Suzanne Schwartz’s picture

By: Suzanne Schwartz

During National Cybersecurity Awareness Month, which took place in October, the public and industry were encouraged to understand the importance of cybersecurity and to be vigilant when it comes to the technology we rely on every day, including helping patients remain confident in the safety of their medical devices.

Many medical devices are “life critical systems,” meaning they play a crucial role in monitoring and protecting human life. As more of these systems use technology to interconnect, we must be dedicated to securing them from hackers and cyber attacks.

Here at the U.S. Food and Drug Administration (FDA), we work with hospitals, healthcare professionals, and patients to provide medical device manufacturers with guidance for monitoring, identifying, and addressing cybersecurity vulnerabilities in their devices before and after they have entered the market. To further counter threats, the FDA has been making a deliberate effort to work with outside groups—including those we have previously not engaged with—such as security researchers.

Michael Causey’s picture

By: Michael Causey

It’s time to get your compliance programs in order to meet some looming international regulatory compliance demands, experts including former Food and Drug Administration officials say. Having a firm grip on quality management processes—especially document management and change control—will be critical to comply with such a disparate group of regulations working with so many regulatory bodies. These new regulations and others already on the books reemphasize the importance of having an automated QMS with integrated quality processes tailored to the increasingly complex demands of medical-device regulatory compliance.

Brooke Pierce’s picture

By: Brooke Pierce

When Congress passed the Medicare Access and CHIP Reauthorization Act of 2015 (MACRA), “risk” moved front and center as a feature of provider reimbursement models. These days, terms such as “at risk” and “risk-based” are used more and more, but what do they really mean? And why should healthcare providers now be more concerned with risk than they have been in years past?

Merriam-Webster defines risk as “the possibility that something bad or unpleasant (such as an injury or a loss) will happen.” In the current healthcare environment, risk could be defined as a loss of revenue: Providers and payers are risking income when they provide services to patients. The question has become, when treatments involve expensive services, drugs, or procedures, who will pick up the check?

Risk isn’t new to payment models. Although traditional fee-for-service models are not generally considered at-risk payment models, they certainly involve risk. The risk, however, is born by the payer, not the provider. In fee-for-service, the payer issues a reimbursement when the provider renders the service. The payment isn’t neither dependent upon the quality nor success of the service provided nor dependent upon the payment falling below the total of the patient’s insurance premiums.

Michael Causey’s picture

By: Michael Causey

The U.S. Food and Drug Administration (FDA) Center for Devices and Radiological Health (CDRH) Director Jeff Shuren outlined the agency’s ambitious 2017 goals at an important session that was part of the conference of the Regulatory Affairs Professionals Society that was held Sept. 18, 2016, in San Jose, California. Shuren’s presentation was one of several sessions of particular interest to life sciences shops.

During his presentation, Shuren talked about the agency’s new strategy to use more real-world evidence to track the safety of medical devices. According to its Strategic Priorities Report for 2016–2017, the agency is developing a nationwide medical device evaluation system to more quickly identify safety signals, particularly through electronic health records, registries, and medical billing claims in which unique device identifiers are being used.

Erwin Miller’s picture

By: Erwin Miller

The Federal Drug Administration’s (FDA) mission to protect consumers from unsafe food follows different paths. The seven rules that have been finalized since the fall in 2015 to implement the 2011 FDA Food Safety Modernization Act (FSMA) will require food producers, importers, and transporters to take science- and risk-based actions to help prevent the contamination that leads to food-borne illness.

On July 14, 2016, the FDA finalized another rule to implement FSMA, one that updates the requirements for the registration of domestic and foreign food facilities that manufacture, process, pack, or hold food for consumption in the United States, whether for people or for animals. Under the final rule, additional information will be required that will ultimately support the FDA’s ability to respond quickly to food-related emergencies and that will also help the agency more efficiently use the limited resources it has for inspections. This rule is effective Sept. 12, 2016.

Jon Speer’s picture

By: Jon Speer

Design controls and risk management processes should be tools to ensure that medical devices are designed, developed, and manufactured to be safe and effective, and to address indications for use, too.

All too often, however, design controls and risk management are viewed as a pile of “stuff” that the U.S. Food and Drug Administration (FDA) and other regulatory bodies require during the design and development process.

The FDA design control regulations have now been in place for 20 years. They should be aids to guide medical technology professionals, but an overwhelming percentage of the medical device community approaches these activities as checkbox, low value-adding tasks.

Howard Sklamberg’s picture

By: Howard Sklamberg

Globalization is posing challenges for public health. For the U.S. Food and Drug Administration (FDA), part of that challenge is the ever-increasing volume and complexity of FDA-regulated products coming to America’s shores.

In fiscal year 2015, there were more than 34 million shipments of FDA-regulated products into the United States, up from just 15 million a decade ago. These products are handled by 130,000 importers, and are manufactured, processed, or packaged at more than 300,000 foreign facilities.

We know this global trade expansion has ramifications for our nation’s public health. We also know we can’t be the inspectors for the world. Hence, we need to effectively direct our resources in a risk-based manner as we grapple with this tremendous volume of imported goods.

How? One way is to identify foreign regulators that we can rely on to partner with in verifying that safety standards are being met, and then construct an approach that will meet the requirements of multiple regulatory jurisdictions. We’re currently engaged in three innovative programs to meet this challenge.

Multiple Authors
By: Rachel E. Sherman, Robert M. Califf

In an earlier article, we discussed a pair of concepts—interoperability and connectivity—that are essential prerequisites for creating a successful national system for evidence generation (or “EvGen”). Here, we take a look at how we would apply these constructs as we go about building such a system.

Creating knowledge requires the application of proven analytical methods and techniques to biomedical data in order to produce reliable conclusions. Until recently, such analysis was done by experts operating in centers that typically restricted access to data. This “walled garden” approach evolved for several reasons: the imperative to protect the privacy and confidentiality of sensitive medical data; concern about the negative consequences that could arise from inappropriate, biased, or incompetent analysis; and the tendency to see data as a competitive asset. Regardless of the specific reason, the result has been the same: widespread and systemic barriers to data sharing.

Taran March @ Quality Digest’s picture

By: Taran March @ Quality Digest


They sound like words and have a mysterious dignity rolling off the tongue. Their meanings seem both apparent and elusive. If an alien delegation landed on Earth, words like these might feature in their formal greetings. They are the most expensively researched neologisms in use around the globe.

What are they? Pharmaceutical brand names like Advil, Zantac, Lipitor, and Xolair. Azor, Exelon, Zostavax, and Chantix. Gardasil, Cubicin, Levemir, and Sensipar.

The process of taking a breakthrough chemical compound and turning it into a lucrative product involves an odd collaboration among scientists, executive risk-takers, advertising masterminds, and lofty national and international agencies, including the FDA. So much money rides on a pharmaceutical brand that its name is often under development well before the actual drug has been concocted.

Grant Ramaley’s picture

By: Grant Ramaley

The Quality System Regulation (QSR) 21 CFR Part 820, aka FDA current Good Manufacturing Practices (cGMP) for Medical Devices, is what regulatory professionals should be referencing in their quality system procedures. Part 820 embodies all the major parts of the FDA quality system that are shared with ISO 13485:2016—“Medical devices—Quality management systems—Requirements for regulatory purposes.” In fact, according to the QSR’s preamble, Part 820 was originally crafted to align with ISO 9001:1994 and ISO 13485:1996.

The FDA has said that ISO 13485 covers about 90 percent or more of its QSR. How nice, but what about the other 10 percent? Many manufacturers are surprised when an FDA investigator asks questions about other “Parts” in the Federal Regulation that don’t align with ISO 13485, and yet are considered some of the most critical points of concern during an FDA inspection.

Syndicate content