A medical device is “any healthcare product that does not achieve its principal intended purposes by chemical action or by being metabolized.” Devices are therefore everything from tongue depressors to pacemakers, stents, MRI machines and digital therapeutics.

If you are developing drugs or medical devices (including diagnostics and any software used to help treat or help diagnose a patient), your business is operating in a regulated industry. Before your company can commercialize your product, you must obtain authorization to do so from the FDA (in the US) and/or a Notified Body (in the EU) depending on where you wish to commercialize. Most products have some form of an approval process.

In addition to obtaining marketing approval from the FDA or a Notified Body, your company is required to establish a Quality Management System (QMS), also known as a QMS. Your QMS governs all daily business activities that can affect the quality of your product, from design and development to complaint handling. See our QMS 101 guide for an overview of required QMS elements.

FDA and the EU regulate both product submission requirements and day-to-day business processes. Submission requirements represent a snapshot in time. Whereas, business process requirements are permanent and drive numerous activities your company is responsible for implementing, maintaining and demonstrating via providing evidence (records).

In the United States, the FDA is responsible for protecting public health by regulating and supervising the safety of (but not limited to) drugs, dietary supplements, and medical devices. FDA accomplishes this mission by establishing and enforcing high product standards and other regulatory requirements authorized or mandated by the Federal Food, Drug and Cosmetic Act (FD&C Act), its amendments, and other public health laws enacted into law. FDA employees serve as patient advocates when inspecting facilities, reviewing submissions, or when developing new guidance for the industry; many of them view their jobs as the last line of defense before patients are put into the path of harm - as nearly all products carry with them some form of risk.

The FDA  is segmented by the variety of industries it regulates. We will focus on medical devices and in vitro diagnostics (IVDs), industries which are overseen by the FDA Center for Devices and Radiological Health (CDRH).

‍

CDRH is further organized into various offices that are tasked with different aspects of regulating and supervising the medical device industry. Your company will likely only interact with two offices, one for Submissions and Approvals and the other during FDA inspections of your facility(ies). If your company commercializes both IVDs and other medical devices, your company will then interact with three offices.

‍

Note: CDRH has started the process of combining several Offices including the Office of Device Evaluation (ODE), the Office of Compliance (OC) and the Office of In Vitro Diagnostic Device Evaluation & Safety (OIR) to form a new Office of Product Evaluation and Quality (OPEQ) that will be sub-divided into offices based on product type and technology. The process is not yet complete as of mid-2018.

‍

While the core concepts of regulations governing medical device product approvals and daily business activities are the same for all medical devices and geographical regions, there are additional specific requirements for a variety of product types. CDRH publishes Guidance documents spanning a wide variety of regulatory concepts, including special requirements for certain kinds of products; these Guidance documents, while not technically binding (see excerpt below contained in all Guidance documents), they are tacit FDA expectations for minimum good manufacturing practices.

‍

The European Union (EU) regulatory landscape is structured differently from the United States. Before you can offer your medical products within EU nations, you must first obtain a CE Marking which signifies product conformity to all applicable EU directives - indicating your product satisfies EU safety and performance requirements. This conformity assessment is conducted by independent third party organizations, Notified Bodies, who evaluate your company and product against the relevant EU legislation,  earlier as the Medical Device Directive and more recently as a new EU Medical Device Regulation, or MDR, going into effect in 2020 for medical devices. Conformity evaluations typically also include the application of relevant international standards (e.g. ISO 14971 "Medical devices - Application of risk management to medical devices").

The International Organization for Standardization publishes a wide variety of standards, similar to FDA and Guidance documents, and several of these Guidance and Standard requirements may apply to your product.  FDA, generally, requires your company follow current Good Manufacturing Practices (cGMP) which implies applying appropriate Guidance and Standard documents; FDA actively recognizes over 1,200 Standards it believes will aid a company in complying with US regulations. Many such standards will expedite FDA's review and enhance their trust of your processes and product, including, but not limited to:

• ISO 13485 Medical devices - Quality management systems - Requirements for regulatory purposes and
• IEC 62304 Medical Device software - Software life-cycle processes
  

Conversely, Notified Bodies focus almost exclusively on ISO Standards (plus the EU legislation) and do not require additional compliance to FDA Guidance documents. On occasion, if there's no applicable ISO standard for your product, and there is an FDA Guidance document, they may request your company adhere to it or demonstrate an equivalent or superior process or product design.

Therefore, after your company begins developing a product, and still well in advance of solidifying requirements and tests, the project team should identify all pertinent Guidance and Standard documents that apply to the product and processes. This will expedite conversations with regulatory bodies and shorten the overall development timeline; it will better facilitate how the company fulfills its responsible for ensuring the safety and effectiveness of medical devices under current GMP, and it will greatly inform your Regulatory Strategy.

Well-timed regulatory strategies begin early in the development process; the path to market will be informed by intended use, design and function decisions as they directly impact the submission content and rigor of required pre-market testing. Large companies have lived through many products cycles and learned the errors of both over- and under-committing to robust -Regulatory Strategies. Under planning typically leads to poor results that cost multiples of the optimal spend of a similarly complex product with a clear Regulatory Strategy. Startups and small companies are best served by their Regulatory Affairs employees/consultants when they are involved early in the product development process.

It's a fallacy to believe that a Submission document can be easily compiled and given to FDA right when your company is 'ready'. Too many startups fail by making poor assumptions about timing, cost, and planning with respect to their eventual submission and the required regulatory and quality requirements. And, there are a myriad of reasons.

1. Not knowing which approval/clearance process applies to their product

• Assuming a clinical trial is necessary, even preparing for one, can cost a company millions of dollars, and not completing sufficient pre-work for any particular submission type can cause months, even quarters or years, of delays to getting a product to market 
• FDA's Q-Submission process, one of which being Pre-Submissions, affords companies the opportunity to officially interact with FDA during product development and submission planning. It's a free service FDA provides upon request, and they highly recommend companies take full advantage of it

2. Not having followed critical portions of the Quality System Regulation (21 CFR 820) that impact content and process leading up to submissions

• Document Controls, Risk Management, Design Controls, and Training are all vital throughout the product life cycle

3. Committing fraud

• Most fraud in submissions is accidental, however whether purposeful or not, sooner or later you will pay the consequences. These normally include 1) months-long remediation activities, utilizing 2) a significant influx of temporary and expensive short-term resources, 3) delayed commercialization launch, and 4) recalling the product - pulling it off the market.
• The cost of remediation multiplies as a company waits longer and longer to correct egregious errors like fraud. Significant time is necessary to rectify false or inaccurate documentation, submissions etc. which includes gap analyses, summaries of missing data, re-testing, potentially re-designing the product, filing subsequent corrective submissions, etc.
• Examples of fraud include, but are not limited to:
  a. Making false statements about performance, substantial equivalence, intended use, target patient population, etc.
  b. Misrepresenting data collected during product development testing activities like design verification and design validation - through omission, inaccurate graphs/charts/tables, or fabricating evidence of testing, etc.
• Even if unintentional, fraud can significantly de-value your product and company; potential acquirers may detect these irregularities during the due diligence process and cause a buyer to back out. If the acquisition already took place when the acquirer learns the truth, your company leadership carries the risk of termination and civil action.
• The single most cost-effective point-in-time correction is preventing the fraud by including appropriate and knowledgeable resources in the planning and execution of the entire product development life cycle. These professionals typically fall within the functions of "Regulatory Affairs" and "Design Assurance Engineering" (RA, DAE).

‍

Submission content and level of detail vary based on the Classification of your product. Because medical devices can range from tongue depressors, to mobile apps, to implantable cardioverter defibrilators (ICDs), certain types of devices do not need submissions whereas some need clinical trials. Generally, that's driven by risk-to-patient.

Now is the time portions of your QMS awaken that have been dormant. Things like Nonconformances, Complaints and Corrective and Preventive Actions (CAPAs) will become common in your business lexicon. If, and we hope this never happens to any customer, you need to address product that has been released to the field, there's Recalls, Corrections and Removals.  

Enzyme is available to help all throughout the product life cycle.

‍