Upload
daniel-fox
View
219
Download
3
Tags:
Embed Size (px)
Citation preview
1
Regulation and StandardsChapter 17
2
Extra Activities for Regulated Industries
Develop and maintain a Quality SystemProduct Documentation
Design History FileTechnical File
Product submissionsTesting certificationsExtra time for:
SubmissionsAnswer questions from regulatorsRe-submissions
Audits
3
The Typical Road to Market for a Non-Medical Device
Generate a new idea for a productDesign the productTest the productManufacture the productShip the product
4
The Typical Road to Market for a Medical Device
Generate a new idea for a productDesign the productTest the productSubmit data to the regulatory agencyWaitManufacture the productShip the product
5
Timing of Product Development
Establish a window of opportunity to sell the product
Determine the amount of time to manufacture the product
Determine the amount of time for regulatory approval
Determine the amount of time to test the product Determine the amount of time to design the
product Determine the amount of time to specify the
product Start the development cycle
6
Types of Regulations
ProcessISO 9000 familyAudits by Notified Bodies
ProductFood and Drug Administration (FDA)Medical Device Directive (MDD)Individual country requirements (Canada, Australia,
Japan, Russia)City of Los AngelesOther standards required for certain productsEnvironmental standards
7
Process Regulations
Basis for product regulationsRequires the company to show an
experienced quality system in placeISO 9000 family used as the gold standardFor companies with design capabilities,
ISO 9001 is the foundationFor medical device companies, ISO 13485
is beginning to be accepted
8
ISO 9001
Management responsibility Quality system Contract review Design control Document and data control Purchasing Control of customer supplied product Product identification and traceability Process control Inspection and testing
9
ISO 9001
Control of inspection, measuring, and test equipment Inspection and test status
Control of non-conforming product Corrective and preventive action Handling, storage, packaging, preservation,
and delivery Control of quality records Internal quality audits Training Servicing Statistical techniques
10
Design Control
Design and development planningOrganizational and technical interfacesDesign inputDesign outputDesign reviewVerificationValidationDesign changes
11
Product Regulations
EuropeMedical Device Directive
Other CountriesAustraliaCanadaJapanRussia
United StatesFDA
The various Medical Device Directives define a medical device as:
"any instrument, appliance, apparatus, material or other article, whether used alone or in combination, including the software necessary for its proper application, intended by the manufacturer to be used for human beings for the purpose of:
diagnosis, prevention, monitoring, treatment or alleviation of disease
diagnosis, monitoring, alleviation of or compensation for an injury or handicap
investigation, replacement or modification of the anatomy or of a physiological process
control of conception,and which does not achieve its principal intended action in or on the human body by pharmacological, immunological or metabolic means, but which may be assisted in its function by such means."
12
13
Medical Device Directive
3 divisions: AIMDD, MDD, IVMDDRequired for selling a product in
EuropeProduct must contain a CE markMust have a quality systemProduct must meet a list of essential
requirementsCertificates for all testing
14
Medical Device Directive
Three directives:
Active Implantable Medical Devices Directive (AIMDD)
Medical Devices Directive (MDD)
In Vitro Diagnostic Medical Devices Directive (IVDMDD)
15
Medical Device Directive Process
Analyze the device to determine which directive is applicable
Identify the applicable Essentials Requirements List (safety, risk, performance, …)
Identify any corresponding Harmonized standards
Confirm that the device meets the Essential requirements/Harmonized Standards and document the evidence
Classify the device
16
Medical Device Directive Process
Decide on the appropriate conformity assessment procedure
Identify and choose a notified bodyObtain conformity certifications for
the deviceEstablish a Declaration of ConformityApply for the CE mark
17
Essentials Requirements List
Essential Requirement A or N/a Standards Activity Test Clause Pass/Fail Document Location1. The device must be designedand manufactured in such a waythat when used under theconditions and for the purposesintended, they will notcompromise the clinicalcondition or the safety ofpatients, users, and whereapplicable, other persons. Therisks associated with devicesmust be reduced to an acceptablelevel compatible with a highlevel of protection for health andsafety.
A Internal Risk analysis
Safety review
Design History File
Design History File
2. The solutions adopted by themanufacturer for the design andconstruction of the devices mustcomply with safety principlesand also take into account thegenerally acknowledged state ofthe art.
A Internal Specificationreviews
Design reviews
Safety review
Design History File
Design History File
Design History File
18
Declaration of Conformance
Every device, other than a custom-made or clinical investigation device, must be covered by a declaration of conformity
Document that states you have met all the essential requirements for your device
Must include the serial numbers or batch numbers of the products it covers
Signed by a member of Senior Management
19
The CE Mark
XXXX
20
Difference Between FDA and MDD
FDA:A submission must be sent to the FDA for
each product to be marketedMust wait for approval
MDD:A company may qualify for self-certification
to MDD for their products. These are checked during scheduled audits.
21
Other Product Regulations
CountriesJapanAustraliaChinaRussia
Type of Device StandardsAlarmsSoftware
Environmental StandardsEMCTemperature/HumidityShipping
22
Audits
1-4 people in your spaces for 3 days to several months
23
Audits
Will cover in detail your process and products
Auditors will “dig-in” in they find the hint of a problem
Major discrepancies will shut you down until they are fixed
Legal and/or punitive steps may be taken
24
Food and Drug Administration
Quality systemTesting to prove the safety and efficacy of
your productSubmission material dependent on the
type of product you are makingParticular attention to softwareMDRsRecallsAudits (see chapter 16…)
25
Food and Drug Administration
Safety and efficacy:
Requirement verification
Risk analysis
Environmental testing
Clinical testing
26
Food and Drug Administration
Submissions:
Class I Little regulation
Class II 510(k)
Class III PMA
27
FDA 2004 User Fees
Large business:
510(k) $ 3,480
PMA $206,811 180 day supplement $ 44,464 Real-time supplement $ 14,890
28
FDA 2004 User Fees
Small business:
510(k) $ 2,784
PMA $ 78,588 180 day supplement $ 16,896 Real-time supplement $ 5,658
29
Food and Drug Administration
Software: Based on an bad experience in Canada FDA doesn’t understand it Therefore, they over-regulate it All current regulations are in draft form Software in a device is the same level as the
device Excess documentation required Auditors free to regulate according to their own
principles
30
Food and Drug Administration
MDRs and Recalls: MDR: a report sent to the FDA detailing
the circumstances of your device killing or causing serious injury to a patientThe FDA also gets a report from the hospital
or clinic where the situation occurred
Recall: a detailed plan for making design changes in all your devices currently in the field
31
Food and Drug Administration
Audits:
General
Triggered by submissions
Triggered by field failures
Triggered by unsolicited information
32
Newest of the Regulations (US)
HIPAA
Health Insurance Portability and Accountability Act
Main components are Privacy and Security
33
Protected Health Information (PHI)
PHI is health Information that:1) is created or received by a health
care provider, health plan, employer, or health care clearinghouse, and
2) relates to the past, present, or future physical or mental health or condition of an individual, the provisions of health care to an individual, or the past, present, or future payment for the provision of health care to an individual, and i) that dentifies the individual or ii) with respect to which there is a reasonable basis to believe the information can be used to identify the individual.
34
Protected Health Information (PHI)
Any health information that can be identified to a person
It includes information about treatment and care
PHI can include:NameDatesRecord numberSocial security numberFull face photoAny other unique identifying information
35
De-Identification
Patient information from which identifiers have been deleted, redacted, or blocked, so that remaining information cannot reasonably be used to identify a person. Identifiers to be deleted include:
Name Social security number Address Telephone number Birth date Admission date FAX numbers E-mail addresses Medical record numbers Health plan beneficiary numbers Account numbers Certification/license numbers Full face photos.
36
Civil Penalties for Non-Compliance
$100 for each violation
Total of $25,000 for all violations of an identical requirement in a calendar year
37
Criminal Penalties for Wrongful
Obtainment/Disclosure of PHI Not more than $50,000
and/or not more than 1 year imprisonment
Not more than $100,000 and/or not more than 5 years imprisonment if the offense is “under false pretenses”
Not more than $250,000 and/or not more than 10 years imprisonment for the intent to sell, use for commercial advantage, personal gain, or malicious harm Protected Health Information
38
HIPAA Philosophy
What I see here,What I hear
here, When I leave
here,Remains here!
Other US Standards Groups:
AAMIANSIASQCASTMIEEEIESIPC
NEMANFPAOSHAUL
39
Rest of World
British Standards Institute
European Committee for Normalization
European Committee for Electronic Standards
TickIT
International Committee on Radio Interference
Canadian StandardsIEEEISO (9000, 9001,
13485, 13488, 14000)
JSA
40
Trends:
Harmonization of Regulations & Standards
Attempts at defining Medical Informatics and the structures of medical records
Computerization
41