken when necessary. A report of the results of each quality audit, and reaudit(s) where taken, shall be made and such reports shall be reviewed by management having responsibility for the matters audited. The dates and results of quality audits and reaudits shall be documented.”

The above requirement is quite vague concerning how many auditors and how many days must be spent auditing. These are the variables I suggested changing in my previous blog http://bit.ly/AuditHours. The FDA regulation 21 CFR 820.22 is specific, however, with regard to documenting the “reaudit” of any deficiencies found during an audit. This prescriptive requirement can be met by reviewing previous audit findings of all audits with the audit program manager during the audit preparation process. The audit program manager can facilitate the assignment of which auditor will reaudit each discovery. This may require a few more minutes of audit preparation, but this should not measurably impact the overall time allocated to an audit.

I do this out of habit when I am performing internal audits on behalf of clients, but if I am auditing the internal audit process of a client—now I’ll remember to point out this additional requirement that is specific to the FDA and not included in the ISO Standard. This is why we should always READ THE REGULATIONS AGAIN.

 

Posted in: FDA

Leave a Comment (0) →
Page 4 of 4 1234