CDRH Reorganization Takes a Total Product Lifecycle Approach; MDSAP, ISO Adoption, and Collaboration with MDIC Moving Forward

In the third report from December’s FDLI Enforcement, Litigation, and Compliance Conference, CDRH’s Associate Director for Compliance and Quality Erin Keith explains the Center’s completely revamped organization structure that was finalized late last Fall, its progress on international harmonization efforts, and the changing face of its compliance program.

Did you know that CDRH no longer has an Office of Compliance?  Would you like to know where those functions went? Read on.

Total Product Lifecycle Approach

The FDA Center for Devices and Radiological Health (CDRH) has undergone a major reorganization reflective of a total product lifecycle (TPLC) approach―a product-focused review for each product area that covers all the programs in the lifecycle of a device under the same management chain, allowing a 360° view of a product for the agency management and the reviewers.

Part of the reorganization includes the creation of a Super Office―the Office of Product Evaluation and Quality (OPEQ)―that includes seven product-specific review offices and two supporting offices.  One of the supporting offices is the Office of Regulatory Programs (ORP) that includes the traditional pre-market review programs, compliance, and surveillance programs.

Despite the time and energy needed to undertake a massive reorganization, international collaboration programs―such as the Medical Device Single Audit Program (MDSAP), adoption of ISO 13485:2016 quality management standard, and collaboration with the Medical Device Innovation Consortium (MDIC) to drive continuous improvement―continue to move ahead.

[NOTE: Stay focused on your company’s recent changes and let Govzilla PRO do the monitoring for you.  Sign up for a free account to see how it will help your company.]

At the Food and Drug Law Institute (FDLI) Enforcement, Litigation, and Compliance Conference held in Washington, DC in December 2019, CDRH Associate Director of Compliance and Quality Erin Keith reviewed CDRH’s recent reorganization, including where various functions now reside in the office, and key changes in the way CDRH has shifted its focus.

Keith began by sharing the current CDRH organizational chart, which was finalized in October 2019.  She pointed out two new offices that are the result of programs and functions that were spun out of the Office of the Center Director―the Office of Policy, and the Office of Strategic Partnerships and Technology Innovation (see Figure 1).

Figure 1

(Note: click image to enlarge.)

Familiar offices that were retained in the reorganization are the Office of Communication and Education, the Office of Management, and the Office of Science and Engineering Laboratories.

Where Did the Familiar Offices Go?

Keith pointed out that there are a few offices people have been “used to interacting with” that are missing.  These include the Office of Device Evaluation, the Office of In Vitro Diagnostics and Radiological Health, the Office of Compliance, and the Office of Surveillance and Biometrics.  As part of the reorganization, the regulatory responsibilities of these offices now reside in OPEQ (see Figure 2).

Figure 2

Keith explained that CDRH “has a lot of experience with the Total Product Lifecycle (TPLC) Office,” having created its first one in 2002 around a specific product―the Office of In Vitro Diagnostics.  In that case, all the pre-market review, compliance review, and medical device reporting (MDR) review functions for in vitro diagnostics were combined into one office under a single management team.

The total product lifecycle regulatory approach, she explained, “allows people to see the lifecycle of activities associated with a product and use the appropriate tool―whether it is a formal official compliance activity, a pre-market activity, or a post-market surveillance communication activity―in order to push the industry in the right direction and ensure that safe and effective medical devices are available.”

OPEQ has seven offices “that are like that original TPLC Office.”  These are called Offices of Health Technology, and each is product-focused, as reflected in the OPEQ organization chart (see Figure 3).

Figure 3

OPEQ also includes two supporting offices―the Office of Clinical Evidence and Analysis (OCEA), and the Office of Regulatory Programs.  OCEA is responsible for and houses all CDRH’s clinical evidence programs, including the Investigational Device Exemption (IDE) program, its clinical trials program, Bioresearch Monitoring (BIMO) program, and the biostatistics program.

The Office of Regulatory Programs (ORP) is the repository of all the other regulatory programs that the Office of Product Evaluation and Quality is responsible for.  This includes the traditional pre-market review programs, the traditional compliance programs, and the surveillance programs.

The reorganization added a new layer with OPEQ in addition to the Center.  “But we have addressed this,” Keith said, “by streamlining our decision making and pushing some of the decision making for our programs to the lowest most appropriate level.  So just because there is an organizational layer does not mean it is part of the oversight of the work functions.”

She described the move to a team structure as “intentional,” explaining that it has to do with “the intricacies of making changes to organizational structures within the government, and particularly in a regulator of industry.  This allows us to make changes at a much faster rate should we need to.”

Compliance and Review Functions Now in OPEQ

CDRH has instituted a matrix structure for the compliance and quality programs at CDRH.  As a result, there are multiple offices involved in the implementation of the compliance program.

The Office of Clinical Evidence and Analysis, OCEA, is responsible for the BIMO programs and the actual implementation of the programs.  The people who do the reviews, write the warning letters or untitled letters or interact with those who have been the subject of an inspection are in OCEA.

ORP is where the traditional compliance program operations are housed, such as Registration and Listing, the Inspection and Audit Programs, Imports and Exports, and Recalls.  The Market Review Programs as well as the Medical Device Reporting Program are also housed there.

The Offices of Health Technology―the OHTs―are where the traditional review functions across the lifecycle occur (see Figure 4).  That includes the compliance program.  They do the reviews associated with classifying an Establishment Inspection Report (EIR) and making the decisions about whether to issue a compliance action associated with that classification.

Figure 4

The OHTs perform virtually all the functions for the respective product type―for example, they classify recalls.  They assess allegations to determine if there is appropriate follow-up that is necessary with what has been submitted to the agency.  They are involved in determining if a regulatory meeting is necessary in order to bring a company into compliance. They are involved in more advanced casework when that happens―for example, cases that are related to injunctions, civil money penalties or seizures, or cases that the Department of Justice (DOJ) takes in the criminal division.

The Immediate Office at OPEQ also has a function in the compliance program.  It is responsible for new compliance and quality policy development, as well as consistent application of that policy throughout the organization, enforcement strategy development, and strategic program development.

Keith provided two slides that cover contacts in the Immediate Office―contacts that are appropriate in the Office of Regulatory Programs (a link to the contact list is attached at the end of this article).  “I want to point out that each of the division directors noted here has some aspect of CDRH’s prior compliance program responsibilities.  So even though there is one that says Submission Support that relates to PMA’s, 510k’s, and Denovos as an example, they also have functions that were the responsibility of the compliance programs in the past.  For example, device tracking is managed through this group and so is the custom device program.”  There is also a contact for the BIMO Program.

Each of the individual OHTs has a lead for the compliance program.  This is a member of the leadership team at the office level―a deputy director, an associate director, or an office director.  “It is most appropriate to reach out to them if it is a product specific issue that you want to discuss,” she emphasized. “Note that OHT7, the Office of In Vitro Diagnostics and Regulatory Health, has two contacts.  That is because it covers two primary program areas, In Vitro Diagnostics and Radiological Health.”

MDSAP and ISO Harmonization Efforts Progressing

Keith emphasized that even during a major reorganization, work with international partners has continued, specifically with the Medical Device Single Audit Program (MDSAP) and the adoption of ISO 13485:2016.

MDSAP is a joint program that FDA participates in that was developed by the International Medical Device Regulators Forum (IMDRF), an international device harmonization group.  It is a single audit that meets regulatory needs in five markets. It is used by Australia, Brazil, Canada, Japan, and the United States. The number of MDSAP audits has been increasing since 2014 (see Figure 5).

Figure 5

The EU recently announced that it has instituted a task force to assess how it can use the MDSAP audit report for regulatory purposes in the EU.  “That is a big step for us,” Keith explained. “We have had a lot of interaction with the EU over the years trying to have it participate in this program.  There is a lot of value in bringing them into this and having a single audit across that market as well.”

FDA uses the MDSAP audit in exchange for a routine surveillance inspection.  “It allows us to screen out companies with a high probability of compliance with our requirements and focus on those companies that have a lower probability of compliance―to find more of those companies and help them become compliant.”

The other big harmonization activity on the agenda is the adoption of ISO 13485:2016.  CDRH announced via the unified agenda its intent to adopt ISO 13485:2016 to meet regulatory requirements in the quality management system space.  The agency anticipates issuing a proposed rule in the summer of 2020 (link provided below).

The revisions will supplant the existing requirements with the specifications of ISO 13485:2016 and help harmonize domestic and international requirements.  This approach is consistent with and complements MDSAP.

Medical Device Quality in Focus

Keith emphasized that all CDRH’s regulatory programs “at their heart” are intended to ensure that there are high quality, safe and effective medical devices available in the United States.  The compliance program is no exception.

In 2011, CDRH “took a very hard look at how successful our compliances programs were at producing the desired goal as demonstrated by a high degree of compliance with our quality system requirements,” she explained.  “What we noticed was that from year to year we had basically the same results. We had the same percentage of companies that were compliant, the same percentage of companies that had a little bit of a problem but we were confident that they could fix it, and then the same percentage of companies that were non-compliant and we had to deal with.”

The data showed that the Center’s compliance program is “very effective at dealing with individual companies, helping them become aware of their non-compliance and working towards becoming compliant.  But it was not being successful in moving the overall arc of the industry into a more consistent high level of compliance and therefore producing higher quality products,” the OPEQ Associate Director for Compliance and Quality commented.

CDRH decided to take a different approach and enhance its traditional compliance and enforcement model with programs that focus on quality and process improvement within a company.  “This is different for us,” Keith said. “It is not an enforcement action. There is not an enforceable requirement for a company to improve. You must meet the requirements, but you do not have to get better.”

However, continual improvement is an accepted principle within quality management systems, adopted by many industries around the world such as the motor vehicle industry, banking, and a whole host of industries.  It has become very common and is a requirement in a lot of other quality management systems standards that are not medical device-specific. In the pharma world it is guided by ICH Q10, the Pharmaceutical Quality System.

CDRH is partnering with the Medical Device Innovation Consortium (MDIC)―a public/private partnership that FDA is a member of, as are other government organizations, industries, and other stakeholders in the medical device community, including payers, providers, and patients.

The aim was to develop a program that would voluntarily push the concepts of making decisions based on improving quality and prioritizing compliance and patient outcomes instead of simply achieving compliance with the regulatory requirements and documenting them.

Working with MDIC, CDRH developed a third-party appraisal program that assesses the relative maturity level of a company’s quality management system with a goal of driving continuous improvement and achieving organizational excellence.  CDRH then took that program and created a pilot program in its pre-market space and applied it to the Premarket Approval (PMA) Humanitarian Device Exemption (HDE) program’s 30-day notice submissions.

“What we did was take a scorecard of information that came from that third-party appraisal of a company, along with a reduced set of information compared to a traditional 30-day notice and committed to a reduced review timeframe to make a decision on that information,” Keith explained.

“In order to participate in this, one of the key things that was important for the company was that they had to have a history of regulatory compliance.  We had to have confidence that their quality management system was doing what it was supposed to do.”

The Capability Maturity Model Integration (CMMI) Institute is the third-party organization that manages the appraisal process.  Surveys and feedback from the participants to CMMI indicate that “a huge percentage of the companies are very happy to have participated―that they see value in the process improvements that they have been able to make and can tie that to improvements in quality with their products,” Keith said.

“As a result,” she pointed out, “we are very big on this program and we plan to move this Case for Quality pilot into a permanent program and operationalize CDRH’s case for quality pilot this year” (see Figure 6).

Figure 6

CDRH is also working with MDIC to develop a pilot program around the appraisal concept and voluntary improvement for companies that are non-compliant.  The aim is to assess the ability of the appraisal process and internal assessment of how well a firm’s quality system is functioning and its decision making is being implemented to see if it will have an impact on the participant’s ability to return to a compliant status.

In closing, Keith said the Center prefers not to use enforcement tools.  Its preference is to get to the problems when they are smaller and easier to fix.

“We think that the adoption of our TPLC model, the harmonization activities that we are involved in, and the use of Case for Quality voluntary pilots will help push the needle in the industry to a better place, so that there will be fewer compliance problems and therefore far fewer enforcements.”

Q&A Focuses on Declining CDRH Warning Letters

During the Q&A following Keith’s presentation, an audience member asked if she could explain why the number of warning letters issued by CDRH has declined in the last several years.

Keith replied, “I think a lot of it has to do with our intent to reorganize.  And to that, it was very disruptive to the compliance process. It was organized in a way that was different now than it was in the past and so the processes had to be worked out a little bit more.  We wound up with some time wrecks because of it.”

“We cannot issue a warning letter if we do not do it timely according to the evidential requirements.  We need to make sure that when we issue a warning letter, we do so within 120 days of the closing of the inspection.  If we miss that, then we wind up issuing more untitled letters than we issue warning letters. Or we issue ‘It has come to our attention’ letters if we cannot support an untitled letter.”

The moderator asked if the 120 days is a CDRH policy or whether it applies more broadly, to which Keith replied more broadly.

The moderator asked about the number of consent decrees during the same timeframe.

“Without getting to that stage first, that warning letter of prior notice, you do not get to the stage of Consent Decree, should somebody be in the condition of lack of compliance with the requirements,” Keith replied.

“I would say that our goal is voluntary compliance versus anything involving enforcement.  It is easier on us, it is easier on the companies. We see faster resolution with those things than we do with a formal Consent Decree.  However, if somebody is a slow learner and is not going to voluntarily comply, we will take the next step.”

Links

OPEQ Compliance and Quality Program Contacts
Unified Agenda: Harmonizing and Modernizing Regulation of Medical Device Quality Systems
ICH Q10
CDRH Case for Quality

[NOTE: Stay focused on your company’s recent changes and let Govzilla PRO do the monitoring for you.  Sign up for a free account to see how it will help your company.]

Like this post? Don't forget to share it!

Share on facebook
Share on twitter
Share on linkedin
Share on email
Share on print

Recent Posts

Govzilla Bug

Don’t miss out! Subscribe now

Experience the Power of Govzilla

Get your FREE account to search sites, inspections, & warning letters