A Summary of Medical Device Standards - Earning & Keeping FDA Approval

FDA approval can be achieved in two ways:

  1. The 510(k) process, in which the manufacturer must provide evidence that the device they intend to market is “substantially equivalent” to a device already approved by the FDA
  2. The pre-market approval (PMA) process, which is required for all devices that cannot be approved under the 510(k) process

Share this
Share this

FDA approval can be achieved in two ways:

  1. The 510(k) process, in which the manufacturer must provide evidence that the device they intend to market is “substantially equivalent” to a device already approved by the FDA
  2. The pre-market approval (PMA) process, which is required for all devices that cannot be approved under the 510(k) process

Once a device is approved, its manufacture, marketing, post-market surveillance, and control of design changes is also regulated by the FDA. Post-approval requirements include constant surveillance of the efficacy of the quality management system, surveillance and reporting of adverse events, and adequate response to any problems that do occur.

While the FDA has jurisdiction over device pre-market approval and ongoing compliance after a device is on the market, it is not positioned to provide much consultation on whether or not a company is “doing well” leading up to application for approval or between post-market inspections. In other words, a company is essentially in a perpetual pass/fail situation with FDA regulators. FDA employees do not provide feedback until very late in the process of submission of a device for approval, and post-market inspectors are concerned primarily with looking for any places, however small, that might result in a device being designated “adulterated.”

The FDA’s limited consultation capacity leaves medical device designers and manufacturers vulnerable. The cost and delay of submitting a device for approval, only to find that your systems are inadequate to pass regulation, is enormous. Similarly, learning that a device is adulterated concurrent with an FDA inspection not only causes financial setback, but is a safety concern for end-users and patients. Fortunately, the standards provided by other bodies and regulatory organizations, such as ISO, IMDRF, and IEC, can be used to mitigate your company’s vulnerability and assure FDA compliance.

One of the most prominent examples of a supplementary standard is ISO 13485, a standard that outlines the necessary requirements for a medical device quality management system. Note that this is the same purview as Part 820: medical device QMS. But from a legal standpoint, compliance with ISO 13485 is completely voluntary, while compliance with Part 820 is required. The key to understanding how ISO 13485 and Part 820 relate is knowing that a company can become certified in ISO 13485. Certifying bodies for ISO 13485 offer the consultation and feedback on how a company is doing that the FDA cannot provide. After the initial inspection and certification of a company’s QMS, certifying bodies also require annual audits in order for a company to maintain its certification, which helps ensure ongoing compliance. Although the FDA is not concerned about whether a device manufacturer is ISO 13485 certified, the certification process gives a company feedback on whether or not the FDA is likely to discover problems in the company’s application for pre-market approval or a site inspection.

Other FDA guidance's, authored by CDRH, are also intended to provide an indication on whether or not a company is meeting FDA regulatory requirements, but once again the FDA does not consult on actual compliance between inspections. There is also no available certification for CDRH guidance's; it is the responsibility of each individual company to understand and accurately apply such guidance's.

That’s where a consulting company like Velentium can help. Our Subject Matter Experts have a combined over 100 years of experience designing dozens of medical devices, shepherding them through the approval and compliance process, and bringing them successfully to market. Reach out to us today to schedule a consultation and learn more.

Our next and final post in the Standards series will examine how to remain compliant with respect to risk management and control of the software life-cycle. If you’d rather not wait, click here to download our Standards white paper.

If you would like to be notified of when these posts go live, please sign up for up-to-date email alerts at the right of this page.

To learn more about Tim Carroll and his background in medical devices, click here.

Prev Post
Next Post