This code varies with each production and can include details like the manufacturing date and serial number, useful for tracking the device’s production specifics.
If you fail to initiate a CAPA when one is needed and the FDA identifies one through inspection, you can receive a 483 notice that mandates that you investigate and fix the problem.
This diagram can be helpful during the CAPA process when you are trying to determine the root of a problem affecting your device. It can help you visualize the relationship between problems as well as their potential causes.
An approach to software development that emphasizes flexibility and iterative development. By allowing for the release of a basic version of the software early in the development cycle, agile offers a quicker path to market. Feedback from your early design users is integrated into successive updates to refine and enhance the product. This process helps ensure the software evolves in alignment with user needs and regulatory requirements, while accelerating time-to-market.
A register of suppliers that you create who have been thoroughly evaluated and vetted to meet your quality, regulatory, and performance standards. You will maintain and periodically update the list to ensure that all components and materials used in production are sourced from reliable and compliant partners.
This article sets forth the requirements and guidelines of the PRRC role and their responsibilities.
An article related to the Corrective And Preventative Action (CAPA) process that defines the use of Field Safety Corrective Actions (FSCAs) and Field Safety Notices (FSNs)
A person or company within the EU that a foreign manufacturer designates to act on their behalf in ensuring their medical device complies with EU regulations.
A broad category of technologies used to collect information from an individual, object, image or sound without manual data entry (ex. a barcode)
A key identifier used primarily for administrative and regulatory documentation, connecting all related records for devices with the same intended use, risk class, and design. It serves as the access key for device-related information in the EUDAMED database, streamlining regulatory submissions and maintaining consistent records across health systems.
This signifies that products sold in the EEA have been assessed to meet high safety, health, and environmental protection requirements.
The process of managing all changes made to a product or system. It ensures that no unnecessary changes are made, all changes are documented, and that services are not unnecessarily disrupted. This process is crucial for maintaining compliance with regulatory requirements, ensuring traceability, and confirming the safety and efficacy of the device.
A systematic process that assesses and analyzes clinical data pertaining to a medical device to verify its safety and effectiveness before it is marketed.
A study conducted with human participants to collect data on the safety and performance of a medical device.
An audit of your company’s processes and your medical device’s technical data to make sure that they meet the EU’s standards and regulations required to be on the market.
A process that helps your company identify and fix issues with your product. Issues may be due to adverse events, nonconformities, complaints, a defective component, or if your device is simply not working the way it should.
A quality management process that rectifies identified issues and/or implements measures to prevent future problems.
It involves taking steps to fix existing non-conformities and proactively addressing potential risks before they materialize. This process ensures products meet strict safety and quality standards.
CRMs like Salesforce are platforms designed to manage detailed customer interactions and data. These systems support compliance processes, including the management of customer complaints.
A formal statement issued by the manufacturer affirming that a medical device meets all applicable EU regulatory requirements. It includes details about the device, the applicable standards, and the manufacturer’s responsibilities. The Declaration of Conformity is a legal document that must accompany the technical file for the device and is necessary for obtaining the CE mark.
A set of regulations that govern the safety and performance of in vitro diagnostic devices within the EU. This applies to devices concerning the examination of specimens such as blood and tissue to understand predisposition, treatment, response or other information in relation to a medical condition or disease.
A set of legal requirements to ensure the safety and performance of medical devices that come into direct contact with humans, sold within the EU. This applies to products from bandages to implantable devices.
A report that summarizes the results and conclusions of the analysis of the post-market surveillance data gathered as a result of the Post-Market Surveillance Plan. The comprehensive report that presents an evaluation of the risk-benefit balance of a product, considering all available information since the product was marketed or since the last report.
It includes data on the product's safety, including side effects, incidents, any corrective actions taken, and any new indications or modifications in usage based on real-world evidence. The PSUR helps regulatory authorities continuously monitor products' safety and effectiveness. A PSUR is only required for Class IIA, IIB and III devices.
This process involves the continuous monitoring and collection of clinical data on a medical device after it has been approved for use. This data helps to confirm the safety and effectiveness of the device throughout its expected lifetime.
PMCF activities can include clinical trials, registry studies, and the review of relevant scientific literature.
A requirement for all Class I medical devices under the EU MDR framework. It provides a summary of post-market surveillance data, detailing the safety and performance of devices collected through post-market surveillance activities in your post-market surveillance plan.
This database provides a picture of the lifecycle of medical devices, integrating different electronic systems to collate and process information about medical devices and related companies (e.g. manufacturers). EUDAMED aims to enhance overall transparency, including access to information for the public and healthcare professionals, and to enhance coordination between the different Member States in the EU.
A database that provides a list of all notified bodies for each product legislation.
During the CAPA process, if you’re having trouble identifying the cause of a problem that is affecting your device. This can be useful because it forces you to review all components, assemblies, and subsystems to identify any failures and their potential causes and effects.
This diagram can be helpful during the CAPA process when you believe the problem affecting your device has multiple causes. This can break down the causes by level and visually display how complex problems can combine to result in a singular outcome.
An action taken by a manufacturer for technical or medical reasons to prevent or reduce the risk of a serious incident or injury to users in relation to a device made available on the market.
A communication sent by a manufacturer to users or customers in relation to a field safety corrective action.
A systematic process used to compare a company's current compliance status with the requirements outlined in regulations, such as MDR or IVDR. This analysis identifies "gaps" where the company’s documentation, procedures, or product features fall short of meeting regulatory standards.
Safety and performance requirements, standards, common specifications, and scientific advice for conformity assessments.
The printed characters that accompany a barcode or other data carrier.
A standard that provides a framework for the lifecycle processes of medical device software, including the use of SOUP.
Specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.
An international standard that outlines the requirements for a quality management system specific to the medical device industry.
ISO 13485 focuses on ensuring product quality through risk management, company processes, regulatory compliance, and maintaining effective product processes for the safe design, manufacture, and distribution of medical devices.
It is applicable to organizations regardless of their size or type, except where explicitly stated, and provides a framework for implementing regulatory and quality management system requirements globally.
A general quality management certification that is not specific to medical devices. It emphasizes a process-based approach to improving customer satisfaction, which just means that it has a compliant QMS in place.
Codes that apply to your device based on how the device works, designated by the European Commission. MDR codes are what Notified Bodies use to determine if they can review your device. Each Notified Body can review only certain types of devices and the MDR codes are used to distinguish between those types of devices.
A medical device, according to the FDA, is an instrument, apparatus, implement, machine, contrivance, implant, in vitro reagent, or other similar or related article, including a component part or accessory which is:
- recognized in the official National Formulary, or the United States Pharmacopoeia, or any supplement to them,
- intended for use in the diagnosis of disease or other conditions, or in the cure, mitigation, treatment, or prevention of disease, in man or other animals, or
- intended to affect the structure or any function of the body of man or other animals, and which does not achieve its primary intended purposes through chemical action within or on the body of man or other animals and which is not dependent upon being metabolized for the achievement of any of its primary intended purposes.
‘medical device’ means any instrument, apparatus, appliance, software, implant, reagent, material or other article intended by the manufacturer to be used, alone or in combination, for human beings for one or more of the following specific medical purposes:
- diagnosis, prevention, monitoring, prediction, prognosis, treatment or alleviation of disease,
- diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or disability,
- investigation, replacement or modification of the anatomy or of a physiological or pathological process or state,
- providing information by means of in vitro examination of specimens derived from the human body, including organ, blood and tissue donations, and which does not achieve its principal intended action by pharmacological, immunological or metabolic means, in or on the human body, but which may be assisted in its function by such means.
The following products shall also be deemed to be medical devices:
- devices for the control or support of conception;
- products specifically intended for the cleaning, disinfection or sterilisation of devices as referred to in Article 1(4) and of those referred to in the first paragraph of this point.
A system utilized by the FDA that catalogs and collects information about customer complaints about medical devices.
A harmonized standard that allows the conduct of a single regulatory audit of a medical device manufacturer's QMS which satisfies the requirements of the United States, Canada, Japan, Brazil, and Australia. This streamlines the auditing process for manufacturers by reducing the number of audits needed, while maintaining compliance with the regulatory standards of all participating countries. This is very similar to ISO 13485.
Independent certification organizations designated by EU Member States to assess if a medical device or system meets the requirements for CE marking.
An expert that you employ internally or outsource to a firm whose job is to ensure your devices follow regulatory guidelines. They must possess the requisite expertise in the field of medical devices. This experience can be a relevant degree coupled with a year of QMS experience in medical devices or 4 years of experience with no degree.
The process of monitoring the safety and effectiveness of a medical device after it has been released on the market to ensure that any potential issues are identified and addressed in a timely manner.
PMS activities can include the collection and analysis of data related to device performance, adverse events, patient feedback, and clinical outcomes.
A structured set of policies, processes, and procedures designed to ensure that devices meet stringent quality and safety standards. These systems are governed by the International Organization for Standardization (ISO), specifically ISO 13485, which pertains to medical device standards.
A process for manufacturers to assess and declare that their medical device conforms to applicable EU regulatory requirements without the need for an independent conformity assessment by a Notified Body. This option is available for low-risk devices where the manufacturer assumes full responsibility for ensuring that their product complies with relevant safety, performance, and quality standards before placing it on the market. The manufacturer must maintain technical documentation and affix a CE mark to indicate compliance.
Refers to software intended to be used for medical purposes that perform these purposes without being part of a hardware medical device. This includes software that supports the diagnosis, prevention, monitoring, or treatment of diseases.
SiMD refers to software that is integrated into and essential for the functionality of a medical device, playing a role in its core operation. Unlike Software as a Medical Device (SaMD), which functions independently on general computing platforms, SiMD depends on specific hardware to perform its medical functions. This software is subject to regulatory oversight just like any other component of a medical device.
A term used across industries to describe software whose safety, performance, and potential risks are not fully known because it was not developed by the device manufacturer themselves. This includes off-the-shelf (OTS) software that has not been developed with a known software development process or methodology and could include anything from an operating system, a database management system, or even a software library.
A formal document that outlines precise steps for specific operations related to the manufacturing, testing, and handling of medical devices, ensuring compliance with regulatory standards and maintaining quality and safety.
This graph is helpful during the CAPA process because it can help you monitor if a process is stable or in control over time. This can reveal trends, shifts, or significant variations. This is especially useful if your process is measurable and you have specific process control limits for the problem you’re experiencing.
A requirement for Class III and implantable medical devices. It provides a concise overview of a device's safety and clinical performance, including relevant clinical evaluation data.
The SSCP is intended to be accessible to the public, especially healthcare professionals, to aid in informed decision-making about using these higher-risk devices. It includes but not limited to information about the device's intended purpose, indications, contraindications, summary of clinical evaluation, and any residual risks associated with its use.
An entity that provides essential materials, components, or services used in the manufacture, operation, or maintenance of medical devices.
A contract that outlines the terms, conditions, and expectations between a medical device manufacturer and a supplier. This agreement typically includes details on product specifications, quality requirements, delivery schedules, pricing, and compliance with regulatory standards. It serves to ensure that both parties understand and commit to their roles.
A designation that a supplier is verified to meet specific regulatory and quality standards before they can provide materials or services. There are two main certifications, ISO 9001, which is more generalized, and ISO 13485, which is specific to medical devices.
A formal request issued by a medical device manufacturer to a supplier to initiate corrective actions due to problems identified in supplied products or processes. This process is part of the quality management and supplier management systems, ensuring that all components and materials meet quality standards. The SCAR process involves the identification, documentation, correction, and prevention of recurring issues.
Supplier management begins with a selection process that evaluates potential suppliers based on credentials, capabilities, and regulatory compliance, followed by negotiating terms and establishing clear expectations for performance and quality. This process also encompasses managing ongoing relationships to maintain supply chain integrity and product quality.
This is the means of conveying the UDI by using AIDC and, if applicable, the HRI. The UDI carrier (AIDC and HRI representation of the UDI) shall be placed on the label or on the device itself and on all higher levels of device packaging.
A code that is specific to a device model, offering detailed information as outlined in specific regulatory annexes, and it remains consistent across different units of the same model.
An order that mandates that manufacturers conduct further studies to assess the device's safety and effectiveness in a real-world setting. It is typically applied to higher-risk devices, such as those that are implanted or life-sustaining, to ensure ongoing public health protection and address specific concerns that arise after the device is in use. These orders can be issued anytime, rather than just during the approval process.
This exemption allows for the marketing of medical devices intended to treat or diagnose diseases affecting fewer than 8,000 individuals annually in the U.S. These devices may not have to demonstrate effectiveness but must prove safety and probable benefit.
Studies that the FDA may require after PMA approval to gather additional information about a product's safety, effectiveness, or optimal use, often to address specific questions about the post-market performance of advanced medical devices.
The FDA's process of scientific and regulatory review to evaluate the safety and effectiveness of Class III medical devices, which are those that support or sustain human life or present a potentially high risk of illness or injury.
This combines the FDA's Quality System Regulation (QSR) regulations and ISO 13485. It refers to the set of standards and regulations that govern the quality management systems of medical device manufacturers.
These regulations outline the processes, procedures, and documentation required to ensure that medical devices are consistently designed, produced, and controlled to meet specified quality standards.
The aim is to ensure the safety and effectiveness of medical devices throughout their lifecycle, from design and manufacturing to distribution and post-market surveillance. In the U.S., the FDA enforces these requirements under 21 CFR Part 820, while internationally, ISO 13485 is widely recognized as the standard for medical device quality management systems.
Outlined in 21 CFR Part 820 and establishes the requirements for the quality management systems of manufacturers and suppliers of medical devices intended for the U.S. market.
The regulation encompasses the methods and documentation for the design, testing, production, control, quality assurance, labeling, packaging, storage, and shipping of medical devices. It requires manufacturers to implement a comprehensive quality system that covers all stages of a device's lifecycle, from initial conception to delivery and post-market surveillance.
The QSR is critical for compliance with FDA regulations and is foundational for maintaining high standards of quality and safety in medical device manufacturing. In 2024, it was combined with ISO 13485 and is now called the QMSR.
A series of numeric or alphanumeric characters that is created through internationally accepted device identification and coding standards and that allows unambiguous identification of specific devices on the market.
A digital platform used to manage and track quality processes and documents. It facilitates compliance with regulatory standards by integrating document control, post-market monitoring, audits, supplier management, and other quality-related activities into a unified system.
