From The Editor | April 11, 2018

MDTX Was A Cure For The "Regulatory Blues"

Bob-Marshall-headshot

By Bob Marshall, Chief Editor, Med Device Online

mdtx-marshall

There are four characteristics that can make or break a medical device event for me: energy, learning, community, and fun. Last week, I attended the Medical Device Technology Exchange (MDTX) show at the Meadowlands Expo Center in New Jersey, and MDTX delivered on all four of my priorities. Some of you may be familiar with this show from its previous incarnation as the 10X event. The driving force behind 10X -- now MDTX -- is Joe Hage, leader of the largest medical device group on LinkedIn. From my first talk with Joe about topics I might present, I could sense his energy, and I knew we were going to have fun!

In addition to talking about priorities and trends in the medical device industry, Hage and I got to know one another personally. When I shared that I was a guitar player and song writer, Hage told me about his passion for music. He is a member of Northwest Sound, a men's a capella chorus, and the Bellevue (WA) Chapter of the Barbershop Harmony Society. So when Hage joked with about me singing my presentation, I “joked” back about composing a song to begin my presentation. Ultimately, our joking became last week’s MDTX world premiere of “Regulatory Blues,” a tale of FDA misadventures set to an old blues riff in the key of G.

Last week’s MDTX event was a thought leaders' forum for medical device innovators who design, develop, or commercialize devices. There were interesting conversations with speakers and leading edge knowledge from experts about everything from concept to commercialization, and regulations to reimbursement. My own presentation was on recently released FDA guidance documents and how these new expectations might influence your next product development effort. Below are a few excerpts.

Reporting Age, Race, And Ethnicity Data In Clinical Studies

In a systematic review of 52 studies across a range of specialties, about 70 percent of the studies found evidence of significant and systematic mismatches that make it hard to apply trial findings to typical patient populations. It has become important to include information on age, race, and ethnicity as part of your marketing application in sections containing results of clinical investigations. A summary of any known, clinically meaningful age-, race-, and ethnicity-specific differences in disease course, outcomes, or benefit-risk profile should also be included in your 510(k) Summary and in your labeling.

Drug/Device Classification Issues

In previous guidance, the FDA controversially took the position that:

  • For a product with multiple therapeutic effects, each effect would be considered a “primary intended purpose” for the purposes of product classification, regardless of the extent to which such effects are responsible for the overall therapeutic action of the product
  • A product that depends even in part on chemical action within or on the body for any of its therapeutic effects would not be considered a device

If implemented, these policies would have resulted in more products being required to go through the more burdensome drug approval process. Also, the question of whether a product is a “similar or related article” may arise when products are in liquid, semi-liquid, gel, gas, or powder form. In the Final Guidance, the FDA clarified that products in such forms are appropriately considered “similar or related articles.” A final point to consider is that a product that has chemical action “could be a device if it does not achieve its primary intended purposes through [such] chemical action.”

Submissions Involving Cybersecurity

In this guidance document, FDA clearly outlined some risk management principles for addressing cybersecurity in device development and throughout the life cycle. To begin, hazard analysis, mitigations, and design considerations pertaining to intentional and unintentional cybersecurity risks associated with your device must be identified and documented. A traceability matrix that links your actual cybersecurity controls to the cybersecurity risks that were considered must be included. The guidance requires a summary describing the plan for providing validated software updates and patches as needed throughout the lifecycle of the medical device.

Also, a summary describing controls that are in place to assure that the medical device software will maintain its integrity from the point of origin to the point at which that device leaves the control of the manufacturer is required. Finally, device instructions for use and product specifications related to recommended cybersecurity controls appropriate for the intended use environment (e.g. anti-virus software, use of firewall) must be documented.

It was obvious from spending a couple of days at MDTX that Joe Hage is a connector of people. One does not build a LinkedIn group for medical device professionals with 350,000+ members without providing something of value. I look forward to my next opportunity to learn from and share with my colleagues at a future MDTX event!