Essentials in Translational Science PDF

HS24 Essentials in Translational Science ZUSAMMENFASSUNG 1 INTRODUCTION TO HEALTHTECH PRODUCTS 4 1.1 OVERVIEW OF HEALTHTECH 4 1.2 CATEGORIES OF HEALTHTECH PRODUCTS...

HS24 Essentials in Translational Science ZUSAMMENFASSUNG 1 INTRODUCTION TO HEALTHTECH PRODUCTS 4 1.1 OVERVIEW OF HEALTHTECH 4 1.2 CATEGORIES OF HEALTHTECH PRODUCTS 4 1.3 THE ROLE OF HEALTHTECH IN MODERN HEALTHCARE 4 1.4 WHY HEALTHTECH IS IMPORTANT 5 1.5 KEY TRENDS IN HEALTHTECH INNOVATION 5 1.6 THE HEALTHTECH PRODUCTS IN MORE DETAIL 6 1.6.1 MEDICAL DEVICES 6 1.6.2 IN VITRO DIAGNOSTIC DEVICES (IVDS) 6 1.6.3 SOFTWARE AS A MEDICAL DEVICE (SAMD) 7 1.6.4 VACCINES AND PHARMACEUTICALS 8 1.6.5 COMBINATION PRODUCTS 9 1.6.6 BIOTECH PRODUCTS 9 1.7 IN PERSON SEMINAR: MEDICAL DEVICES - 20241004 10 1.7.1 HOMEWORK: COVID VACCINE, SULZER, DEPUY – WANT WENT WRONG? 11 1.7.2 EXAMPLES FROM LECTURE 12 1.8 IN PERSON SEMINAR: SAMD – SOFTWARE AS MEDICAL DEVICE –20241119 14 2 THE REGULATORY LANDSCAPE FOR HEALTHTECH PRODUCTS 15 2.1 REGULATORY THINKING IN HEALTHTECH – A STRATEGIC APPROACH FOR LONG-TERM SUCCESS 15 2.1.1 KEY ASPECTS OF REGULATORY THINKING: 15 2.1.2 KEY BENEFITS: 15 2.1.3 STEPS TO INTEGRATE REGULATORY THINKING: 15 2.2 WHY DO HEALTHTECH PRODUCTS NEED REGULATION à ENSURING REGULATORY COMPLIANCE 16 2.2.1 ROLE OF REGULATORY COMPLIANCE IN DIFFERENT PRODUCT CATEGORIES 16 2.3 REGULATORY FRAMEWORKS/BODIES (VERTICAL AND HORIZONTAL FRAMEWORKS) 17 2.3.1 THE UNITES STATES – THE FDA REGULATORY 18 2.3.2 THE EUROPEAN UNION – MDR AND IVDR 19 2.3.3 EU AI ACT 20 2.3.4 INTERNATIONAL REGULATORY SYSTEMS: KEY MARKETS 22 2.3.5 INTERNATIONAL ORGANIZATION FOR STANDARDIZATION (ISO): MANDATORY STANDARDS FOR EVERY LEGAL MANUFACTURER! 23 2.4 HARMONIZATION EFFORTS TO FACILITATE GLOBAL COMMERCIALIZATION 24 2.5 THE COST OF NON-COMPLIANCE 25 2.6 INTENDED USE OF A DEVICE AND ITS ROLE IN REGULATORY COMPLIANCE 25 2.6.1 INTENDED USE 25 2.6.2 IMPORTANCE OF DEFINING INTENDED USE FOR REGULATORY SUBMISSION 25 2.6.3 HOW INTENDED USE SHAPES REGULATORY CLASSIFICATION 26 2.6.4 DETERMINING INTENDED USE: A MANUFACTURER’S RESPONSIBILITY 26 2.6.5 INTENDED USE VS. INDICATIONS FOR USE 26 2.6.6 EXAMPLES OF HOW INTENDED USE AFFECTS CLASSIFICATION 27 2.6.7 REGULATORY RISKS OF MISALIGNED INTENDED USE 27 2.6.8 PREPARING FOR REGULATORY SUBMISSION: INTENDED USE IN TECHNICAL DOCUMENTATION 27 2.7 THE TWO PILLARS OF CERTIFICATION 28 2.7.1 OVERVIEW OF THE CERTIFICATION PROCESS 28 2.7.2 PILLAR 1: THE QUALITY MANAGEMENT SYSTEM (QMS) – ISO 13485 28 2.7.3 PILLAR 2: CE CERTIFICATION AND TECHNICAL DOCUMENTATION 29 2.7.4 MAINTAINING COMPLIANCE: SURVEILLANCE AUDITS AND POST-MARKET SURVEILLANCE (PMS) 30 2.8 CASE STUDIES OF SUCCESSFUL HEALTHTECH REGULATORY COMPLIANCE 30 2.8.1 INTRODUCTION TO CASE STUDIES 30 2.8.2 CASE STUDY 1: AI-POWERED DIAGNOSTIC SOFTWARE – NAVIGATING FDA APPROVAL 31 2.8.3 CASE STUDY 2: WEARABLE HEALTH DEVICE – CE MARKING UNDER MDR 31 2.8.4 CASE STUDY 3: IN VITRO DIAGNOSTIC DEVICE (IVD) – GLOBAL MARKET ACCESS 32 2.8.5 LESSONS LEARNED FROM THE CASE STUDIES 33 2.9 IN PERSON SEMINAR: REGULATORY STRATEGIES 34 3 WHAT ARE ESSENTIAL STEPS IN DEVELOPING A MEDICAL DEVICE 36 3.1 STEPS IN MEDICAL DEVICE DEVELOPMENT 36 3.2 FROM IDEA TO DEVICE (IMAGE = SIMPLIFIED OVERVIEW) 37 3.2.1 GENERAL CERTIFICATION STRATEGY FOR HEALTHTECH PRODUCT GROUPS 37 3.2.2 OVERVIEW – WORKING PRINCIPLE 38 3.2.3 STRATEGIES FOR MD, IVD, SAMD 38 3.2.4 BRIDGING THE GAP: FROM IDEA TO DEVICE 39 3.2.5 DEFINING DEVICE IN SCOPE à WE HAVE TO BE ABLE TO EXPLAIN WHY THESE ASPECTS ARE IMPORTANT 41 3.2.6 DEFINING WORKING PRINCIPLE 41 3.2.7 MASTERING MULTITASKING 42 3.2.8 FROM REQUESTS TO REQUIREMENTS 42 3.2.9 PRINCIPLE OF CLINICAL STUDY PLANNING 42 3.2.10 INTEGRATING REGULATION AND BUSINESS STRATEGY 43 3.2.11 NAVIGATING THE REGULATORY FRAMEWORK 43 3.2.12 HELPFUL FRIENDS 43 3.3 HOW IS SOFTWARE AS A MEDICAL DEVICE (SAMD) DEVELOPED AND REGULATED? 44 3.3.1 FROM IDEA TO PRODUCT: 44 4 INTELLECTUAL PROPERTY (IP) 45 4.1 WHAT IS INTELLECTUAL PROPERTY (IP) AND WHAT IS AN IP RIGHT (IPR) 45 4.2 FILE PATENTS 45 4.2.1 WHAT IS A PATENT? 45 4.2.2 PATENTABLE SUBJECT MATTER 45 4.2.3 WHAT MAKES AN INVENTION PATENTABLE? 45 4.2.4 TIMING OF INNOVATION/PATENT FILINGS 47 4.2.5 THE PATENTING PROCESS 48 4.2.6 WHAT RIGHTS DOES A PATENT CONFER? 48 4.2.7 KEY MESSAGES 49 4.2.8 WHO OWNS INVENTIONS AT ETHZ? 49 4.3 IN PERSON SEMINAR: IP IN RESEARCH AND ESSENTIALS - 20241122 50 4.3.1 IP IN RESEARCH 50 4.3.2 NOTES FROM LECTURE (MAYBE SAME AS ABOVE AN SOME ADDITIONS…) 51 4.3.3 LICENSING 52 5 MOCK EXAM DISCUSSION 53 5.1 RHEUMATOID ARTHRITIS DRUG QUESTIONS 53 5.2 ETH EXAMPLE 53 5.3 NEWSPINER TECHNOLOGIES 53 Exam information Four cases for the 4 mainly discussed chapters during lecture – they will ask questions around it and also some open questions o HealthTech Products § Medical Device § Software o Regulation o IP Think very logic, give explanation/justify and thoughts! à keep it short, no long stories Test whether we have a understanding of translation, no trick questions/misleading questions à This summary contains (from our perspective) the most important information for each of the 4 chapters. Each chapter is slide/reader based + some additional notes from the in-person lectures à But maybe not all is covered from the perspective of the professors… so please be aware to not see this summary as a 100% coverage of all the material that was given available on moodle by them 1 Introduction to HealthTech Products 1.1 Overview of HealthTech Health technology (HealthTech) is a broad and dynamic sector that encompasses the application of various technological innovations in healthcare. The aim is to improve patient care, increase the efficiency of healthcare systems, and reduce costs. HealthTech has evolved significantly over the last few decades, with rapid advances in medical devices, biotechnology, pharmaceuticals, software applications, and diagnostics. At its core, HealthTech refers to any product, device, or system that uses technology to deliver or im- prove healthcare services. This includes a wide range of tools, from wearable health monitors that track vital signs, to advanced surgical robots that assist in complex operations. The digitalization of healthcare, especially the rise of Artificial Intelligence (AI) and data-driven tools, has expanded the scope of HealthTech. 1.2 Categories of HealthTech Products HealthTech products can be categorized into various subgroups based on their function, technology, and purpose. Here’s a breakdown of the most important categories: Medical Devices: These are instruments, apparatus, or implants used for diagnosing, treating, or preventing medical conditions. Medical devices can range from simple tools like thermometers to complex technologies like pacemakers or MRI machines. à physical working principle In Vitro Diagnostic Devices (IVDs): These are diagnostic tools used to test samples taken from the body, such as blood, tissue, or saliva. These devices work outside the body (in vitro) and provide critical information used in diagnosis and monitoring of diseases. Software as a Medical Device (SaMD): This category includes software that is designed for medical purposes, such as aiding diagnosis, treatment, or monitoring. It does not need to be physically connected to a medical device. For example, a mobile app that uses AI to interpret medical images and detect anomalies falls under this category. à performs medical functions, to assist à The software is the medical device Software in a medical Device (SiMD): Just assisting the medical device, is a component of the actual medical device o Both SaMD and SiMD make use of AI and AI is regulated under SaMD and SiMD à it is not an own category Advanced Therapy Medicinal Products (ATMPs): This includes innovative products like gene therapies, cell therapies, and tissue-engineered products. ATMPs often represent the cutting edge of biotechnology, offering treatments for diseases that were previously untreatable. Vaccines and Pharmaceuticals: Vaccines are biological preparations designed to provide immunity against specific diseases, while pharmaceuticals include a wide range of drugs used for treating or managing health conditions. à Drugs à has a metabolic working principle Combination Products: These products combine two or more different types of medical products, such as a drug and a medical device, to create a unified solution. Biotechnology Products: These products use living organisms or systems to develop drugs or therapies. Biotech products often involve genetic manipulation or the use of biological systems like cell cultures to treat diseases. 1.3 The Role of HealthTech in Modern Healthcare From diagnostics to treatment, HealthTech innovations provide clinicians and patients with better tools for improving health out- comes. Here are some of the major contributions of HealthTech: Enhanced Diagnosis: Technologies like advanced imaging systems (MRI, CT scans), AI- driven diagnostics, and in vitro diagnostic devices have significantly improved the accuracy and speed of diagnoses, enabling early detection and better management of diseases. Personalized Medicine: HealthTech has facilitated the shift towards personalized medicine, where treatments are tailored to individual patients based on their genetic makeup, lifestyle, and other factors. This is especially evident in cancer treatment and genetic disorders. Remote Monitoring and Telehealth: Devices like wearables and mobile apps allow patients to monitor their health from home, reducing the need for frequent hospital visits. Telehealth plat- forms, driven by software, enable virtual consultations with healthcare professionals, making healthcare more accessible and efficient. Improved Treatment: Technologies such as robotic surgery systems and implantable devices have revolutionized treatment options, offering less invasive procedures and more effective long-term solutions for conditions like heart disease and chronic pain. Data-Driven Decision Making: With AI and big data analytics, HealthTech has empowered healthcare professionals to make data-driven decisions. Machine learning algorithms can process vast amounts of patient data to provide actionable insights, improve diagnostics, and optimize treatment plans. 1.4 Why HealthTech is Important The importance of HealthTech cannot be overstated, especially as healthcare systems around the world face increasing pressure from aging populations, rising costs, and the growing burden of chronic dis- eases. HealthTech offers several key benefits: Improving Patient Outcomes: HealthTech innovations enable earlier detection of diseases, more accurate diagnoses, and more effective treatments, which ultimately lead to better patient outcomes. Enhancing Healthcare Efficiency: HealthTech solutions like telemedicine, remote monitoring, and AI-based diagnostics reduce the strain on healthcare resources by allowing healthcare providers to manage larger patient populations with fewer resources. Lowering Healthcare Costs: By reducing the need for invasive procedures, hospital admissions, and in- person consultations, HealthTech solutions can help lower the overall cost of healthcare. Promoting Preventive Care: Many HealthTech solutions, such as wearables and health apps, encourage preventive care by allowing patients to monitor their own health and make lifestyle changes to reduce the risk of chronic diseases. Supporting Global Health Initiatives: HealthTech plays a crucial role in tackling global health challenges, such as the response to pandemics like COVID-19. From vaccine development to digital contact tracing tools, HealthTech has helped mitigate the impact of such crises. AND: Always ensuring SAFETY and PERFORMANCE of the products, processes and services. 1.5 Key Trends in HealthTech Innovation HealthTech is constantly evolving, driven by technological advancements and changing healthcare needs. Here are some key trends currently shaping the HealthTech landscape: Artificial Intelligence and Machine Learning: AI is being used in various applications, from diagnostics to drug discovery. Machine learning algorithms can analyze large datasets and recognize patterns that are not immediately apparent to human doctors, improving diagnostic accuracy and personalized treatments. Wearable Technology: Wearables like smartwatches, fitness trackers, and medical-grade de- vices allow continuous monitoring of health metrics such as heart rate, blood pressure, and blood glucose levels. This data can be shared with healthcare providers for better management of chronic conditions. Telemedicine and Virtual Healthcare: Telehealth has grown exponentially, particularly in response to the COVID-19 pandemic. It allows patients to consult with healthcare providers re- motely, improving access to care for people in remote or underserved areas. Robotics in Surgery: Robotic surgery systems provide surgeons with enhanced precision and control, leading to less invasive procedures and faster recovery times for patients. Robotic assisted surgery is now being used in a wide range of fields, including orthopedics, urology, and gynecology. Blockchain for Health Records: Blockchain technology is being explored as a solution for securely storing and sharing medical records. It provides a decentralized and immutable ledger, ensuring patient privacy while allowing seamless access to health data across providers. Personalized Medicine: Advances in genomics and molecular biology are enabling more personalized treatments, particularly in oncology. HealthTech is making it possible to tailor therapies to individual patients based on their genetic profiles and other factors. 1.6 The Healthtech Products in more detail 1.6.1 Medical Devices Definition: Medical devices are instruments, machines, implants, or other apparatuses intended to be used for the diagnosis, prevention, monitoring, treatment, or alleviation of disease or injury. Unlike pharmaceuticals, medical devices typically achieve their purpose through physical or mechanical means rather than metabolic actions. Examples of Medical Devices: Low-Risk Devices (Class I): Bandages, surgical gloves, cotton buds (with a clear medical purpose), and basic diagnostic tools like stethoscopes. Moderate-Risk Devices (Class II): Blood pressure monitors, insulin pumps, and infusion pumps. High-Risk Devices (Class III): Pacemakers, artificial heart valves, and robotic surgical systems. A Pill: Because it gives a protective physical layer for your throat (physical mode of action) & there is a CE mark followed by a 4diget number on it! A syringe alone Classic adhesive Plaster Heat Plaster: Mode of action is physical Intended Purpose of Medical Devices: Medical devices are designed to address specific clinical needs, such as monitoring vital signs, aiding in surgery, or administering therapies. Each medical device is developed to meet the needs of healthcare providers and patients, ensuring safe and effective treatment options. Regulatory Pathway: Medical devices are classified based on risk, with higher-risk devices requiring more extensive clinical trials and regulatory oversight. In the European Union, medical devices are regulated under the Medical Device Regulation (MDR), which requires devices to undergo a rigorous certification process to obtain the CE mark. In the U.S., medical devices are regulated by the FDA, with Class III devices undergoing the most stringent premarket approval (PMA) process. 1.6.2 In Vitro Diagnostic Devices (IVDs) Definition: In vitro diagnostic devices are medical devices used to perform tests on samples taken from the human body, such as blood, urine, or tissue. These tests are conducted outside the body (in vitro) and provide information about a person’s health to diagnose, monitor, or prevent diseases. Examples of IVDs: Blood Glucose Monitors: Used by patients with diabetes to measure blood sugar levels. COVID-19 Testing Kits: Rapid antigen tests used for detecting viral infection. Genetic Screening Tests: Tests that analyze DNA samples to identify genetic mutations as- sociated with inherited diseases. Intended Purpose of IVDs: IVDs are used to obtain critical diagnostic information about a patient’s health. They are essential for early detection, monitoring disease progression, and assessing treatment effectiveness. IVDs do not treat diseases directly but provide the data necessary for clinical decision- making. Regulatory Pathway: In the European Union, IVDs are regulated under the In Vitro Diagnostic Regulation (IVDR), which categorizes them based on risk, from low-risk tests to high-risk diagnostic tools for life-threatening diseases. Risk classes are A/B/C/D. In the U.S., the FDA classifies IVDs similarly to medical devices, with risk-based categories determining the level of oversight and testing required. 1.6.3 Software as a Medical Device (SaMD) Definition: Software as a Medical Device (SaMD) refers to software intended for medical purposes that is not part of a physical medical device. SaMD provides medical functionalities such as diagnosis, treatment, or monitoring of a disease or condition without requiring a physical attachment to a device. What makes the difference between an App (lifestyle app) and a Medical Device? à A medical device have functionalities such as diagnosis, treatment, monitoring, predict/prevent à But what is the unique selling point of a SaMD: the software has a intended medical purpose(/use) & I addresses a clinical need Clinical need: What is important here from a regulatory perspective is the validation à does it really addresses what it is needed Important that we understand difference between purpose & use: o “use” is a more broad term à includes more players: environment, patients, doctors… and how the SaMD is/should be used by them o “purpose” addresses more the clinical need How can we change an app into a SaMD? o See what clinical needs it could addressee o Eg. Fitness tracker: Use it to monitor and predict something Examples of SaMD: Diagnostic AI Software: Algorithms that analyze medical images (e.g., X-rays or MRIs) to detect abnormalities such as tumors or fractures. Mobile Health Apps: Applications that monitor chronic conditions, such as heart disease or asthma, and send real-time data to healthcare providers Digital Therapeutics: Software that provides cognitive behavioral therapy (CBT) to patients with mental health conditions, Diabetes Intended Purpose of SaMD: SaMD is used to diagnose, treat, or monitor patients without the need for physical interaction. It often leverages artificial intelligence and machine learning to interpret patient data and provide clinical insights. SaMD offers significant benefits in terms of accessibility and scalability, particularly in remote healthcare settings. Regulatory Pathway: SaMD is subject to the same regulatory oversight as medical devices. The MDR in Europe and the FDA in the U.S. outline specific requirements for software validation, data security, and clinical performance. SaMD must demonstrate safety and effectiveness through clinical evaluations and real-world testing before it can be approved for use. Is there a difference between SaMD and AI in a SaMD? There is a need to rethink design & development because the software my change with AI AI can have an impact in the verification results Have to train and show how you have trained your AI product Attention bzgl Bias Data protection Information à The user & the patient have to be informed if a SaMD has AI implemented AI in Medical devices? Artificial Intelligence (AI) is becoming a vital component of healthtech, enabling devices to diagnose diseases, predict treatment outcomes, and monitor patients in real-time. However, AI's integration into medical devices introduces new regulatory challenges, particularly around data quality, bias, and continuous learning. Data Collection and Training: AI models rely on large datasets to learn and make predictions. The quality and diversity of these datasets are critical to the model's accuracy. Algorithm Development: Once trained, the AI model is tested extensively to ensure it can accurately perform its medical function. Risk Management: AI poses unique risks, including algorithmic bias and unpredictable outcomes. Regulatory Approval: AI in medical devices must undergo verification and validation, demonstrating the AI system’s ability to perform consistently across varied patient populations. Continuous Learning Systems: Unlike traditional devices, some AI models can learn and evolve after deployment, presenting regulatory challenges around ensuring ongoing safety. 1.6.4 Vaccines and Pharmaceuticals Definition: Vaccines are biological preparations designed to provide immunity against specific infectious diseases, while pharmaceuticals include drugs used to diagnose, treat, or prevent a wide range of health conditions. They always trigger a metabolic action! Examples of Vaccines and Pharmaceuticals: COVID-19 Vaccines: mRNA vaccines developed to prevent infection by the SARS-CoV-2 virus. Antibiotics: Drugs used to treat bacterial infections. Chemotherapy Drugs: Medications used to treat cancer by targeting and killing cancerous cells. Cotton bud integrated in a solution: Then the cotton bud is part of the pharmaceutical solution Syringe prefilled with medication: packaging for pharma Nicotine Plaster: Primary mode of action is pharmaceutical Intended Purpose of Vaccines and Pharmaceuticals: Vaccines are intended to prevent diseases by stimulating the body’s immune response, while pharmaceuticals are designed to diagnose, treat, or manage diseases. Both product types are essential in modern healthcare for managing and eradicating diseases. Regulatory Pathway: Vaccines and pharmaceuticals are subject to stringent regulatory oversight by bodies such as the FDA and EMA (European Medicines Agency). The development process includes preclinical research, phase I-III clinical trials, and post-market surveillance to ensure safety and efficacy. Vaccines, in particular, undergo additional scrutiny given their use in large populations. 1.6.5 Combination Products Definition: Combination products are therapeutic and diagnostic products that combine elements from different HealthTech categories, such as a drug and a medical device or a biologic and a device. These products offer integrated solutions for complex medical conditions. Examples of Combination Products: Insulin Delivery Systems: Devices that combine insulin, insulin pumps with glucose monitors to provide automated insulin dosing. Cotton bud together with a tincture Syringe packed together with medication Intended Purpose of Combination Products: Combination products are designed to provide a unified solution to medical conditions that require both a device and a pharmaceutical component. These products simplify treatment by combining different technologies into one cohesive system. Regulatory Pathway: Combination products must meet the regulatory requirements for both medical devices and pharmaceuticals. This adds complexity to the regulatory process, as manufacturers must demonstrate the safety and effectiveness of both components individually and as an integrated product. 1.6.6 Biotech Products Definition: Biotechnology products are pharmaceutical drugs developed using living organisms or biological processes, often involving genetic manipulation or cell culture. These products are used to treat diseases at the molecular or cellular level. Examples of Biotech Products: Monoclonal Antibodies: Laboratory-produced molecules used to treat conditions such as cancer and autoimmune diseases. Gene-Edited Therapies: Therapies that use CRISPR or other gene-editing technologies to treat genetic disorders. Recombinant Proteins: Proteins produced using recombinant DNA technology to replace deficient or abnormal proteins in patients. Intended Purpose of Biotech Products: Biotech products aim to treat diseases by targeting the molecular or genetic mechanisms underlying the condition. They represent a highly specialized form of treatment, often used in cases where conventional therapies are ineffective. Regulatory Pathway: Biotech products must undergo extensive testing and clinical trials to ensure safety, quality, and efficacy. The regulatory pathway for biotech products is similar to that of pharmaceuticals but often involves additional scrutiny due to the complexity of the biological processes involved. 1.7 In Person Seminar: Medical Devices - 20241004 These are just summarized notes, taken during the in-person seminars. Could be a summary of what is written above. Use it to reflect. 3 Main Categories of Healthtech Products: Medical Device In Vitro Diagnostics (IVD) Pharmaceuticals Difference between IVD device and medical device: IVD devices uses some kind of tissue/serum/blood from patient to diagnose disease Difference between pharmaceutical and medical device: Medical device has a physical working principle and pharmaceutical has a metabolic effect è Different regulations for different products What kind of a category is a software device? è As a medical device or as a Software IN medical device o Difference: as medical device addresses the use and is the whole purpose of the medical device. Software itself is a medical device o Software in a medical device is support and gives a function to the device but cannot function as itself -> example software in a pacemaker. è What about AI? New category? Can it be added to the existing categories? o AI falls under the same category but it needs additional regulations o Software As Med Dev and Software In Med Dev: if AI functions in medical device or has a purpose as a medical device. Falls under the Medical Device Regulation (EU) o AI is regulated by the MDR but regulated by additional ISO Norms o Additionally, through the “EU AI act” Who regulates where and what? FDA: US market MDR: EU market – Swissmedic follows 95% the MDR – BFARM in Germany EMA: only for pharmaceuticals Different rules for many different countries è If you want to sell globally, you have to fulfill the different requirements in all the country o Example: Different studies need to be prepared for the FDA as for the EU to get market access and the stamp from the organization Different Regulations: Vertical Regulations: IVDR -> IVD dev, MDR -> MD, FDA -> HTP + AI EU AI Act is a horizontal one, defining AI in Medical devices, automotives, etc. o Any industry, that incorporates AI, has to deal with the EU AI Act. o Really expensive to work with an AI expert, brought by the EU 1.7.1 Homework: Covid Vaccine, Sulzer, Depuy – Want went wrong? We had to do a homework where we summarized what went wrong in different companies with their products. Here is a summary on what was discussed about the cases in the seminar. Covid Vaccine Problem: fast development of a vaccine o Spike proteins were known way before the covid vaccination was developed o Rapid development is not the problem if there is a need but you are not allowed to skip the regulations Argument: not enough testing of the effects and side effects o Side effects were neglected in the early stages § Side effect is not the problem, but it is suspicious when it is said, that there are no side effects at all. There was a lack of transparency (in the claim, the contract and to the patients) o What claim shall be used with covid? -> preventing, healing, treating? o Transparency is one of more important aspects when developing HealthTech Product Do the companies benefit from selling the vaccine? -> costs covered by government, stocks of companies went up Lack in information o Global message through WHO which was really good. Some governments still hid some depths (deaths, consequences, cases) because they did not have the funding for the vaccine or to deal with the disease o Messup in the communication from the politicians to the public Sulzer Problem: oily residue on implants which then failed to adhere to the bone o Problem in manufacturing -> every medical device has to undergo risk management through its whole process. o Risks in design, manufacturing, use of medical device § Define the manufacturing process accordingly to the risks § Sulzer failed in the risk management o Communication with supplier o Supplier quality and monitoring o Post market surveillance -> product life cycle o Competent authority Consequences: o Huge cases against Sulzer, compensations up to 1 billion $ o Loss in trust to the medical device industry by public Depuy One of the first metal on metal implants o Verification of the implant should have found out that metal on metal doesn’t work and produces wear/abration. Verification & Validation are the two pillars which could have prevented everything o Depuy failed there Patients: o Damage of tissue o Metal in blood o Replacements after 5 years instead of 10-15 One product went on EU market (ASR) ASR XL went on the market because it was similar to another product (EU equivalence act, similar to USA (510K)) False advertisement, failing in compliance o Strict regulations in advertising and claiming Post market clincal surveillance o Should have been done by company and they have failed to do so Recall way to late, companies’ choice Authorities failed to categories it, it went into a Class IIb o Should be a class III product No financial drawbacks to J&J è In 90% of the cases, it was the medicals fault, rest was authorities è In all cases: if the regulations and rules were followed correctly, these 3 cases could have been prevented. 1.7.2 Examples from Lecture à important for exam: We have to be able to classify products & tell about their regulatory requirements/pathway! The following are also just the notes from the lecture but actually, there is the solution for these case scenarios in the slides on moodle: https://moodle-app2.let.ethz.ch/mod/resource/view.php?id=1131507 Case scenario: Is a cotton swap a medical device or not? - Depends on the purpose, if it is just in the supermarket, then not. - If it is used with a medical purpose, then yes - Can be used as a “Kombinationsprodukt” -> therefore could have different classification: o Cotton swap integrated in a bottle of a solution (like nail paint) then it is part of the packaging of the medical device Second case scenario: A pill: halstabletten, GeloRevoice No pharmaceutical but a medical device: gives a protective layer which is a physical layer in your throat. Pharmaceutical also doesn’t get a CE marking, followed by a 4digit number Case scenario: Empty syringe, prefilled syringe, syringe packed with medication: - First: just a medical device - Second: prefilled is a packaging for pharma - Third: combination product Case scenario: plaster: - Classic Plaster: Normal medical device - Nicotine plaster: primary mode of action is pharmaceutical -> medicine - Heat Plaster: medical device because the physical component is the primary working principle. Treadmills: - Treadmill in a gym has an intended purpose: so lifestyle product - If it monitors, gives information that is some kind of diagnostic purpose to it so it is a medical device o Only display but not really good in diagnosing: argument point if it is lifestyle or medical device (Smart) watches - Medical device? - In which cases are they medical devices? - What strategies do companies use to identify them as non-medical products? è If you use it for lifestyle with no additional diagnosing addition, than not a medical device Following glasses: Normal Glasses for vison impairment: - Clearly medical device as they address clinical need Normal Sunglasses? - No medical device, no clinical need Laboratory goggles: - Safety device and protective equipment and this is clearly protection and not prevention - Prevention is also a medical purpose that falls for medical devices Contact lenses: - Clearly medical device when vision impaired - When just for eye color change, than not (eg. Halloween) Dental Implant systems: - Clearly medical device Software: - Software for diagnosing caries: o Software as a medical device - Software in a teeth scanner o Software in a medical device - Software for a milling machine for the manufacture of medical devices: Class 3 spinal Implants. o No medical device, just driving production process, could also fe for plastic toys… - App for diary entries: o Also dependent on use and as it has a psychological feedback factor yes, medical device Veneers: Clipping teeth onto teeth - Veneer without medical purpose; is seen as a cosmetic/lifestyle product - With medical purpose; example as replacing missing tooth masse: medical device 1.8 In person seminar: SAMD – Software as medical device –20241119 Examples of normal Apps: Period tracker Fitness trackers (Strava) Health App on iPhone SV Ring Diary Examples of Software as Medical Devices: Diabetes monitoring app Pace-maker monitoring Cancer diagnostic app Diary to monitor and predict phases of depression What makes the difference between an app and an SaMD? è SaMDs are to treat, diagnose, monitor diseases and to predict/prevent and compensate è Regulatory term: Intended Purpose / use o Intended Purpose in a SaMD is addressing a clinical need o Use also thinks about the environment it is used and overall usability è Important that we see the difference in use and purpose. è Use also defines the setting on how we test, how we validate, how we develop at first… Bsp: study not accepted as a study of a diabetes app was tested in a hospital. Its intended use was to be used at home and therefore was not recognized. How can you change an app into a medical device? See what clinical needs it could address and find the zusammenhang Market a device in the wrong cathegory can be really expensive in the end. For a fitness tracker: use it to monitor and predict something, for example a study that measures amount of exercise together with amount of deep sleep and uses it for predicting and advising patients. Rules: Regulations: MDR (EU), IVDR (EU), 21CFR (FDA, therefore U.S.-regulations) Regulators: FDA Standards (ISO): - ISO 62366 (About usability engineering so that the product can be used), o 62304 (software usability engineering) - ISO 14971 (Risk management of the product in the context of manufacturing and use) - These are related to the product - ISO 13485 (Quality systems in medical manufacturers) o Describes processes of the company It is mandatory to have these systems: Risk management, quality management 2 The Regulatory Landscape for HealthTech Products 2.1 Regulatory Thinking in HealthTech – A Strategic approach for long-term success Regulatory thinking is the mindset of integrating regulatory compliance into the entire lifecycle of a HealthTech product, from initial concept through to market and beyond. It involves not just meeting the necessary regulations but anticipating and aligning with future regulatory trends, ensuring that the product remains compliant and competitive in a rapidly evolving industry. 2.1.1 Key Aspects of Regulatory Thinking: Proactive Compliance: Rather than responding to regulatory requirements at the last minute, regulatory thinking encourages companies to integrate compliance into the early stages of development. Long-Term Market Strategy: Regulatory compliance should be seen as a tool for ensuring market credibility and patient trust, not just as a means to an approval. Anticipation of Regulatory Changes: A forward-thinking approach that considers future regulatory shifts, emerging technologies, and evolving market demands ensures long-term product viability. 2.1.2 Key Benefits: Reduced Time to Market: By integrating compliance considerations early in the development process, companies can avoid last-minute delays caused by overlooked regulatory requirements. Cost Savings: Addressing regulatory compliance issues proactively helps companies avoid costly recalls, rework, or fines that may result from non-compliance. Enhanced Market Credibility: Regulatory compliance is essential for gaining the trust of healthcare providers, patients, and payers. Companies that demonstrate a commitment to compliance build stronger relationships with stakeholders. Future-Proofing Products: Regulatory thinking helps companies anticipate and adapt to future regulatory requirements, ensuring that their products remain compliant and relevant as the regulatory landscape evolves. 2.1.3 Steps to Integrate Regulatory Thinking: Step 1: Early Engagement with Regulatory Authorities Engaging with regulatory authorities early in the development process provides valuable insights into potential regulatory challenges and helps clarify expectations for approval. For high-risk or novel products, early engagement can smooth the path to certification. Pre-Submission Meetings with the FDA: These meetings allow manufacturers to discuss their product development plans, clinical study designs, and intended use with the FDA before sub- mitting a formal application. Notified Body Consultations (EU): In the EU, companies can seek advice from notified bodies to ensure that their technical documentation and clinical evidence meet the requirements of the MDR or IVDR. Step 2: Embedding Risk Management from Day One Risk management, as outlined in ISO 14971, should be an ongoing process that begins during the product’s conception and continues through its development, marketing, and post-market surveillance. Incorporating risk management early ensures that potential safety concerns are addressed proactively. Hazard Analysis: Identifying potential risks at the earliest stages of product development allows companies to design safer products and mitigate potential regulatory issues. Usability Testing: By assessing how users interact with the product during its development, companies can identify usability risks that could lead to adverse events or non-compliance. Step 3: Leveraging Regulatory Standards and Guidance Regulatory standards provide a framework for product development and testing, ensuring that products meet globally recognized safety and performance requirements. By leveraging existing standards, companies can streamline their development process and reduce the risk of non-compliance. ISO Standards: Incorporating ISO 13485 (quality management systems), ISO 14971 (risk management), and other relevant ISO standards into the development process ensures that products are designed with compliance in mind. FDA Guidance: Following FDA guidance documents can help companies navigate specific regulatory requirements for medical devices, diagnostics, and software as medical devices (SaMD). 2.2 Why do HealthTech Products need regulation à Ensuring Regulatory Compliance Ensuring Safety: Products must not cause unnecessary harm when used as intended. Proving Performance: Devices and treatments must be proven to work for their intended medical use. Maintaining a Benefit Risk Balance: The benefits to the patient must outweigh any risks involved. Consistency in Quality: Uniformity in production and performance must be guaranteed across different batches or software updates. Data security and privacy: HealthTech deals with sensitive patient data. Regulatory frameworks ensure that this data is handled securely and that patient privacy and confidentiality are protected. Compliance helps prevent data breaches and maintains trust between patients and healthcare providers. Interoperability: HealthTech systems often need to interact with various other healthcare systems. Regulatory standards promote interoperability, ensuring seamless communication between different technologies and healthcare providers. This can improve the overall efficiency and effectiveness of healthcare services. Innovation and investment: Clear regulatory pathways provide HealthTech companies with guidance for product development. When companies understand the regulatory landscape, they are more likely to invest in research and development, driving innovation in the industry. o Innovation: translating ideas to invoice à translate idea to a product Market credibility: Compliance enhances the credibility of HealthTech companies. Healthcare providers and consumers are more likely to trust and adopt technologies that meet established regulatory standards, leading to broader market acceptance. Legal protection: Compliance provides legal protection for HealthTech companies. It ensures that companies operate within the law and protects them from potential lawsuits and financial liabilities. 2.2.1 Role of Regulatory Compliance in Different Product Categories Each category of HealthTech product is subject to different regulatory requirements depending on the product’s intended use and risk classification. Below is an overview of how regulatory compliance plays a role in key categories: Medical Devices: Medical devices, whether they are as simple as a bandage or as complex as a robotic surgical system, must comply with regulations that vary according to their risk classification (Class I, II, or III). Higher-risk devices must undergo extensive testing and clinical trials before they can be certified. In Vitro Diagnostic Devices (IVDs): IVDs, which are used to test body samples outside the body, must demonstrate analytical and clinical performance. The IVDR establishes the require- ments for demonstrating the safety and effectiveness of these tests before they can be marketed in the EU. Software as a Medical Device (SaMD): SaMD must comply with regulations regarding software validation, data security, and clinical performance. Regulatory bodies require manufacturers to demonstrate that their software accurately diagnoses or treats medical conditions without caus- ing harm to patients. Vaccines and Pharmaceuticals: Vaccines and drugs must undergo extensive clinical trials to demonstrate safety and efficacy before they can be approved by regulatory bodies such as the FDA or EMA (European Medicines Agency). The process includes preclinical studies, phase I- III trials, and post-market surveillance. Combination Products: Combination products, which may include a drug and a device or a biologic and a device, must comply with both medical device and pharmaceutical regulations. This adds complexity to the regulatory process, as both components must be tested and vali- dated according to their respective guidelines. 2.3 Regulatory Frameworks/Bodies (vertical and horizontal frameworks) Several key regulations and standards guide the compliance of healthtech products. These include but are not limited to: FDA (Food and Drug Administration) is a vertical regulation: Governs the safety, efficacy, and security of healthtech products in the U.S. à For all kind of health tech products EU-MDR (Medical Device Regulation, EU) is a vertical regulation: The primary framework in the EU for medical devices, requiring adherence to specific safety and performance guidelines. EMA (EU) is a vertical regulation: For Pharmaceuticals EU AI ACT: Is a horizontal regulation à defining the use in medical devices but also in automobiles and other industry areas à therefore it is a horizontal regulation So when one has eg. a SaMD they have to work with MDR and also EU AI ACT to cover the full regulation TGA (Therapeutic Goods Administration): In Australia, the TGA oversees the regulation of medical devices, medicines, and other therapeutic products, ensuring that they meet Australian safety and efficacy standards. ANVISA (Agência Nacional de Vigilância Sanitária): Brazil’s ANVISA regulates medical de- vices and health technologies, applying its own set of requirements for product registration and commercialization. Health Canada: The regulatory body responsible for medical devices and health products in Canada. It follows similar guidelines to the FDA but has its own unique set of requirements for compliance. ISO Standards (e.g., ISO 13485, ISO 14971): Provide global frameworks for quality management and risk management of medical devices. à harmonized standards Why is is it important to know about the different international regulations? If we want to sell a product internationally one has to fullfill all the rules and requirements for the different regions! 2.3.1 The Unites States – The FDA Regulatory Framework Overview of the FDA: In the United States, the Food and Drug Administration (FDA) is the primary regulatory body responsible for overseeing medical devices, in vitro diagnostic devices (IVDs), pharmaceuticals, and other health products. The FDA has established a set of guidelines and regulations designed to ensure that all HealthTech products are safe, effective, and meet specific quality standards. The FDA classifies medical devices into three categories based on their risk level: Class I (Low Risk): Products such as bandages, tongue depressors, and surgical gloves. Most Class I devices are exempt from premarket notification requirements (510(k)). Class II (Moderate Risk): Devices such as blood pressure monitors, infusion pumps, and diagnostic imaging devices. These devices typically require 510(k) clearance, demonstrating substantial equivalence to an existing legally marketed device. Class III (High Risk): Devices such as pacemakers, heart valves, and implantable defibrillators. Class III devices must undergo the more rigorous Premarket Approval (PMA) process, which requires clinical data to demonstrate safety and efficacy. Key FDA Regulatory Pathways: 510(k) Clearance: Required for most Class II devices. The manufacturer must demonstrate that the device is substantially equivalent to a legally marketed device (predicate device) that does not require PMA. Premarket Approval (PMA): Required for Class III devices, PMA is the FDA’s most stringent regulatory pathway. It involves extensive preclinical and clinical testing to prove the safety and effectiveness of the device. 21 CFR (Code of Federal Regulations) Part 820: U.S. quality system regulation for medical devices, focusing on design controls and manufacturing processes. De Novo Classification: An alternative pathway for novel devices that are considered low- to moderate-risk but have no existing predicate devices. This pathway allows innovative products to enter the market without going through the PMA process. Emergency Use Authorization (EUA): Used in emergencies such as the COVID-19 pandemic, the EUA pathway allows certain products to be authorized for temporary use without full FDA approval. Post-Market Surveillance and Reporting: The FDA requires manufacturers to implement post-market surveillance to monitor the performance of devices after they are approved and in use. This includes reporting adverse events through the Manufacturer and User Facility Device Experience (MAUDE) database and con- ducting post-approval studies if necessary. 2.3.2 The European Union – MDR and IVDR Overview of the European Regulatory System: In the European Union, HealthTech products are regulated under the Medical Device Regulation (MDR, EU 2017/745) for medical devices and the In Vitro Diagnostic Regulation (IVDR, EU 2017/746) for IVDs. These regulations were introduced to replace previous directives and strengthen the oversight of medical devices and diagnostics within the EU. The MDR and IVDR place a strong emphasis on patient safety, clinical evaluation, and post-market surveillance. They also introduce stricter requirements for clinical data, technical documentation, and quality management systems. Key Elements of the MDR and IVDR: Risk-Based Classification: Medical devices are classified into four categories based on risk: Class I (low risk), Class IIa (moderate risk), Class IIb (higher risk), and Class III (high risk). In vitro diagnostic devices are classified similarly, with additional attention to their intended use and the potential impact on public health. CE Marking: The CE mark indicates that a product complies with all applicable EU regulations and can be legally marketed within the European Economic Area (EEA). To obtain CE certification, manufacturers must compile a comprehensive technical documentation file that includes clinical evidence, risk management, and usability studies. Notified Bodies: In the EU, notified bodies are independent organizations designated by member states to assess whether a medical device or IVD complies with MDR or IVDR. Notified bodies review the manufacturer’s technical documentation, perform audits, and issue CE certificates for products that meet regulatory requirements. Key MDR/IVDR Requirements: Clinical Evaluation: Manufacturers must provide clinical data demonstrating the safety and performance of their devices. For high-risk devices (Class III), clinical trials may be required to generate sufficient evidence. Post-Market Surveillance (PMS): Similar to the FDA, the MDR and IVDR require manufacturers to monitor the performance of their products in the market. This includes implementing a post-market surveillance system, conducting periodic safety updates, and reporting adverse events through the EU’s vigilance system. Unique Device Identification (UDI): The MDR introduces UDI requirements, which mandate that devices be labeled with a unique identifier to enhance traceability and improve post-market surveillance. Post-Market Surveillance and Reporting: The EU requires manufacturers to implement post-market surveillance to monitor the performance of devices after they are approved and in use. This includes reporting adverse events through the vigilance system. Challenges and Opportunities Under MDR and IVDR: The introduction of MDR and IVDR has brought more rigorous requirements, particularly for clinical evidence and post- market surveillance. While these regulations enhance patient safety, they also present challenges for manufacturers, especially smaller companies, as the costs and time required for compliance have increased. 2.3.3 EU AI ACT Overview: The EU AI Act, proposed in 2021, is one of the most comprehensive attempts to regulate Artificial Intelligence in high-risk sectors, including healthcare. The EU AI Act specifically addresses AI systems used in medical devices, classifying them as high-risk applications, subject to strict requirements for safety, fairness, and transparency. Key Requirements Risk-Based Classification: o The EU AI Act categorizes AI systems into low, limited, high, and unacceptable risk levels. o Medical devices employing AI fall under the high-risk category, due to their direct impact on human health. o High-risk AI systems are subject to rigorous compliance measures, including risk management, transparency obligations, and continuous monitoring. Mandatory Requirements for High-Risk AI: o Risk Management: AI systems must undergo continuous risk management, from initial development to post-market surveillance. The risk management system must align with international standards like ISO 14971, which addresses risk in medical devices. o Data Governance: Developers of AI medical devices must ensure the quality of the datasets used for training, validation, and testing. This includes ensuring the data is free from bias, representative of the population, and meets stringent privacy and security standards. o Human Oversight: AI systems must allow for human intervention. This ensures that clinicians can intervene if the AI makes questionable decisions, enhancing patient safety. o Transparency and Explainability: High-risk AI systems must be designed to be transparent and explainable. Clinicians using the AI should understand how the system arrives at its conclusions, and patients should be informed about the use of AI in their care. Conformity Assessment: o High-risk AI systems, including those in medical devices, must undergo a conformity assessment before entering the market. This assessment evaluates the system’s compliance with the EU AI Act’s safety, transparency, and fairness requirements. o For medical devices, the conformity assessment process is harmonized with the MDR (Medical Device Regulation), ensuring that both medical device and AI- specific regulations are met. Post-Market Surveillance Post-Market Surveillance: AI systems used in medical devices are subject to ongoing post-market surveillance. This involves monitoring the system's performance, assessing any new risks that may arise, and ensuring that the AI continues to meet safety standards over time. Manufacturers must establish systems to collect and evaluate feedback from users and patients, ensuring that any issues are promptly addressed. Interaction with other Regulations EU AI Act works in conjunction with existing regulations like the MDR (Medical Device Regulation) and GDPR (General Data Protection Regulation). While the MDR governs the general safety and performance requirements of medical devices, the EU AI Act specifically addresses the unique challenges posed by AI, such as transparency, bias, and continuous learning. What are regulatory challenges? Continuous Learning AI Systems: o Traditional medical devices are static once approved, meaning their performance does not change. In contrast, some AI systems are designed to continuously learn and improve over time, adapting based on new data inputs. o The challenge is ensuring that these systems remain compliant with regulatory standards as they evolve. Regulatory bodies, such as the FDA and MDR/EU AI ACT, require developers to provide mechanisms for monitoring AI updates and assessing any new risks introduced by changes in the AI model. Data Privacy and Security: o AI models require large datasets to function, often including sensitive patient information. This raises concerns about privacy and data security, especially under regulations like the GDPR in Europe. o Developers must ensure that patient data used for AI model training is anonymized and stored securely, while also complying with data protection laws. Validation and Verification: o Validating an AI model is complex due to its dependence on large datasets, the potential for algorithmic bias, and the need for real-world testing. Unlike traditional devices, which are easier to test in controlled environments, AI models must be validated across diverse patient populations and clinical settings. o Verification processes must ensure that the AI performs consistently and accurately, particularly when the model is used for high-risk applications like diagnostics or treatment recommendations. Explainability and Trust: o Many AI models, particularly those using deep learning, function as “black boxes,” meaning their internal decision-making processes are opaque. Regulators are pushing for explainable AI (XAI), where the model’s predictions can be understood and explained by clinicians. o Ensuring that AI systems are transparent and interpretable is critical for building trust with healthcare professionals and patients. Regulatory Harmonization: o AI development and regulation is global, but regulatory frameworks differ between regions. For example, the FDA's regulatory framework for AI in medical devices focuses on continuous updates and modifications, while the EU AI Act emphasizes transparency and fairness. o Harmonizing regulations across different regions is essential to avoid duplicative testing and approval processes, making it easier for manufacturers to bring AI medical devices to international markets. Bias in AI Bias in AI can arise when the data used to train algorithms is unrepresentative of the population (eg. particular demographic group) that will use the device à leads to inaccurate or even harmful medical outcomes, such as misdiagnosis or improper treatment recommendations. Strategies for reducing bias in AI MD Diverse and Representative Datasets: o wide variety of demographic groups, covering different ages, ethnicities, genders, and geographic regions. o Regulatory bodies, such as the FDA and EMA, have started to emphasize the importance of diversity in training datasets during the approval process for AI- driven devices. Bias Detection and Mitigation Techniques: o Bias detection involves running the model on different demographic groups to see if its performance varies across populations. o Data augmentation can help by creating synthetic data to balance underrepresented categories within the dataset, thus reducing bias during training. Explainable AI (XAI): o Transparency is crucial in AI medical devices. Explainable AI (XAI) techniques enable clinicians and regulators to understand how and why the AI model makes its decisions. o Explainable AI helps build trust among healthcare providers and ensures that clinicians can verify AI decisions, enhancing patient safety. Regulatory Oversight on Fairness: o focused on ensuring that AI systems are free from bias and maintain transparency. o EU AI Act: Focuses on regulating AI systems used in high-risk applications like healthcare, with specific provisions to ensure transparency and bias mitigation. o FDA’s AI/ML Action Plan: Provides guidance for the development and monitoring of AI in medical devices, emphasizing transparency, continuous learning, and fairness. o There are in total 43 different AI regulations and/or directives in place worldwide Human Oversight and Continuous Monitoring: o Despite the advancement of AI, human oversight remains critical. Medical professionals should have the ability to override AI decisions, especially in cases where AI's recommendations appear uncertain or flawed. o Continuous monitoring of AI devices after they enter the market is essential to detect and correct any biases that might emerge as the system is exposed to new data. 2.3.4 International Regulatory Systems: Key Markets Brazil – ANVISA: Brazil’s regulatory body, ANVISA (Agência Nacional de Vigilância Sanitária), oversees medical devices and health products within the country. ANVISA classifies medical devices into four categories based on risk, similar to the EU classification system. To market products in Brazil, manufacturers must obtain ANVISA approval by submitting detailed technical documentation, including clinical data, risk management, and labeling information. Canada – Health Canada: Health Canada regulates medical devices under a classification system similar to the FDA and MDR. Devices are classified into four risk classes, with higher-risk devices requiring more extensive clinical testing and regulatory review. Manufacturers seeking approval in Canada must submit a medical device license application, which includes technical documentation, clinical data, and quality management system certification (ISO 13485). Australia – TGA: The Therapeutic Goods Administration (TGA) is Australia’s regulatory body responsible for medical devices and pharmaceuticals. TGA uses a risk-based classification system similar to that of the EU and the FDA. For higher-risk devices, the TGA requires manufacturers to provide clinical data and undergo a conformity assessment before they can market their products in Australia. 2.3.5 International Organization for Standardization (ISO): Mandatory standards for every legal manufacturer! ISO 13485: Medical Devices – Quality Management Systems (QMS) Purpose: This standard sets out requirements for a comprehensive quality management system that governs the design, development, production, installation, and servicing of medical devices. When It Is Used: ISO 13485 is used by organizations involved in the production of medical devices. Compliance is often required for regulatory approvals and certifications in global markets (e.g., by the FDA, EU MDR). Key Focus: It ensures that medical devices meet applicable regulatory requirements consistently, covering aspects such as product safety, design controls, and risk management throughout the product lifecycle. ISO 14971: Risk Management for Medical Devices Purpose: This standard provides a structured approach to risk management specific to medical devices, ensuring that potential risks associated with the use of medical devices are identified, assessed, controlled, and monitored throughout the product's lifecycle. When It Is Used: ISO 14971 is integral to medical device development, from the early design stages through post-market surveillance. Manufacturers use it to ensure that devices are safe for use and that any risks to patients or users are minimized. Key Focus: Emphasis on continuous risk management processes, including hazard identification, risk evaluation, and the implementation of controls to mitigate risks. It is also key during regulatory submissions and audits. ISO 62304: Medical Device Software – Software Lifecycle Processes Purpose: This standard applies to the development and maintenance of software used in medical devices, including Software as a Medical Device (SaMD). It outlines a framework for managing the entire software development lifecycle (SDLC). When It Is Used: ISO 62304 is critical for manufacturers of software that has a medical function. It is used to manage the software’s development, validation, verification, and maintenance phases. Key Focus: It covers risk management in the software development process, ensuring that software is safe, reliable, and functions as intended within its clinical context. ISO 62366: Usability Engineering for Medical Devices Purpose: This standard focuses on the usability engineering process, ensuring that medical devices are designed with the end user (patients, clinicians) in mind to minimize the risk of user errors. When It Is Used: ISO 62366 is used during the design and development stages of medical devices, particularly when a product’s user interface plays a critical role in its safety and effectiveness. It is often applied in SaMD and medical devices that require user interaction. Key Focus: Ensures that devices are user-friendly, emphasizing the reduction of user errors that could lead to harmful outcomes, especially in high-risk applications like diagnostic devices. ISO 27001: Information Security Management Systems Purpose: This standard outlines the requirements for establishing, implementing, maintaining, and continuously improving an information security management system (ISMS) to protect sensitive data. When It Is Used: ISO 27001 is crucial for organizations dealing with health data, especially in the context of digital health and medical devices that store or transmit sensitive patient information. Key Focus: Ensures the protection of data, including patient records and medical data, by implementing measures to manage risks related to data breaches, ensuring confidentiality, integrity, and availability of information. ISO 10993: Biological Evaluation of Medical Devices Purpose: This standard governs the biological evaluation of medical devices, specifically regarding their biocompatibility (i.e., the ability of the device to perform safely within the body without causing adverse effects). When It Is Used: ISO 10993 is applied when developing medical devices that come into contact with human tissues or fluids, such as implants, surgical tools, or catheters. Key Focus: The standard requires a series of tests to assess the device’s interaction with biological systems, including cytotoxicity, sensitization, and irritation tests, to ensure the product is safe for human use. ISO 9001: Quality Management Systems – Requirements Purpose: This is a general standard for quality management systems applicable across various industries, including healthtech, ensuring that organizations consistently meet customer and regulatory requirements. When It Is Used: ISO 9001 is used in broader healthcare applications beyond medical devices, including services, and is often the foundation for more specific standards like ISO 13485. Key Focus: Establishes a framework for consistent quality management practices that enhance customer satisfaction, emphasizing continuous improvement and regulatory compliance. ISO 14155: Clinical Investigation of Medical Devices for Human Subjects – Good Clinical Practice Purpose: This standard sets out guidelines for the planning, conduct, recording, and reporting of clinical investigations involving human subjects to assess the safety and performance of medical devices. When It Is Used: ISO 14155 is used during clinical trials for medical devices, ensuring that these trials are conducted ethically and that data collected is credible and reliable. Key Focus: Provides a framework for protecting patient safety during clinical trials, ensuring ethical standards are maintained and that devices are properly evaluated before market approval. What is the difference between ISO 62366, 14971 AND 13485: 13485 describes processes of the company and the other two ISO are related to the specific product 2.4 Harmonization Efforts to facilitate global commercialization As the HealthTech industry becomes increasingly globalized, there is a growing need to harmonize regulatory requirements across regions. Harmonization simplifies the certification process, reduces du- plication of efforts, and facilitates the global commercialization of HealthTech products. International Medical Device Regulators Forum (IMDRF): The IMDRF is a voluntary group of medi- cal device regulators from around the world, including the U.S., EU, Japan, and Australia. Its mission is to harmonize medical device regulations globally by developing guidelines and standards that align with best practices in medical device regulation. Global Harmonization Task Force (GHTF): The GHTF was an initiative to create common regulatory principles across different regions. While the GHTF has been replaced by the IMDRF, its legacy con- tinues through the development of internationally accepted standards that streamline the regulatory approval process. Mutual Recognition Agreements (MRAs): MRAs are agreements between countries that recognize each other’s regulatory approvals for medical devices. For example, the EU and Australia have an MRA that allows devices approved in one region to be marketed in the other without undergoing additional regulatory review. This reduces the burden on manufacturers seeking to enter multiple markets. 2.5 The cost of Non-Compliance Non-compliance with regulatory requirements can have severe consequences for HealthTech companies. The potential costs of non-compliance include: Product Recalls: If a product is found to be non-compliant after it has been launched, it may need to be recalled from the market, leading to financial losses and damage to the company’s reputation. Fines and Penalties: Regulatory bodies like the FDA and EMA impose significant fines on companies that fail to comply with regulations. These penalties can run into millions of dollars, particularly if patient safety is compromised. Delayed Market Access: Products that fail to meet regulatory requirements may face delays in obtaining approval, preventing them from reaching the market in a timely manner. This can result in lost revenue and opportunities. Legal Liability: Non-compliance increases the risk of lawsuits and legal action. If a product causes harm to patients due to insufficient testing or inadequate safety measures, the manufacturer may face costly legal battles. Damage to Reputation: A company’s reputation can be permanently damaged by non-compliance. Healthcare providers, payers, and patients are unlikely to trust products from a manufacturer with a history of regulatory violations. 2.6 Intended Use of a Device and its Role in Regulatory Compliance 2.6.1 Intended Use Intended use refers to the specific medical purpose or function of a product, as defined by the manufacturer. The intended use determines the scope of a product’s development, clinical testing, regulatory submission, and labeling. Key Aspects of Intended Use: The medical condition the product addresses: What disease, injury, or health condition is the product designed to diagnose, monitor, or treat? The target population: Is the product designed for use by healthcare professionals, patients, or caregivers? Is it for pediatric, adult, or geriatric populations? The environment in which the product will be used: Will the product be used in hospitals, clinics, homes, or other settings? The specific function of the product: What role does the product play in healthcare? For example, is it used for diagnosis, treatment, rehabilitation, or prevention? Whether it is for temporary or long-term use: Is the product designed for a one-time application, short-term use, or permanent implantation? 2.6.2 Importance of Defining Intended Use for Regulatory Submission One of the key reasons intended use is so important is because it influences how a regulatory authority classifies and evaluates the product. For the FDA: The intended use helps the FDA determine whether the device requires 510(k) clearance, PMA, or De Novo classification. The FDA reviews the intended use to ensure that the labeling and marketing claims match the product’s performance and limitations. Misalignment between the intended use and labeling can result in non-approval or regulatory action. For the EU under MDR: The intended use guides the classification of a medical device, determining whether it falls under Class I, IIa, IIb, or III. For example, products with more critical intended uses (such as life-sup- port devices) are classified in higher risk categories. The clinical evaluation and risk management processes must reflect the intended use, and clinical trials must be designed to test the device within its defined use cases. 2.6.3 How Intended Use Shapes Regulatory Classification Different product categories and risk classes are based on the intended use, meaning that two devices with similar designs could be subject to very different regulatory requirements based solely on how they are used. For example: Medical Devices: A thermometer intended for home use (Class I) requires less regulatory scrutiny than a thermometer intended for use in an intensive care unit (Class IIa). In Vitro Diagnostic Devices (IVDs): A blood glucose monitor for personal diabetes management is subject to different requirements than a diagnostic test for detecting infectious diseases in a clinical laboratory. Software as a Medical Device (SaMD): An AI-driven app that interprets heart rhythm data for consumer use might be classified differently than software used by a cardiologist to diagnose heart conditions. 2.6.4 Determining Intended Use: A Manufacturer’s Responsibility The determination of intended use begins with the manufacturer. This definition must be specific and well- documented, as it shapes the entire product development lifecycle, including: Product Development and Design: Engineers and product developers must align the design with the intended use to ensure that the product performs safely and effectively within its specified scope. Clinical Testing: Clinical studies must be designed to evaluate the product's performance in the context of its intended use. For example, a clinical trial for a surgical tool should focus on its effectiveness during surgical procedures rather than unrelated medical uses. Risk Management: The risks associated with the product depend largely on its intended use. A device designed for critical care in hospitals may have different risk factors compared to a similar device intended for home use by laypersons. Regulatory Submission: When submitting to regulatory authorities, the intended use dictates which regulatory pathway the product must follow, what clinical data must be provided, and what performance requirements must be met. 2.6.5 Intended Use vs. Indications for Use While intended use refers to the general medical purpose of a device, indications for use are more specific and describe the exact conditions or circumstances under which the device should be used. These two terms are closely related but have different implications in regulatory compliance. Intended Use: Broad medical function of the device (e.g., monitoring heart rate). Indications for Use: Specific applications and patient conditions where the device is effective (e.g., monitoring heart rate in patients with atrial fibrillation). For example: A wearable device’s intended use may be “to monitor vital signs in patients.” The indications for use might specify that the device “monitors heart rate, oxygen saturation, and respiratory rate in patients with chronic obstructive pulmonary disease (COPD).” à Regulatory authorities often require manufacturers to provide clinical data supporting both the intended use and indications for use to ensure that the product is safe and effective for its specific applications. 2.6.6 Examples of How Intended Use Affects Classification Case Study 1: Blood Pressure Monitors Consumer Use: A blood pressure monitor intended for at-home use by consumers is considered a low-risk (Class I) device. It requires basic safety and performance testing but is exempt from 510(k) premarket notification. Clinical Use: The same type of device, if intended for use in hospitals to monitor critically ill patients, might be classified as a moderate-risk (Class IIa) device, requiring more stringent clinical evaluation and regulatory scrutiny. Case Study 2: AI-Driven Diagnostic Software General Consumer App: A mobile app that uses AI to analyze fitness data and provide general health insights may not even be classified as a medical device if its intended use is general health monitoring (wellness product). Clinical Diagnostic Tool: In contrast, if the same AI-driven software is designed to interpret diagnostic imaging for identifying tumors, it becomes a high-risk medical device (Class IIb or III), requiring clinical trials to validate its accuracy and safety before it can be used in medical settings. Case Study 3: Wearable Devices Fitness Tracker: A wearable device intended to track daily activity levels and heart rate for fitness purposes would not require rigorous regulatory oversight, as it is not intended to diagnose or treat medical conditions. It might not be classified as a medical device at all. Medical-Grade Device: However, if the same wearable is intended for continuous monitoring of heart rhythm in patients at risk for arrhythmias, it would be classified as a medical device and subject to strict regulatory requirements, including clinical validation of its accuracy and reliability. 2.6.7 Regulatory Risks of Misaligned Intended Use Failure to clearly define or adhere to the intended use of a product can have serious regulatory consequences. Misalignment between intended use and product claims or performance can result in: Regulatory Delays: If the intended use is not clearly defined, the regulatory body may request additional information, leading to delays in product approval. Product Recalls: If a product is found to be marketed for an intended use that was not evaluated during the regulatory review, it may be subject to recall. Fines and Penalties: Regulatory bodies such as the FDA and European authorities may im- pose fines or penalties on companies that fail to comply with intended use requirements. Legal Liability: Misleading intended use claims can result in legal actions from patients or healthcare providers, particularly if the product fails to perform as expected in its claimed application. 2.6.8 Preparing for Regulatory Submission: Intended Use in Technical Documentation In preparing for regulatory submission, manufacturers must clearly and consistently define the intended use throughout their technical documentation. This includes: Product Specifications: The intended use should be reflected in the design specifications and performance requirements of the device. Risk Management Documentation: The intended use determines the types of risks that need to be addressed in the risk management file. Clinical Evaluation Reports: Clinical trials and evaluations should be designed to demonstrate the product’s safety and efficacy for its intended use. Labeling and Marketing Materials: The intended use must be accurately represented in all marketing materials and instructions for use to avoid regulatory non-compliance. 2.7 The two Pillars of Certification à CE must be done for every device a company wants to market 2.7.1 Overview of the Certification Process Bringing a HealthTech product to market requires manufacturers to meet rigorous regulatory standards. Achieving certification involves demonstrating that the product is safe, effective, and compliant with the applicable regulations. The certification process for HealthTech products is supported by two essential pillars: 1. A robust Quality Management System (QMS) based on ISO 13485, which governs the com- pany’s processes for designing, manufacturing, and maintaining the product. 2. Comprehensive Technical Documentation, which demonstrates that the product itself meets the necessary safety and performance requirements. Synergy between the two pillars: The two pillars of certification—ISO 13485 QMS and CE certification via technical documentation—are interdependent and must be aligned for successful product certification. A robust QMS ensures that the company has the processes in place to develop, manufacture, and maintain high-quality products. In parallel, the technical documentation demonstrates that the product itself meets regulatory requirements. By maintaining both pillars, HealthTech companies can not only bring their products to market but also ensure their products continue to perform safely and effectively throughout their lifecycle. 2.7.2 Pillar 1: The Quality Management System (QMS) – ISO 13485 A strong QMS is the foundation of any HealthTech company’s operations. It not only ensures that the company’s internal processes are efficient and quality-driven but also provides a framework for main- taining compliance with regulatory requirements throughout the product lifecycle. Key Components of ISO 13485: Risk Management: ISO 13485 requires manufacturers to implement risk management pro- cesses throughout the product lifecycle. This includes identifying, evaluating, and controlling risks associated with the design, development, and use of the medical device. Design and Development Controls: The standard outlines requirements for controlling the design and development process, including design reviews, verification, and validation activi- ties. These processes ensure that the device meets user needs and intended purposes. Supplier Management: Manufacturers must ensure that suppliers and subcontractors involved in the development or manufacturing of the device also comply with quality requirements. This includes establishing agreements and evaluating supplier performance. Document Control and Record Keeping: The QMS must include processes for controlling documents and maintaining records related to design, manufacturing, and testing. These rec- ords provide evidence of compliance and serve as an essential part of the product’s technical documentation. Internal Audits and Management Reviews: Regular internal audits are required to ensure that the QMS is functioning effectively. Additionally, top management must review the system peri- odically to ensure its continued suitability and effectiveness. Corrective and Preventive Actions (CAPA): The QMS must include processes for identifying non- conformities, investigating root causes, and implementing corrective actions to prevent re- currence. Preventive actions are also necessary to mitigate potential issues before they arise. The Role of ISO 13485 in Certification: ISO 13485 certification is typically a prerequisite for manufacturers seeking to market their products in regulated markets such as the European Union and the United States. Certification serves as evidence that the company’s processes meet international quality standards, which is essential for gaining approval from regulatory bodies. Audit by Notified Bodies or Certification Bodies: To achieve ISO 13485 certification, the manufacturer must undergo an audit by a notified body (in the EU) or a certification body (in other regions). The audit evaluates the company’s QMS to ensure compliance with ISO 13485 requirements. Once certified, the company must maintain the QMS and undergo periodic surveillance audits to retain its certification. Why ISO 13485 is Critical: ISO 13485 is often compared to a "driver's license" for HealthTech manufacturers. It certifies that the company has the systems in place to consistently produce safe, high-quality medical devices. Without ISO 13485 certification, a company cannot legally market its products in many regions. Having a certified QMS significantly reduces the risk of non-compliance during regulatory inspections and audits. 2.7.3 Pillar 2: CE Certification and Technical Documentation What is CE Certification? The CE mark is a certification that indicates a product complies with all applicable European Union regulations and can be marketed within the European Economic Area (EEA). For HealthTech products, obtaining CE certification is a critical step in gaining access to the European market. CE certification involves a rigorous assessment process, during which the product must demonstrate compliance with the Medical Device Regulation (MDR) or In Vitro Diagnostic Regulation (IVDR), depending on the product type. The process requires the submission of detailed technical documentation that proves the product’s safety, performance, and efficacy. Key Components of Technical Documentation: To obtain CE certification, manufacturers must compile a comprehensive technical file. The key components of the technical documentation include: Design and Development Journal / Technical Documentation: This document provides a detailed account of the product’s design process, including design inputs (requirements), design outputs (specifications), and any design changes that occurred during development. It serves as a record of how the product was developed and how it meets regulatory requirements. Risk Management File: The risk management file documents the manufacturer’s process for identifying, assessing, and mitigating risks associated with the product’s use. This file is critical for demonstrating that the manufacturer has thoroughly considered and addressed any potential safety concerns. Usability Engineering File: Usability engineering ensures that the product can be used safely and effectively by the intended user population. This file includes the results of usability testing, which assesses the product’s ease of use, potential for user errors, and overall user satisfaction. (Pre-)clinical Testing (Verification and Validation): Preclinical testing verifies that the product meets its design specifications (verification) and performs as intended in real-world conditions (validation). Verification include lab tests, simulations, and other testing methods that ensure the product works as intended before it is tested in humans. Validation activities include clinical studies and summative usability studies. Clinical Evaluation: A clinical evaluation assesses the clinical safety and performance of the product. This may include clinical trials or a review of clinical data from existing studies (for lower-risk devices). The clinical evaluation is essential for proving that the product is safe and effective for its intended use in real-world settings. Clinical Study Results (for high-risk devices): For high-risk medical devices, manufacturers must conduct clinical studies to gather direct evidence of the product’s safety and effectiveness. The results of these studies must be included in the technical documentation. Labeling and Instructions for Use (IFU): The labeling and IFU provide essential information about the product’s intended use, contraindications, potential risks, and instructions for safe use. Regulatory bodies review this documentation to ensure that users can safely and effectively operate the product. à Parallel to the concept phase starts also the risk management, usability engineering and the clinical evaluation of the product! 2.7.4 Maintaining Compliance: Surveillance Audits and Post-Market Surveillance (PMS) Obtaining ISO 13485 certification and CE marking is only the beginning of a product’s regulatory journey. After a product is certified and placed on the market, manufacturers must continue to monitor its performance through post- market surveillance and maintain their QMS through surveillance audits. Surveillance Audits: To maintain ISO 13485 certification, manufacturers must undergo periodic surveillance audits con- ducted by notified bodies or certification bodies. These audits assess whether the manufacturer’s QMS continues to comply with ISO 13485 requirements and whether the company has addressed any non- conformities identified during previous audits. Post-Market Surveillance (PMS): PMS is a critical regulatory requirement for ensuring the ongoing safety and performance of HealthTech products after they have been placed on the market. Manufacturers are responsible for implementing a PMS plan that includes: Collecting and analyzing data on product performance in real-world use. Monitoring adverse events and incidents. Updating risk management files and clinical evaluations based on post-market data. Submitting periodic safety update reports (PSURs) for high-risk devices to notified bodies. 2.8 Case Studies of Successful HealthTech Regulatory Compliance 2.8.1 Introduction to Case Studies Real-world examples of how HealthTech companies have successfully navigated regulatory challenges provide invaluable lessons for startups, small businesses, and established organizations alike. In this chapter, we will explore several case studies that highlight the different paths companies have taken to bring innovative products to market while maintaining compliance with stringent regulatory requirements. These case studies will focus on how companies balanced innovation with regulatory obligations, the challenges they encountered, and the strategies they employed to overcome obstacles. Each case study will offer practical insights that can be applied across the HealthTech industry. 2.8.2 Case Study 1: AI-Powered Diagnostic Software – Navigating FDA Approval Background: A startup company specializing in artificial intelligence (AI) developed an innovative di- agnostic software tool designed to analyze radiology images and detect early signs of lung cancer. The software, classified as Software as a Medical Device (SaMD), promised to drastically reduce the time it takes radiologists to interpret scans and improve the early detection of cancer. Regulatory Challenge: The AI-powered software faced significant regulatory hurdles, as the FDA had strict guidelines for SaMD and AI technologies. The FDA required the software to demonstrate not only that it was accurate but also that it maintained a high level of performance over time, particularly as the AI learned and adapted to new data (dynamic learning algorithms). Key Regulatory Pathway: De Novo Pathway: Since there was no predicate device for this type of AI software, the company pursued the FDA's De Novo classification for novel, low- to moderate-risk devices. This pathway allowed the company to establish a new regulatory category for its AI-based product. Steps Taken: Early Engagement with the FDA: The company held pre-submission meetings with the FDA to clarify the regulatory pathway and gain insights into specific data requirements for AI-based products. Iterative Testing and Validation: The company conducted extensive validation studies, ensuring that the software performed consistently across different populations and clinical environments. They tested the software on thousands of radiology images to demonstrate accuracy and reliability. Post-Market Plan: To address concerns about the AI's dynamic learning capabilities, the company developed a robust post-market surveillance plan, including real-time performance monitoring and continuous updates submitted to the FDA. Outcome: The AI diagnostic tool received FDA clearance through the De Novo pathway, becoming one of the first AI-powered medical devices of its kind. The company’s proactive approach, including early regulatory engagement and a solid post- market surveillance plan, was key to gaining approval. The software has since been widely adopted by hospitals and imaging centers, significantly improving diagnostic efficiency. 2.8.3 Case Study 2: Wearable Health Device – CE Mark

Essentials in Translational Science PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue