Design for Compliance

Here’s a cautionary tale for design engineers working in the medical device industry. Excited at the prospect of bringing its innovative new endoscope to market, a company rushed to get its prototype in front of the U.S. Food and Drug Administration (FDA) with an eye toward fast-track approval.

Unfortunately, the FDA immediately pointed out it would be difficult to clean the surgical scope adequately in the time allotted between patients. As a response, the company pointed out the device was “just a prototype” and not intended to represent the final form factor. But their attempts to steer the conversation to the target patient population and expected benefits fell on deaf ears. It was difficult to secure funding after this early failure and the company went out of business not long after.

This true story points out the perils involved in paying insufficient attention to regulatory compliance in the U.S. medical device industry. Some medical device manufacturers have been guilty of viewing regulations as an afterthought, especially in past years. But there are stringent requirements for medical device design and manufacturing, especially for any device that presents risk of physical harm to the end user. The good news: A host of providers offers a wide range of services to help with every possible aspect of compliance—before, during and after.

Premarket Notification vs. Premarket Approval

The FDA’s Center for Devices and Radiological Health (CDRH) is responsible for regulating firms that manufacture, repackage, re-label or import medical devices sold in the United States. In addition, states may have individual laws applying to the design and manufacture of medical devices.

Medical devices are classified into Class I, II and III, with the last category reserved for devices that pose the greatest risk to consumers. Most Class I devices are exempt from filing a 501(k) Premarket Notification, whereas most Class II devices require filing a Premarket Notification 510(k) and most Class III devices require Premarket Approval (PMA). The PMA process is viewed as the most onerous of the three and the subject of some trepidation among device makers. For devices that fall into Class II, a 510(k) is done to demonstrate that the device to be marketed is safe and effective by proving substantial equivalence (SE) to a legally marketed device (predicate device) that is not subject to PMA.

Depending on the type of device, it typically takes one to three years for a device classed as “moderate risk” to attain FDA approval or eight to 10 years for medical devices that are at a high level of risk, says Cynthia Nolte, senior director of Regulatory Affairs for ICON Clinical Research, a unit of ICON plc and provider of compliance-related services.

“Rushing to market is not the right strategy,” says Nolte.

The regulations were created to ensure safe and effective products are delivered to the marketplace with the right risk-benefit equations. “If we are talking about a Fitbit that records things like your heart rate, there will be no regulatory control because it does not represent any risk,” says Nolte. “If we talk about a corneal implant, that is a significant level of risk and much more regulatory control. Global regulatory agencies take this risk-based approach to regulation.”

Ideally, designing for compliance is just as much a part of the process as designing for quality, says Pavan Kumar Garikapati, regulatory domain head, Medical Devices, Wipro Ltd., also a service provider. “It is often misunderstood that compliance just requires completing required documentation after a product is ready to sell,” he says.

There is a continual balancing act between providing governmental authorities with the minimum required data needed to be—or remain—compliant, while at the same time running efficient operations.

One-Stop Shopping

There are companies that go it alone when it comes to compliance, says Nolte. Generally, in this case, there are engineering and product development teams with an understanding of the regulatory landscape and its requirements.

Most medical device companies do engage a contract research organization (CRO) such as ICON to help them clear compliance hurdles. ICON does everything from helping set strategy to guiding the client’s design work so that the end product complies with the regulatory requirements of the target market. ICON consultants also interface with regulatory agencies on behalf of their clients, paving the way for smooth interactions down the road.

Along with other service providers, ICON provides guidance as to which quality management (QM) systems clients should use to meet the regulatory and quality expectations of that market.

“We help clients institute a QM system for managing design and manufacturing practices,” says Nolte. Further downstream, ICON assists engineers with crafting labels, inspections for use and operator manuals. It also helps design and execute clinical studies when needed. Consultants can pinpoint the likely regulatory impact of a needed design change.

“We get involved in all phases of the product lifecycle. It’s one-stop shopping,” she says “We like to do it in a partnership where we participate as a member of their team.”

Engaging a Partner

ICON Clinical has been in business more than 30 years and is ISO-9001 certified for quality. “That tells our clients that we conduct our regulatory and quality services in a controlled manner. This is very important to our clients because they need to show that their service provider has the appropriate credentials,” Nolte says.

When sifting through a long list of compliance services providers, look for one that has proven experience on compliance for a similar type and class of device. As with any kind of outsourcing agreement, cost is always a driver in selection but it can be shortsighted to make the decision solely based on cost.

Garikapati suggests that device companies looking for compliance partners use this shorthand checklist:

• A strong QM system.

• A clearly articulated framework for handling intellectual property (IP) and sensitive information, such that confidentiality and IP protection are ensured.

• Extensive experience working with medical device firms.

• Meticulously drafted agreements, sharing all the information that is needed by the manufacturer to validate the design (including source code, QM documents, result of risk analysis and design evaluations).

For companies just beginning on the design of a new medical device: Think twice before you go it alone. The vast majority of companies need compliance services and support in order to be successful.

“Most companies wouldn’t even know where to begin wading through all of the regulations,” says Nolte.

Most of all, you want to avoid ending up like the scope maker at the beginning of this article. “If you mess up your one chance to speak to the agency because you didn’t have your story straight, you will have a problem—especially if your product is a PMA,” says Nolte.

More Info

• Food and Drug Administration
• ICON
• Wipro