Managing Downside Risks After Launch – Post Market Best Practices for Connected Medical Devices

When advanced medical device (AMD) startups are in the thick of device design and development, getting to market is the light at the end of the tunnel. While Go To Market (GTM) approval is a huge milestone, a market launch is simply the start of an even longer marathon that doesn’t end until the device is no longer in service.

Because medical devices in the marketplace bump up against real humans, the FDA is very clear about AMD manufacturers’ responsibilities for postmarket reporting.

“Medical device manufacturers, as well as other firms involved in the distribution of devices, must follow certain requirements and regulations once devices are on the market. These include such things as tracking systems, reporting device malfunctions, serious injuries or deaths, and registering the establishments where devices are produced or distributed.

Postmarket requirements also include postmarket surveillance (PMS) studies required under section 522 of the act as well as post-approval studies required at the time of approval of a premarket approval (PMA), humanitarian device exemption (HDE), or product development protocol (PDP) application.”
Source: Medical Device Postmarket Requirements, FDA website.

In addition to section 522, the FDA has published regulations for reporting surveillance data and alerting the agency to medical device problems. They collect reports from medical device manufacturers, importers, and end-user facilities through their electronic MDR system (eMDR).

All conformity assessment standards, including ISO 13485:2016, now require manufacturers of any class of medical device to maintain a PMS system. If your market area includes Europe, the European Union also has its own regulations.

With that as a backdrop, let’s look at some ways to minimize downside risk after the market launch.

Assuming the Worst Case Scenario for Postmarket Surveillance

At its core, PMS is the process of gathering consistent feedback from devices and maintaining a reporting system that enables the capture of adverse events.

The PMS also fulfills another important function for updating and reporting information to relevant regulatory bodies. In the event of a problem, regulatory bodies need timely information and updates. They want to know what steps AMD companies are taking to remedy an adverse event and prevent it from happening again.

On May 16th, 2016, the FDA Center for Devices and Radiological Health (CDRH) published a guidance document with recommendations for PMS. The document is non-binding, but closely matches current regulatory requirements and incorporates best practices to give manufacturers a blueprint for success in the PMS process.

Every device is different. Consider working backward from a worst-case scenario tailored to your specific use case and device. What information would you need to have to salvage the best possible outcome? Add those considerations to your baseline for your PMS.

FDA requirements for Postmarket Surveillance

Below is a summary of the key requirements of PMS in the United States today. For more detail, you can view the FDA document 21 CFR Part 822.

The FDA has government authorization to require PMS for class II and class III medical devices that meet one of the following:

• Device failure would be reasonably likely to have adverse health consequences
• The device is intended to be implanted in the human body for one year or more.
• The device is positioned as a life-sustaining or life-supporting device used outside of a user facility

In the event of adverse event reports, the FDA has the authority to order PMS to assess the safety and effectiveness of devices with limited pre-market testing or to gather more information about devices in the marketplace in clinical practice.

FDA Postmarket Surveillance Order

When the FDA issues an order for a PMS plan, the plan must contain information that meets the impetus for the original PMS order. Typical information for PMS reports is as follows.

• Background of the device, regulatory history, description, and indications for use
• Purpose of the PMS plan
• PMS plan objectives and hypothesis
• PMS design
• Patient population (include inclusion and exclusion criteria for patients)
• Statistically justified sample size calculation
• Descriptions of the follow-up schedule, length, and assessment procedures
• Relevant data collection forms and description of data collection procedures and statistical analysis
• Primary and secondary endpoints, success criteria for the study, a list of possible adverse events or complications, and an intention to report unexpected adverse events
• Interim and final report schedules
• Analyses of Interim and final data
• Milestones/timeline elements

Now that you have a sense of what you would be up against, are there steps you could take to manage the downside risk? Let’s look at a couple.

Stay on top of regulatory standards

Assign a point person or work with an expert to handle the responsibility for staying on top of regulatory knowledge. As we’ve seen above, the starting place is that all connected medical devices must comply with FDA, EMEA, and other applicable regulations to ensure the safety and efficacy of the device. A point person on your team can monitor the regulatory environment for changes or red flags.

Beef up your surveillance plan

Your PMS system should proactively monitor performance, usage patterns, and potential user issues. In addition to collecting data from the device, data collection methods should include quantifying regular user interaction and customer feedback surveys.

Track the device’s performance to identify potential user issues, document changes, oversee testing updates or patches, and follow up with users continuously.

Prioritize Cyber Security

Cyber security is a major hot button right now. Ensure that connected medical devices are secure from potential cyber threats with robust security planning and regular risk assessments. This should include data encryption, authentication protocols, and other measures to protect sensitive patient information.

Prioritize user education

Educate users on the best practices for using connected medical devices, such as how to properly maintain the device, troubleshoot common issues, and what to do in an emergency. This knowledge will help users get the most out of their devices and ensure you are the first to know if there is a problem.

Moving Ahead

PMS is not only a requirement, but it is also a critical part of the AMD product life cycle. At Galen Data, we have talked many clients through their options for setting up their PMS system. It’s never too early to scope out your PMS system. Contact us today if you have questions. We’re here to help.