Medtech Makers

Ensuring Global Quality and Regulatory Compliance—A Medtech Makers Q&A

With differing guidelines and regulations around the globe, staying current on all regions in which a company operates can be challenging.

Released By Elevaris Medical Devices

By Sean Fenske, Editor-in-Chief

In a global marketplace, many companies seek to launch their medical devices in multiple regions, serving patients and their physicians in numerous countries. However, within each area, there are typically varying guidelines and regulations that must be followed in order to sell product to that region.

Maintaining compliance with these policies falls to the quality and regulatory professionals at a company. They must ensure the practices of the organization for development, manufacturing, and post-market activities all remain aligned with the requirements of the country into which the product is being sold.

To help clarify the roles of these personnel and explain how an organization can maintain a focus on a global regulatory strategy, Lisa Perronne, Vice President, Quality & Regulatory, at Elevaris Medical Devices, took time to respond to the following series of questions. In this Q&A, she defines the two distinct roles, offers insights on “first to launch,” and comments on post-market surveillance, while also tackling other topics.

Sean Fenske: Quality and regulatory are often grouped together. What is the difference between the two? What are the most important aspects of each?

Lisa Perronne: These two activities highly complement each other and, thus, are sometimes thought of together. Depending on the size of an organization, they can even be structured together.

Regulatory or regulatory compliance has a focus on how the organization meets regulations, laws, and guidance that are established by geographically based regulatory authorities, such as the U.S. FDA or Brazil’s ANVISA. The function is also intended to meet internationally harmonized or broadly applicable standards, such as ISO 13485, which many geographies rely upon as a qualification for entry into their markets.

As a few examples, regulatory organizations may:

  • Submit products to market
  • Evaluate applicable standards for product development in a market
  • Analyze what type of clinical evaluation is necessary for market entry
  • Conduct ongoing compliance efforts with local regulations over the course of a product lifecycle
  • Manage registration activities

Quality organizations are responsible for product quality throughout the product lifecycle, including:

  • Product design
  • Verification and validation
  • Testing
  • Quality assurance and process controls activities
  • Post-market activities

Typically, quality also maintains the organization’s quality management system, which is the set of key processes that form the backbone of how work is done. Examples of processes included would be:

  • Corrective and preventive action (CAPA)
  • Documentation control
  • Training
  • Auditing
  • Post-market surveillance

The quality function maintains these key processes, although their execution requires support from the entire organization to ensure the product meets its predefined, intended use and quality performance expectations.

Fenske: How is a global regulatory strategy affected by the “first to launch” region? For example, how does launching in the U.S. first impact an EU MDR submission?

Perronne: A global regulatory strategy should not only be driven or affected by the “first to launch” region. Rather, it needs to include the business aspects of both the ultimate, desired locations for launch and the regulatory inputs to determine which market or region will be the best choice as a “first to launch.” The organization needs to understand the regulatory implications across various regions and plan for those in a systematic manner, regardless of the “first to launch” location.

Aspects of regional differences that may affect the “first to launch” choice can include:

  • Differing clinical performance data submission requirements across jurisdictions, including: size and duration of study, data capture location similarity to local populations, and company and user access to clinical sites
  • Product design and performance requirements, particularly electrical, health and safety, and environmental—Even if not for the “lead market,” if these requirements are not included in the product design process, the product design and its predicate market launch in one geography may not support direct or timely expansion to other markets later.
  • Geographies with a “faster” path to market if a U.S. FDA clearance or CE mark is obtained before submission to some jurisdictions

There has been a shift in behavior, generally, with the application of the European Medical Device Regulation (EU MDR). These regulations expanded clinical data requirements for new product applications. Prior to the EU MDR application, one strategy that was more commonly employed was to launch in the EU prior to the U.S. as a means to gather real-world evidence to support the U.S. submission. Now that the clinical evidence requirements are more level between these key leading markets, and thus other factors such as access to key customers or approval timelines play a larger role in the decision to designate a “first to market” region.

Fenske: Does MDSAP play a role in a company’s regulatory or quality strategy? Can you first explain what MDSAP is and then how it may have an impact? Benefits? Considerations?

Perronne: MDSAP is the Medical Device Single Audit Program. It is a harmonization of audit approach that harmonizes audit requirements for an organization’s quality management systems using ISO 13485 as a framework, with participating country-specific requirements incorporated into the framework of the audit process. The program was designed to allow for standardized audit expectations and the sharing of MDSAP audit reports across participating countries. Currently, the full-member participating countries include the United States, Japan, Australia, Canada, and Brazil. There are other affiliate members that may use MDSAP certification within their approval process, and there are official observers, such as the EU and UK, which observe and contribute to the program’s approach.

Companies that chose to have MDSAP certification will carry both an ISO 13485 certificate and a “mirror” MDSAP certificate issued by their notified body. The notified body selected for the organization’s CE mark conducts the audit and issues the report, which is then shared directly with participating countries’ authorities.

The benefit of this for a company is that one audit, using a common aligned approach, meets surveillance requirements for multiple countries. The benefit for the countries is that they can reliably use this audit, as they know it covers harmonized requirements, a known standard audit approach, and verifies key local regulations for standard surveillance, thus cutting down on replicative, routine inspection overhead for both the auditors and auditees.

Note that in the U.S., while the MDSAP can be used for routine inspection, “for cause” or directed inspections are still possible if there are quality signals the agency needs to investigate. Thus, it should not be thought of as a substitute for FDA inspection risk.

There are additional countries applying for participant status. MDSAP certification is a requirement for Health Canada to obtain or maintain a Canadian Medical Device License (MDL) for Class II, III, and IV products. So, you can see that this is one way MDSAP certification is an input to a global regulatory strategy if you are a manufacturer of these classifications of products, and the Canadian market is on your map.

Fenske: What should medical device manufacturers be doing to best prepare for post-market surveillance? Where are the challenges most often encountered?

Perronne: Many people think of post-market surveillance (PMS) as complaint monitoring and complaint handling processes, but it is much, much more. A robust post-market surveillance program is a web of interrelated activities that routinely and systematically collect product performance data through both internal and external sources and then uses that data to create a closed feedback loop to maintain and update risk management files for products. Complaint handling and monitoring is just one source of sometimes biased and known-to-be under-reported data. Proactive market surveys, EU MDR-mandated post-market clinical follow-up (PMCF) activities, literature review, worldwide clinical data, and monitoring of regulatory agency public data, such as the FDA MAUDE database, can all be parts of a robust post-market surveillance system.

This is an area where I see AI (artificial intelligence) may grow in use within the industry. Maintaining validated data models, feedback of data into risk management databases, and extracting data based on country, region, and patient attributes—to the extent possible, considering privacy concerns—are all areas where AI may be able to make PMS increase its “power” in the data, based on increasing efficiencies of the process itself.

Fenske: Do you have any additional comments you’d like to share based on any of the topics we discussed or something you’d like to tell medical device manufacturers?

Perronne: The global regulatory environment is a constantly evolving space. There is simultaneous growth in the number of local requirements, monitoring, or data used to obtain market access, while there is also growth in the harmonization of regulatory standards to better utilize resources so data gathered is reliable, meaningful, and more broadly applicable across the globe. So, it is always an exciting space in which you have to constantly adapt and evolve your thinking to best serve the markets in which you have products. I hope these insights are helpful to your readers as a glimpse into the life of a quality and regulatory medical device professional.

Click here to learn more about Elevaris Medical Devices >>>>>

Request more information from Elevaris Medical Devices

Keep Up With Our Content. Subscribe To Medical Product Outsourcing Newsletters