wetgeving

LS&R 794

Richtlijn vergelijkende reclame medische (zelfzorg)hulpmiddelen met -geneesmiddelen

Richtlijn vergelijkende reclame medische (zelfzorg)hulpmiddelen met (zelfzorg)geneesmiddelen, versie: December 2013 Binnen de zelfzorg is de markt voor medische hulpmiddelen sterk in beweging. Relatief veel, recente productintroducties binnen de zelfzorg hebben de wettelijke status van medisch hulpmiddel. Er wordt derhalve relatief veel promotie voor medische hulpmiddelen gemaakt. Sinds 2009 is de Code Publieksreclame Medische zelfzorg Hulpmiddelen (CPMH1 ) van kracht. Deze Code stelt binnen de zelfregulering kaders en regels voor verantwoorde reclame. Eind 2010 is deze Code met onder meer adverteerders geevalueerd. Dit heeft geleid tot een nieuwe versie van de CPMH die begin 2011 van kracht is geworden. De Keuringsraad KOAG/KAG krijgt steeds vaker (reclame-)uitingen ter beoordeling, waarbij medische hulpmiddelen worden vergeleken met geneesmiddelen Deze richtlijn geeft, binnen de het huidige wettelijke en zelfregulerende kader, een richtlijn voor vergelijkende reclame met medische hulpmiddelen om zo verantwoorde reclame mogelijk te maken en te houden.

Kort samengevat:

  • Vergelijkende reclame van een medisch hulpmiddel met een zelfzorg geneesmiddel is mogelijk;
  • De vergelijking mag niet over de therapeutische werking mag gaan, maar kan wel op alle andere eigenschappen betrekking hebben;
  • Bij de toetsing door de Keuringsraad op plausibiliteit, moet adverteerder
    een objectieve, wetenschappelijke onderbouwing aanleveren.
LS&R 500

Unannounced notified body visits recommendation imminent – amend your contracts and procedures now!

Een bijdrage van Erik Vollebregt, Axon Lawyers, medicaldeviceslegal.com

While everybody is running around about the MDR and IVD regulations proposals another storm is brewing in the wings: unannounced audits, which I announced earlier. Currently notified bodies “may” do unannounced audits under the EU medical devices rules. Now they will be required to do a minimum amount of unannounced audits. Required? Yes, EU member states may require this as condition for accreditation of the notified bodies. Will they? Most certainly. Some have already started to require notified bodies to do unannounced audits already now, as a straight consequence of member state action requested by the Commission pursuant to the Commission’s Dalli market surveillance action plan. With all the political turmoil about EU medical devices regulation underperforming in the safety department, it is not an option for a member states to refrain from increasing market surveillance. If they can actually afford to – but that’s another discussion, because what has two thumbs and will be picking up the bill for unannounced audits? Correct: the manufacturer. As you will see below, member states are already planning to use notified bodies to indirectly inspect manufacturers for them.

I have puzzled together some information that gives you a look under the hood of the impending Commission Recommendation that we already had on the horizon. I also benefited a great deal from the insights of Gert Bos of BSi, one of the persons that really knows what is going on in devices regulation in Europe, that he presented at the MD Project event on 25 March in the Netherlands.

Timing and status
We know that the Commission Recommendation is almost finished, with an anticipated release date somewhere in May 2013. The release will concur with the anticipated Commission decision on the designation of notified bodies. The document is in version 18 now and has reportedly been approved by the service juridique (legal service) of the European Commission, so it is more or less in final form. It will be immediately applicable when published, which will trigger applicability of the unannounced audits section in the notified bodies code version 3.0 (more about that below). The instrument of a “recommendation” is a first in medical devices world, because none of the current guidance documents has this status. A recommendation is more ‘law’ than MEDDEV and carries far more political weight, because a MEDDEV is a consensus statement of the member states of the European member states’ authorities and a recommendation is issued by the Commission itself aimed at harmonising member state practice.

Goals
The recommendation has two goals:

consistent application of conformity assessment
laying down general principles for unannounced audits and inspections
The document has three annexes. Annex I applies to audits where the manufacturer applied for design dossier examination or type examination. Annex II applies to audits where the manufacturer applied for quality system assessment. Annex III concerns unannounced audit methods and methodology.

Annex I: design dossier / product assessment
This annex contains 7 points, of which some are new:

Notably new: the notified body should review if there is an up to date and complete tech file for all variants and trade names of device (compared to the current usual question: does the documentation produced by the manufacturer check out?). The notified body should do verification of products, e.g. by means of taking and testing products on manufacturer’s costs. It will be big fun when a notified body schlepps off an entire MRI unit and bills you for it, and this is not a hypothetical possibility -said Gert.
Annex II: Quality system
18 points, points 15-18 new:

Traceability must be implemented throughout supply chain – I presented about this subject on the same event and discussed how contracts in the supply chain must be structured to reflect this and what will change under the new MDR proposal.
PMS: audit will also cover whether necessary improvement of devices was initiated.
QMS: checks will address that QMS and changes are up to date.
Mandatory annual surveillance audit is mentioned (“at each annual surveillance audit ntofied bodies should verify that the manufacturer correctly applies the approved QMS and PMS plan”)
This annex reflects a strong suspicion towards outsourced elements in supply chain. More specifically notified bodies are to refrain from working with manufacturers unless they receive access to all critical subcontractors and crucial suppliers (and, consequently, to all sites where the devices or its crucial components are produced) regardless of length of contractual chain between manufacturer and subcontractor or supplier. Manufacturers are to integrate their subcontractors’ QMS in their own as much as possible. You can imagine how nice this will be for subcontractors that produce for several manufacturers. The Commission wants Own Brand Labeling to end (piggybacking on other parties’ certificates). OBL is not acceptable in the eyes of the Commission if the OBL does not have full access to all documentation relating to the reference device. In my experience the supply chain contracts that regularly cross my desk are completely unprepared for this.

Annex III: principles of unannounced audits of manufacturers and subcontractors
5 points:

al least every 3 year unannounced audit
critical subcontractors or suppliers can be visited (make sure you amend contracts – inability to visit subcontractor or critical supplier is ground for immediate revocation of certificate)
production sample checking (file review and witness test – or take sample and outsource test on manufacturer if on site test not possible)
high risk devices – sampling logical for spot tests
activity on-going at time of audit will be audited
The manufacturer must always be ready to accommodate a notified body unannounced audit, also at third parties such as subcontractors and critical suppliers. As a notified body already commented at the RAPS conference last year: as soon as you start your production you must be ready for unannounced audit; if you are not, don’t start production. Supply chain parties must make this possible and account for it in their contracts. If they do not, there is no excuse and the notified body will issue a major nonconformity. In case of limited production runs, the notified body must know when the runs are to be able to show up unexpectedly. The manufacturer pays for notified body for local security measures required, for example body guards.

Member states are free to require application of the recommendation of their notified bodies – and they will in practice because of the pressure put on them in the Dalli action plan.

The recommendation requires that a notified body must establish secret audit plan for manufacturers. Notifed bodies are presently meeting regularly to compare notes on best practice and what works and does not between themselves in unannounced audits.

Notified body code v. 3.0; entry into force of recommendation and code
The new notified body code v 3.0 announced part enters into force immediately upon entry into force of the recommendation, which we already saw coming. The recommendation will enter into force upon publication, as far as I know – NO transitional period. The code has important language on risk management for audit frequency, and I have discussed that before here. It also contains a heading for devices that are often non-compliant – more visits. Gert informed us that authorities are now starting to use notified bodies as extension more and more: they tell notified bodies where to do an unannounced visit if they see spikes in trending of complaints.

So…
Better start preparing pronto by writing procedures and amending those agreements in your supply chain, because as Gwen Stefani sings: “this sh*t is bananas”. And it will hit the fan this May – less than two months! – with no transition period. That just goes to show the political pressure behind all of this. Questions? I’m here.

LS&R 455

“Swedish Document” reloaded – a new boost for medical devices standalone software regulation

Een bijdrage van Erik Vollebregt, Axon Lawyers, medicaldeviceslegal.

Sweden is a lovely and industrious country that takes engineering very seriously; the small Scandinavian country that we know from its boxy but good cars also builds its own fighter jets (pretty good ones actually) and is determined to put its mark on the regulation of standalone software under EU medical devices law. The Swedish competent authority Läkemedelsverket has now issued a new version of the famous Swedish Document with the obvious agenda to influence guidance on standalone software under EU medical devices law in the way it has done before with MEDDEV 2.1/6.

Let’s take a look at the document, keeping in mind that the Swedish authorities tend to want to interpret the scope of ‘medical device’ with regard to standalone software wider than most EU countries. An indication of this is that on p. 17 it is stated that

“It is important to bear in mind that it is both the functionality of a product as well as the intended purpose stated by the manufacturer that determines whether software is qualified as a medical device.”

This is in contradiction with the case law of the European Court of Justice, which recently ruled in the Brain Products case that the intended purpose assigned to a device by the manufacturer determines its status as medical device, and not its functionality. Although the court was not as clear as it could have been – as I have argued – it held  that using functionality as a deciding criterion would lead to regulation as medical devices of many devices that could be used as a medical device but are intended for other purposes, so this is the wrong way to interpret the concept of ‘medical device’.

This agenda of  Swedish Authorities is pretty transparent when the report goes on to say that

“However, there are information systems for the health care sector where the manufacturer has not defined their device as a medical device, but still it could affect the safety for patients under certain conditions. Health care providers should in these instances still consider if those systems should be handled with the same awareness of safety as if it had been a medical device.”

and

“On the Swedish market most RIS are for instance CE marked as medical devices.”

In other words, we would actually like to regulate software of which the use in clinical settings could carry risk for patients, even though the report itself says that risk as such can never be a deciding criterion (p. 13). The report also doesn’t mention that the Swedish market is pretty unique in this respect and that this perspective is not shared by most other national authorities in the EU. I have it on good authority that there was also controversy about this between the member states when they were discussing the text for MEDDEV 2.1/6. Just so you know that this is clearly one view at one end of the regulatory spectrum.

As with the initial version the report provides a lot of useful detail and examples. Compared to the existing EU MEDDEV the report contains useful guidance on

- software as service (para 4.1.5), clarifying that this can of course also be a medical device;
- smartphone apps (para 4.1.6), clarifying that an app that qualifies as medical devices does not necessarily makes the phone as such or the combination of the two a medical device; and
- ‘home brew’ standalone software (para. 4.3), clarifying that one should approach this along the lines of the thinking surrounding home brew IVDs.

The appendix to the document is well worth reading and contains several separate annexes on interesting subjects with a lot of practical information and guidelines:

Annex 1. Risk management

Annex 2. Standards and recent development of standards

Annex 3. Clinical evaluation of medical information systems

Annex 4. Networks

Annex 5. Procurement and issues referring to CE marking (most interesting for me personally, as it discusses tendering strategy for software systems)

Annex 6. Product examples (the largest part of the document, with 19 case studies of software examples. Exercise with caution however, as the Swedish authorities tend to draw the scope of the concept ‘medical device’ wider than others).

All in all a very worthwhile read indeed and guaranteed to provoke discussion in the process surrounding the revision of the standalone software MEDDEV 2.1/6. Also, the annexes provide useful practical examples for the growing apps and other software industry about how conformity assessment for a software medical device works.

However, I think the report could have done better at discussion of the concept of accessory. The report stops at the statement that “[s]tandalone software can, without having a medical purpose of its own, be essential to maintain an intended function of another medical device. It can then be an accessory to a medical device.” This is not a very precise statement at all. I, personally, think that the definition of accessory is extremely important, as the discussion of several examples of modular systems in the report shows when it discusses how non-medical modules can still be regulated as accessories to the medical device module. I think it is even more crucial to develop a position on the concept of accessory in view of the considerable extension in scope in the current proposal for the new regulation on medical devices and the proposal for a new regulation for IVDs to include devices that not only “enable” but also “assist” a medical device in achieving its intended purpose. The definition of this humble little concept will have a severe impact on regulation of standalone software in networks and systems, and, consequently, all eHealth, telemedicine and mHealth services that rely on networks and systems.

Erik Vollebregt

LS&R 286

New EU medical devices regulations proposals out – first impression: nothing unexpected but devil is in the details

Een bijdrage van Erik Vollebregt, Axon Lawyers.

Today was a big day with a half hour press conference by Commissioner Dalli (for Twitter summaries see here and here) to festively launch the two much anticipated EU medical devices regulation proposals (one for general medical devices, including active implantables, and one for IVDs).

The generalities of the proposals, as you can read in the press release and the Commission’s communication on the subject, are not a surprise given what we already know. However, the devil is in the details and there are some significant changes in specific matters. For those not interested in details: see the ultra short summary by Reuters. For those that are interested in some gems already unearthed, check Robert van Boxtel’s timeline on twitter.

I hope you will forgive me that the below analysis is not comprehensive: the entire proposal for the general medical devices regulation alone is 194 pages and I am sure I have missed a few points. I won’t discuss the new IVD regulation proposal in this post, but I could establish that my earlier blog on what I expected it to be was pretty accurate and will discuss that at a later occasion.

I am planning to do a series of blogs to discuss distinct parts of the regulation, so this is just a first and very personal impression of what jumped out at me in the proposal for the general medical devices regulation (MDR).

In a nutshell the aim of the MDR is that supervision of notified bodies, conformity assessment procedures, clinical investigations and clinical evaluation, vigilance and market surveillance are significantly reinforced, whilst provisions ensuring transparency and traceability regarding devices are introduced. Eucomed is happy with it because much stays the same (no PMA) except for the scrutiny procedure (see below), but their worst fears may still come true in the legislative process that the proposal has now entered.

lees het gehele artikel hier.

With permission, CC-BY-SA medicaldeviceslegal.com.