I recently attended the 2018 MD&M West conference, Feb. 5 – 7, in Anaheim, California. The three-day event pulled together the medical device industry’s top engineering, design and regulatory compliance experts. This year’s conference covered the most timely and pressing topics, including technology, cybersecurity, design control, digital health and regulatory updates.
Attempting to sum up a conference of this size in a single article would be futile—not to mention a disservice to those of you who were unable to attend. Instead, I’ll start off with my top 10 takeaways from the conference. Going forward, I will post more in-depth articles on these and other hot topics in the medical device industry.
The internet revolution has ushered in smart manufacturing, which is the ability to combine the efforts of machines, computers and people in creating measurable outcomes. The Industrial Internet of Things (IIoT) is a new technological wave that promises unprecedented opportunities in medical device manufacturing. Having essential data and information at our fingertips will lead to faster and more educated decisions and operational efficiency.
However, the industrial internet is still coming of age and needs to find its place among the existing operational technology (OT) world, such as supply chains, business models and workforces. Also, current OT and internet technology (IT) systems continue to function in siloes in terms of sharing data between devices and the IT network. Convergence of the two is necessary for achieving a fully collaborative and functioning digital ecosystem.
While the Industrial Internet of Things (IIoT) is paving the way for more advances in medical device technology, it is also expanding the industry’s cybersecurity attack surface. As physical and virtual technology worlds combine, organizations will need a new cybersecurity framework that spans the entire organizational network and operations environment.
It’s no secret that the lack of sufficient security measures can lead to a costly security breach. There are also regulatory ramifications for not maintaining an adequate cybersecurity strategy. A security hack on a network or production system could create a gap in data, which will be flagged by agencies.
A large percentage of biomaterials are at least 20 years old. Ekaterina Tkathchouk, Ph.D., principle chemist at Edwards Lifesciences explained why many biomaterials are not being replaced by newer, more advanced chemistries. Some of the reasons include:
Nevertheless, Tkathchouk mentioned that the regulatory landscape is becoming more modernized, making it less burdensome for manufacturers to test new materials and devices and ensure their safety and effectiveness.
The ISO 14971 standard was developed to help medical device manufacturers identify hazards and risks and develop, implement and monitor risk control measures. Quality and more effective risk reduction are the motivators behind the latest reboot of ISO 14971. This session touched on changes in the European National (EN) version of the Medical Device Risk Management Standard risk reduction policy.
Historically, EN followed the risk management approach, “as low as reasonably practicable” (ALARP), which includes:
The updated version follows the “as far as possible” (AFAP) approach, which includes:
The updated ISO 14971 introduces a new design philosophy where all risks, both acceptable and not acceptable need to be considered in the risk mitigation process.
The ALARP approach is no longer permissible for devices sold in Europe. Currently, the FDA and regulatory agencies outside of Europe still follow the ALARP standard. However, companies should incorporate the AFAP standard into their quality management system as more regulatory agencies will eventually adapt to the new approach.
In late 2012, representatives from the FDA, NIH, CMS and patient organizations established a 501(c)(3) organization called the Medical Device Innovation Consortium (MDIC). The volunteer-operated group allows medical device manufacturers to collaborate and receive coaching from the FDA and a variety of industry experts to identify more effective risk and mitigation strategies and decrease the burden and cost of regulatory processes. The primary goal for MDIC is to compel medical device manufacturers to abandon the checkbox mentality for compliance and adopt a trend of continuous improvement.
Chrissy Glaister, lead usability engineer at Product Creation Studio, advocates a simple-is-better approach to designing medical devices. She expanded on that approach during her presentation titled “Embracing a Human-Centered Approach to Design.” Glaister stressed the importance of gaining a deep understanding of users, which is more effectively achieved early in the design cycle.
Users have varying levels of aptitude and industry experience. Therefore it’s important to define requirements based on users’ needs, challenges and the environment where devices will be used.
Some of the core principles of human-centered design include:
The Medical Device Single Audit Program (MDSAP) is a pilot program that established a standardized approach to auditing medical device manufacturers based on the requirements of various global regulatory agencies. Inaugurated by the International Medical Device Regulators Forum (IMDRF), it enables a medical device manufacturer to satisfy the requirements of participating regulatory authorities in a single audit.
Companies have fewer audits, but they are more comprehensive and include all internal audits. Device manufacturers are encouraged to use MDSAP as a model for their quality management system as compliance requires incorporating the standards for all regulatory agencies. Health Canada now requires MDSAP so medical device manufacturers wanting to sell products in Canada should consider the MDSAP route.
Part of the identification system requires device labelers to submit certain information about each device to the FDA’s Global Unique Device Identification System Database (GUDID). The FDA recently made updates to the GUDID, which will be rolled out throughout 2018:
The UDI requirements continue to evolve and will soon apply to countries across the globe. Following the global trend in handling traceability of medical devices, the European Union (EU) Commission defined requirements for implementing a UDI in its Medical Device Regulation (MDR). The UK’s National Health Service (NHS) also includes initiatives that align with the UDI requirements.
The 21st Century Cures Act gave the FDA the tools to start modernizing regulatory programs. The goal? Bring safe and effective medical device innovations to patients who need them faster and more efficiently.
Given that 21st Century Cures emphasizes modernization and innovation, the Act continually evolves to keep pace with technology. The panel for this session discussed a few of the recent changes that were motivated in part by advancing technology:
Software as a medical device (SaMD) – Section 3060 of the 21st Century Cures Act establishes common principles for regulators to use in evaluating the safety, effectiveness and performance of software used as a medical device. It also encourages manufacturers to use continuous monitoring to understand and modify software based on real-world performance.
Breakthrough devices – This designation will eventually replace the Expedited Access Pathway (EAP), which was developed to address unmet needs for life threatening or irreversibly debilitating diseases. The FDA updated the provisions where participants that were previously granted an EAP will receive a Breakthrough Device designation without needing any additional action.
510(k) modifications for low risk devices –The FDA has exempted more than 70 Class I device types and more than 1,000 Class II device types from the requirement of submitting a 510(k) submission.
Humanitarian Device Exemption (HDE) – The 21st Century Cures Act now allows HDE approval for devices that treat or diagnose a disease that affects no more than 8000 people in the United States. The previous threshold was 4000.
There are many pathways for medical device manufacturers to bring a device to market. A 510(k) or a Premarket Approval (PMA) tend to be more popular routes, while the de novo has not been used as much. Recent regulatory changes have made de novo a more appealing pathway for device manufacturers:
To help verify if de novo is the right pathway, device manufacturers are encouraged to start with a premarket device submission (Pre-Sub) to establish a working relationship with the FDA. Manufacturers may want to consider de novo pathway if their device is new, or even if it is similar to an existing device but the technology is different. De novo candidates also must be able to identify and demonstrate how they will mitigate all risks.
While all areas of medical device technology can benefit from the de novo pathway, it is mostly useful for:
MD&M West was a valuable learning experience. Stay tuned for upcoming posts where I will expand on many of these key takeaways.
David Jensen is a marketing communication specialist at MasterControl. He has been writing technical, marketing and public relations content in technology, professional development, business and regulated environments for more than two decades. He has a bachelor’s degree in communications from Weber State University and a master’s degree in professional communication from Westminster College.