From May 26, 2020 onwards, medical device manufacturers operating and/or selling within the European Union must comply with the Medical Device Regulation (EU 2017/745), or “EU MDR”. This regulation’s objective is to improve patient safety by evaluating existing devices (e.g. through more stringent post-market surveillance and post-market clinical follow-up) and ensuring transparency throughout a device’s lifecycle once it has gone to market.
In a recent survey conducted by KPMG and RAPS, however, 66% of respondents said they hadn‘t yet started planning for the long-term ramifications of MDR compliance, and only 27% believed they would be fully compliant by the cut-off date in May 2020. This article examines how the future of medtech will be impacted by the new European regulation.
Under EU MDR law, post-Market Surveillance (PMS) will become an integral part of most manufacturers’ quality management system (QMS). This means that they will need to gather and demonstrate much more evidence on whether their devices are actually fulfilling their intended purpose in the market or not. They must also identify and potentially eliminate underperforming devices from their portfolios.
The amount of data companies must collect as part of this new requirement will give them access to unprecedented insights which could help improve products and devices, shifting from mere compliance to a higher overall quality standard. In light of the MDR, companies can take advantage of a stronger product differentiation and an improved ability to design and promote products to key decision makers. Gathering clinical evaluation data and real-world evidence (RWE) to back up product marketing could also lead to completely new or improved marketing claims, thus driving market adoption.
Some experts predict that up to 50% of medical devices could be taken off the market as a result of the MDR. Although this sounds daunting, it will enable manufacturers to invest their efforts into their most valuable devices and grow their market share. As part of their portfolio rationalization, manufacturers will be able to see which products may no longer be worth their investment and discontinue them or sell them off to larger companies. The mandatory unique device identification (UDI) system will also help detect and report counterfeit products more easily, thus de-cluttering the market and further improving safety.
Improved risk management and transparency
Unlike the MDD (Medical Device Directive), the MDR states in Article 10 (2) that manufacturers must establish, document, implement and maintain a risk management system (RMS) as part of their QMS. Better identifying, analyzing, and communicating known and foreseeable hazards will better protect patients in the long term. New sanctions, such as fines or even prosecution, are meant to ensure that manufacturers actually follow through with their RMS and always have patients’ best interests at heart.
The MDR will also help to mitigate liability: Should the safety of a medical device or product ever be called into question, manufacturers will need to act quickly. In addition to protecting the patient, this will also reduce the company’s liability, since their reaction time must be kept to a minimum. Incidents need to be reported either immediately or within a given number of days (two to 15), depending on the severity. The amount of data manufacturers will have gathered as part of their PMS by then will also help them build a stronger defense case if necessary.
On the end-user side, patients and medical staff can expect increased traceability and transparency – leading to long-term empowerment. Since manufacturers will need to proactively gather and report on user feedback as part of their PMS, patients will have a clear say in the efficacy of products, how they will be modified, which should stay on the market, and which should be removed.
Some examples of what the MDR aims to find out from patients include:
- Is the device fulfilling its promised use?
- Are patients overusing or underusing a device?
- Are they using the device’s default settings or having to change them every time?
With the EUDAMED database becoming publicly available in May 2022, patients will be able to make more informed decisions about devices by researching them ahead of usage. Patients with implants will receive a registration card with access to information about the manufacturer and their safety records.
New roles for notified bodies
Finally, medium-risk and high-risk medical devices will require review by a Notified Body (NB). Their role will be to ensure that devices at every stage, from design through quality control to ongoing surveillance, comply with the regulation. For example, NBs will be obliged to enforce regulation through unannounced audits of manufacturers’ processes, and manufacturers may need to amend their contracts with subcontractors and/or suppliers as a result.
For NBs to be able to issue MDR certificates (such as the CE mark), they need to be re-certified according to MDR. This designation process consists of four steps and will take about 18 months per NB. We should expect some delays in the review and certification process. Furthermore, it is likely that not all current NBs will remain in business; the number has been declining since 2012, and as of November 20th, 2019, just seven NBs have been MDR-certified. A current list can be found via the NANDO database.
On a more positive note, the more rigorous surveillance and scrutiny by NBs will mean that risks from unsafe devices will be drastically reduced. Manufacturers should prepare for these changes well in advance to ensure a smooth transition to MDR.
A paperless world
According to MDR Annex III, manufacturers’ technical documentation must be presented in a “clear, searchable and unambiguous manner”. Until now, many affected companies have been working with unstructured data collection and sharing systems, such as paper, Excel or email. Since these systems are cost-inefficient, unsafe and likely to struggle in the post-MDR era, we can expect a surge in companies moving their technical documentation into the cloud.
As such, we will see more and more manufacturers embracing a holistic, digital solution that is accessible to all involved stakeholders. Some of the benefits manufacturers will see in the long term include improved collaboration and transparency, the elimination of silos, and more efficient information management processes. They will also be able to react to serious incident more quickly, further mitigating potential safety risks.
To protect data from cybersecurity risks, however, certain security requirements must be met, such as data pseudonymization, appropriate encryption schemes, and consistent back-up strategies.
A new chapter for medtech
Despite the amount of bureaucracy, increased costs, and longer waiting times the EU MDR may entail, it clearly has the potential to fundamentally change the medtech industry for the better. If companies prepare well ahead of time and are willing to digitize their processes and seize the power of electronic data capture, they will be able to utilize the regulation as a true lever for growth.
Photo: AlxeyPnferov, Getty Images