The new article highlights the aspects related to non-conformity which does not impose unacceptable risks to health and safety.
The Medical Device Coordination Group (MDCG), an advisory body of the European Commission (EC) responsible for medical devices regulation, has published a guidance document dedicated to the application of Medical Devices Regulation 2017/745 (MDR) to legacy devices initially certified under the Medical Devices Directive (MDD) or Active Implantable Medical Devices Directive (AIMDD), for which the respective certificate expire before the new certificates will be granted. The document provides an overview of the regulatory framework to be applied in order to ensure the uninterrupted availability of medical devices on the market while ensuring their continuous safety, effectiveness, and compliance with the applicable regulatory requirements. At the same time, provisions of the guidance are non-binding in their nature, nor should be construed as an official position of the EC. Furthermore, the recommendations provided in the document could be subject to changes, should such changes be reasonably necessary to reflect corresponding changes to the underlying regulations.
Non-conformity, but no Unacceptable Risk to Health and Safety
Under the general rule, medical device manufacturers are obliged to duly notify the respective competent authorities about the expected non-conformity of the products they are responsible for with the applicable regulatory requirements. This includes, inter alia, the situations when the certificates issued under the Directive, are expected to expire before the new certificates will be issued under the new regulatory framework established by the MDR. As further explained by the MDCG, for the purpose of an evaluation by the CA as to whether the (non-compliant) device presents an unacceptable risk to the health or safety of patients, users, or other persons, or to other aspects of the protection of public health (Article 94 MDR), the manufacturer should submit a report containing relevant data gathered through its post-market surveillance system (PMS), in particular data concerning incidents, serious incidents and/or field safety corrective actions. According to the guidance, the assessment a competent authority will undertake will be based on the data collected in the course of surveillance activities, as well as deriving from other sources. It is important to mention that apart from analyzing the data provided by the medical device manufacturer, the competent authority will also analyze all the data related to the device to that it has access to. Apart from this, the scope of such an assessment will cover the data collected and communicated by the notified body, including the reports on incidents and adverse events associated with the device in question, as well as the materials of surveillance audits performed.
Based on the information outlined hereabove, the competent authority will determine whether the product presents an unacceptable risk to health or safety. Should the authority determine that the medical device does not present an unacceptable risk, provisions of the Article 97(1) MDR could be applied. In particular, the manufacturer will have to follow the regulatory requirements applicable to “legacy devices”, including the ones related to post-market surveillance. Furthermore, it will be necessary to demonstrate compliance with the requirements related to the quality management system (QMS) the manufacturer shall implement.
The MDCG additionally emphasizes that the competent authority will continuously reassess the risks associated with a medical device in question based on the new information which becomes available. Should it be identified, based on the said information, that the device actually presents an unacceptable risk, the application of the aforementioned Article 97 MDR should be terminated.
Expected end of Non-compliance Within Reasonable Period of Time
As it was mentioned before, the regulatory regime described herein is temporary in its nature and is intended to ensure the uninterrupted availability of medical devices for which the initial certificates expire before the new ones are issued. Thus, medical device manufacturers are expected to reinstate compliance with the applicable regulatory requirements within a reasonable period of time. Hence, in order for the said provisions to be applicable, a party responsible for a medical device in question should actually take certain steps to ensure the prompt transition to the new regulatory framework set forth under the MDR. As explained by the MDCG, medical device manufacturers are expected to demonstrate compliance with the respective regulatory requirements as confirmed by a notified body in accordance with the respective agreement to be signed between the notified body and the manufacturer.
At the same time, it is also important to mention that in duly justified cases, the CA may waive this condition, in particular where the following conditions are met:
- The manufacturer is a SME,
- MDD or AIMDD certificate of that SME manufacturer had been issued by a notified body not (yet) designated under the MDR,
- The SME manufacturer can demonstrate that it has undertaken reasonable efforts to apply to a considerable number of relevant notified bodies and that its application has not been accepted due to limited notified body capacity.
Based on the above, a competent authority will determine the period which seems to be reasonable for the manufacturer to reinstate compliance with the regulatory requirements that the product is subject to. The MDCG additionally mentions that such a period should be proportionate to the non-compliance taking place. The said “reasonable period” will be determined on a case-by-case basis depending on the time reasonably necessary to finalize the conformity assessment performed under the MDR, as well as to obtain the appropriate certification. Under the general rule, this period should not exceed 12 months. However, it could be extended if necessary). Should the new certificate be issued before the expiration of this period, the application of the Article 97 MDR will cease as well. At the same time, should the manufacturer fail to complete all the steps and achieve compliance by the expiration of the said period, a respective competent authority will be entitled to take the actions prescribed by the existing regulatory framework.
In summary, the present MDCG guidance describes in detail the concept of non-compliance that does not expose patients or customers to additional risks. The document also highlights the key points related to the applicable timelines.
How Can RegDesk Help?
RegDesk is a holistic Regulatory Information Management System that provides medical device and pharma companies with regulatory intelligence for over 120 markets worldwide. It can help you prepare and publish global applications, manage standards, run change assessments, and obtain real-time alerts on regulatory changes through a centralized platform. Our clients also have access to our network of over 4000 compliance experts worldwide to obtain verification on critical questions. Global expansion has never been this simple..