The Impact of Regulations on Medical Device Design Richard C. Fries, PE, CRE Manager, Reliability...
-
Upload
raymond-robertson -
Category
Documents
-
view
240 -
download
3
Transcript of The Impact of Regulations on Medical Device Design Richard C. Fries, PE, CRE Manager, Reliability...
The Impact of Regulations onMedical Device Design
Richard C. Fries, PE, CRE
Manager, Reliability Engineering
Datex-Ohmeda
Madison, Wisconsin
Extra Activities for Regulated Industries
Develop and maintain a Quality System Product Documentation
Design History File Technical File
Product submissions Testing certifications Extra time for:
Submissions Answer questions from regulators Re-submissions
Audits
The Typical Road to Market for a Non-Medical Device
Generate a new idea for a product Design the product Test the product Manufacture the product Ship the product
The Typical Road to Market for a Medical Device
Generate a new idea for a product Design the product Test the product Submit data to the regulatory agency Wait Manufacture the product Ship the product
Timing of Product Development
Establish a window of opportunity to sell the product Determine the amount of time to manufacture the
product Determine the amount of time for regulatory approval Determine the amount of time to test the product Determine the amount of time to design the product Determine the amount of time to specify the product Start the development cycle
Types of Regulations
Process ISO 9000 family Audits by Notified Bodies
Product Food and Drug Administration (FDA)
Medical Device Directive (MDD)
Individual country requirements (Canada, Australia, Japan, Russia)
City of Los Angeles
Other standards required for certain products
Environmental standards
Process Regulations
Basis for product regulations Requires the company to show an experienced
quality system in place ISO 9000 family used as the gold standard For companies with design capabilities, ISO
9001 is the foundation For medical device companies, ISO 13485 is
beginning to be accepted
ISO 9001
Management responsibility Quality system Contract review Design control Document and data control Purchasing Control of customer supplied product Product identification and traceability Process control Inspection and testing
ISO 9001
Control of inspection, measuring, and test equipment Inspection and test status
Control of non-conforming product Corrective and preventive action Handling, storage, packaging, preservation, and delivery Control of quality records Internal quality audits Training Servicing Statistical techniques
Design Control
Design and development planning Organizational and technical interfaces Design input Design output Design review Verification Validation Design changes
Product Regulations
United States FDA
Europe Medical Device Directive
Other Countries Australia Canada Japan Russia
Food and Drug Administration
Quality system Testing to prove the safety and efficacy of your
product Submission material dependent on the type of
product you are making Particular attention to software MDRs Recalls Audits
Food and Drug Administration
Safety and efficacy:
Requirement verification
Risk analysis
Environmental testing
Clinical testing
Food and Drug Administration
Submissions:
Class I Little regulation
Class II 510(k)
Class III PMA
FDA 2004 User Fees
Large business:
510(k) $ 3,480
PMA $206,811 180 day supplement $ 44,464 Real-time supplement $ 14,890
FDA 2004 User Fees
Small business:
510(k) $ 2,784
PMA $ 78,588 180 day supplement $ 16,896 Real-time supplement $ 5,658
Food and Drug Administration
Software: Based on an bad experience in
Canada FDA doesn’t understand it Therefore, they over-regulate it All current regulations are in draft form Software in a device is the same level as the device Excess documentation required Auditors free to regulate according to their own principles
Food and Drug Administration
MDRs and Recalls: MDR: a report sent to the FDA detailing the
circumstances of your device killing or causing serious injury to a patient The FDA also gets a report from the hospital or clinic
where the situation occurred
Recall: a detailed plan for making design changes in all your devices currently in the field
Food and Drug Administration
Audits:
General
Triggered by submissions
Triggered by field failures
Triggered by unsolicited information
Medical Device Directive
Required for selling a product in Europe Product must contain a CE mark Must have a quality system Product must meet a list of essential
requirements Certificates for all testing
Medical Device Directive Process
Analyze the device to determine which directive is applicable
Identify the applicable Essentials Requirements List
Identify any corresponding Harmonized standards
Confirm that the device meets the Essential requirements/Harmonized Standards and document the evidence
Classify the device
Medical Device Directive Process
Decide on the appropriate conformity assessment procedure
Identify and choose a notified body Obtain conformity certifications for the device Establish a Declaration of Conformity Apply for the CE mark
Medical Device Directive
Three directives:
Active Implantable Medical Devices Directive (AIMDD)
Medical Devices Directive (MDD)
In Vitro Diagnostic Medical Devices Directive (IVDMDD)
Essentials Requirements List
Essential Requirement A or N/a Standards Activity Test Clause Pass/Fail Document Location1. The device must be designedand manufactured in such a waythat when used under theconditions and for the purposesintended, they will notcompromise the clinicalcondition or the safety ofpatients, users, and whereapplicable, other persons. Therisks associated with devicesmust be reduced to an acceptablelevel compatible with a highlevel of protection for health andsafety.
A Internal Risk analysis
Safety review
Design History File
Design History File
2. The solutions adopted by themanufacturer for the design andconstruction of the devices mustcomply with safety principlesand also take into account thegenerally acknowledged state ofthe art.
A Internal Specificationreviews
Design reviews
Safety review
Design History File
Design History File
Design History File
Declaration of Conformance
Every device, other than a custom-made or clinical investigation device, must be covered by a declaration of conformity
Document that states you have met all the essential requirements for your device
Must include the serial numbers or batch numbers of the products it covers
Signed by a member of Senior Management
The CE Mark
XXXX
Difference Between FDA and MDD
FDA: A submission must be sent to the FDA for each
product to be marketed Must wait for approval
MDD: A company may qualify for self-certification to
MDD for their products. These are checked during scheduled audits.
Other Product Regulations
Countries Japan Australia China Russia
Type of Device Alarms Software
Environmental EMC Temperature/Humidity Shipping
Audits
1-4 people in your spaces for 3 days to several months
Audits
Will cover in detail your process and products Auditors will “dig-in” in they find the hint of a
problem Major discrepancies will shut you down until
they are fixed Legal and/or punitive steps may be taken
Newest of the Regulations
HIPAA
Health Insurance Portability and Accountability Act
Main components are Privacy and Security
Protected Health Information (PHI)
PHI is health Information that:
1) is created or received by a health care provider, health plan, employer, or health care clearinghouse, and
2) relates to the past, present, or future physical or mental health or condition of an individual, the provisions of health care to an individual, or the past, present, or future payment for the provision of health care to an individual, and i) that
identifies the individual or ii) with respect to which there is a reasonable basis to believe the information can be used to identify the individual.
Protected Health Information (PHI)
Any health information that can be identified to a person
It includes information about treatment and care
PHI can include: Name Dates Record number Social security number Full face photo Any other unique identifying information
De-Identification
Patient information from which identifiers have been deleted, redacted, or blocked, so that remaining information cannot reasonably be used to identify a person. Identifiers to be deleted include:
Name Social security number Address Telephone number Birth date Admission date FAX numbers E-mail addresses Medical record numbers Health plan beneficiary numbers Account numbers Certification/license numbers Full face photos.
Civil Penalties for Non-Compliance
$100 for each violation
Total of $25,000 for all violations of an identical requirement in a calendar year
Criminal Penalties for Wrongful Obtainment/Disclosure of PHI
Not more than $50,000 and/or not more than 1 year impisonment
Not more than $100,000 and/or not more than 5 years imprisonment if the offense is “under false pretenses”
Not more than $250,000 and/or not more than 10 years imprisonment for the intent to sell, use for commercial advantage, personal gain, or malicious harm Protected Health Information
HIPAA Philosophy
What I see here,
What I hear here,
When I leave here,
Remains here!