What needs to be reviewed?
- Technical Documentation which must include:
●Device description and specification
●Information to be supplied by the manufacturer
●Design and manufacturing information
●General Safety and Performance Requirements (GSPR)
●Benefit-Risk Analysis and Risk Management
●Product Verification and Validation - Classification
- Clinical Data
- Biocompatibility – the updated ISO 10993-1 is applicable now both as per the MDD and the MDR.
Where to Start?
- Classification – classify your device as per the rules laid out in Annex VIII of the regulation.
- General Safety and Performance Requirements (GSPR) replaces the Essential Requirements. Fill one out for each device.
- Post Marketing Surveillance (PMS) – look at the clinical PMS data you have and make sure you have a plan and a report.
- Make sure your PMS is linked to your Risk Management. Clinical data for your own device will be critical for the Clinical Evaluation Report (CER) to establish equivalence and minimize any further Clinical Study requirements.
- Risk Management – No longer one document. This should be a group of documents that address all the requirements of both ISO 14761 and the MDR.
- Biocompatibility – you must have a plan (Biological Evaluation Plan) and a report (Biological Evaluation Report) that complies with all the updated and latest Biocompatibility ISO standards. (The 10993 series.)
What to do?
1. Classification – This will lead to updating the Declaration of Conformity.
2. GSPR – any gaps identified (validations or issues that have not been reviewed in the past) must be closed. *** See table below for an example of the GSPR vs. the Essential requirements
3. PMS (Post Marketing Surveillance), PMCF (Post Marketing Clinical Follow Up) – start the implementation of the plan as soon as possible and write a summary report of all data collected to date.
4. Risk Management – verify that hazards have been identified and that the clinical risks have been mitigated.
5. Any Biocompatibility testing that has not been done and cannot be rationalized should be performed.
6. Make sure your QMS adheres to the requirements of the MDR – the following requirements are unique to the MDR:
- A documented strategy for regulatory compliance
- Manufacturers need to verify UDI (Unique device identifier) assignments for their device both before they hit the market and periodically after they are released
- A designated person or group of people responsible for regulatory compliance (PRRC)
- Documented procedures for clinical investigation and evaluation
- Specific PMS documents – PMS plan and a Periodic Safety Update Report (PSUR), including incidents and field safety corrective actions (FSCA)
- Management of the supply chain and economic operators
- Implantable devices
- European data base on medical devices (EUDAMED)
- Common specifications
- Vigilance
Example of the GSPR vs. the Essential requirements
| Wording GSPR (MDR) | Wording Essential Requirements (MDD) | Explanation of the Gap |
| That the residual risk associated with each hazard as well as the overall residual risk is judged acceptable. In selecting the most appropriate solutions, manufacturers shall, in the following order of priority: 4(a)Eliminate or reduce risks as far as possible through safe design and manufacture 4(b) Where appropriate, take adequate protection measures, including alarms if necessary, in relation to risks that cannot be eliminated 4(c) Provide information for safety (warnings/precautions/ contraindications) and, where appropriate, training to users.” | Information needed to use the device safely.” Within the framework of labeling | Management would need to be “information for safe use” with the quote and where this information is supplied and a usability study to support the information for safe use is valid. |
| “11. Infection and microbial contamination 11.2 Where necessary devices shall be designed to facilitate their safe cleaning, disinfection, and/or re-sterilization” | 13. Information Supplied by the Manufacturer h) if the device is reusable, information on the appropriate processes to allow reuse, including cleaning, disinfection, packaging and, where appropriate, the method of sterilization of the device to be reserialized, and any restriction on the number of reuses.” | The MDR has defined a particular consideration for reusable devices, meaning a clearly stated requirement that must be validated. The MDD does not clearly state a validation requirement for reusable devices, only the requirement to supply the information to ensure safety. |
| “14.1 If the device is intended for use in combination with other devices or equipment the whole combination, including the connection system shall be safe and shall not impair the specified performance of the devices. Any restrictions on use applying to such combinations shall be indicated on the label and/or in the instructions for use. Connections which the user has to handle, such as fluid, gas transfer, electrical or mechanical coupling, shall be designed and constructed in such a way as to minimize all possible risks, such as misconnection.” | “9.1 If the device is intended for use in combination with other devices or equipment, the whole combination, including the connection system must be safe and must not impair the specified performance of the devices. Any restrictions on use must be indicated on the label or in the instruction for use.” | The MDR has added an additional requirement regarding connections that are user dependent for combination devices. |
| “15. Devices with a diagnostic or measuring function” | 10. Devices with a measuring function” | The inclusion of diagnostic devices within the requirements of a measuring function is new to the MDR, emphasizing the need for validation of measuring functions in diagnostic devices. |
| “17.2 For devices that incorporate software or for software that are devices in themselves, the software shall be developed and manufactured in accordance with the state of the art taking into account the principles of development life cycle, risk management, including information security, verification and validation.” | “12.1a For devices which incorporate software or which are medical Software in themselves, the software must be validated according to state of the art taking into account the principles of development lifecycle, risk management, validation and verification.” | The MDR has set design and development requirements for software. This means that the D&D software process must be managed by means of documented inputs, outputs, risk assessments, verifications and validations |
Gsap will be happy to support you in getting ready for the MDR storm!
This Newsletter Prepared by:
Ossie Milanov, BA
Quality & Regulatory Project Manager