At the recent MedTech Conference in Pécs, Attila Juhász, consultant at SAASCO Ltd. delivered a presentation on the landscape of medical device regulation. His talk centered on the nuanced classification of medical devices, detailing the pivotal application and conformity assessment procedures that manufacturers must navigate. Juhász also highlighted the critical role of product marking. He provided a comprehensive understanding of the regulatory framework essential for advancing medical technology.
Classification of medical devices
Classification is a crucial element of the strategy. It happens through a similar process all over the world: medical devices are divided into low, medium, or high-risk categories. There is a slight international difference: in the US, there are three categories, while in the EU, there are four, with the medium category divided into two subcategories. In Canada, the EU system is used as a basis, but subcategories are ranked differently.
The higher the risk category of the device, the stricter the authorization procedure. There can be a cost difference of several magnitudes between placing a Class 1 or Class 3 device on the market in any region, Juhász explained.
About the authorization process
License applications are broadly similar. They all include a technical documentation, which is a declaration that the device is safe and performs adequately. The quality management system is designed to ensure what is then described and certified in the documentation: that each piece is produced the same way, is safe, and physically flawless.
This process is governed by the ISO 13485 standard for medical device manufacturers. The family of quality standards started with ISO911, on which 13485 is based.
About 90 percent of the work is compiling the technical documentation and then the application, usually to the market surveillance authority. In the US, this is the FDA, the regulatory authority for pharmaceuticals and health products. It's a two-step process, with medium and high-risk classes already having to involve a notified body. In this case, manufacturers apply to the notified body in question. Low-risk devices in Europe only require registration, while a similar procedure take place in the US.
Juhász highlights that this application is valid across all regions, however, it is an expensive process. In the US, for example, fees can range from 5,000 to 120,000 dollars for small businesses, depending on the procedure.
The authorities, usually notified bodies, evaluate the application. The assessment can be divided into three phases: first, the administrative assessment, then the product assessment (review of the technical documentation), and the assessment of clinical data. In the EU, this process takes place according to the guidelines of the MDR.
Today, hybrid, online, and offsite audits can take place, but separate from this is the audit of the quality management system itself. Once the whole package is in place, regulatory approval and certification take place by the notified body or another competent authority involved.
The role of product marking
Companies are required to place a form of marking on their products to enter the market, depending on the region. The CE marking might well be familiar to everyone in the EU, but there are also specific markings in the Russian and Chinese markets, as well as in every other region. For international products present in many countries, a specific barcode is required. In the EU, this is backed by a Declaration of Conformity (DoC), but we find a variation of this document in each region.
The main challenges of the process
We have a strict authorization procedure with a similar basis all over the globe, but regulations differ from region to region, Juhász points out. The average turnaround time depends on several factors, but the more of a novelty a product is and the more clinical trials or specific competence required, the longer it can take. The market is almost limitless, but the threshold to entry is relatively high.
How can your company cross this red line? Either you have to learn on your own, or you have to "take a sherpa", i.e., employ a consultant or use a solution like QTICS medical, where companies from many scientific fields have joined forces. The process requires the work of electrical and mechanical engineers, doctors, biologists, quality management specialists, cybersecurity experts, laboratories, etc.
These audits can take place individually, but companies have merged under QTICS Medical to offer a one-stop-shop solution. If the manufacturer comes to us, the whole project, or at least a significant percentage of it, can be carried out by this consortium. The situation is difficult but not hopeless. Though it will take time and persistence, it is possible to solve the regulatory challenges, Juhász concludes.
You can read the first part of the article here.