In my work, I’ve found that medical device companies often struggle with postmarket data collection and usage. Some companies collect too much data and then do nothing with it. More “poundage” is not better. Other companies wait for eye-openers like complaints, medical device reports, non-conforming products and negative process results, scrap reports and returns. They anticipate these bits and pieces of bad news to bubble to the top of their quality overflow scenarios. It’s not a pretty sight, thinking that a Management Review will miraculously “put out the fires using risk to make decisions about postmarket incidences.”
Simply put, postmarket surveillance is an assemblage of processes and activities used to proactively monitor, record and react to the performance of a medical device after it has been introduced into and shipped to the marketplace. Proactively is an important and operative word in this process. Just waiting for complaint data to arrive at your company is not good enough. Frankly, it’s never been the best way to measure performance because it’s so after-the-fact—so backward-looking.
Also, we should straighten out one point before we progress to the meat of this article. The principle differences between vigilance and postmarket surveillance are important to understand. Vigilance is the reporting of adverse incidents by manufacturers to the regulatory authorities and their subsequent sharing of key incident data between each other. Postmarket surveillance is the process by which information on overall device performance (good and bad outcomes) is captured, analyzed and then acted upon. This article is an overview and an update of the process involved with postmarket surveillance, of which vigilance can (and should) be a part. Nevertheless, it is a struggle to gain widespread appreciation that these two activities are not in fact one and the same. It’s like the words and concepts explaining verification versus validation. Some individuals just don’t get it.
Snippets of Background Information
Postmarket surveillance is not a new concept, as postmarket surveillance of medical devices was initiated in the U.S. with the enactment of the Food and Drug Administration Modernization Act of 1970 under Section 522 for class II and class III devices. (By the way, Class I devices are also part of the surveillance picture.) In 1989, the Therapeutic Goods Act provided the legislative basis for uniform national controls over goods used in the prevention, diagnosis, curing or alleviation of a disease, ailment, defect or injury in Australia. In June 1993 vigilance requirement for medical devices for member states and manufacturers was published as Council Directive 90/385/EEC and 93/42/ EEC, followed by incorporation of amendments of revision 5 of MEDDEV guidance 2.12–1 in 2007 by the European Union.
Concerning rudimentary regulatory tools, FDA basically uses the processes involved with medical device tracking, medical device reporting, complaints, recalls, unique device identification and seizures, whereas the EU has adverse event reporting, field safety notices, investigations, enforcement, postmarket clinical follow-up and the review of company records (during audits) as their means to their end.
These activities are designed to generate information regarding use of the device to pragmatically identify device design and/or usage problems and accurately characterize the real-world device behavior and clinical outcomes. The need for surveillance “stands up” immediately upon commercialization of the device in the field. Be cognizant of the fact that this process starts in design and development.
Using the Risk Tools
Making sure that your company has adequate input into the risk management process during product development and manufacturing will assist your Quality Review Board (QRB) in characterizing possible product safety issues. The risk profile of the device advances from these efforts, and can be used to effectively develop the postmarket surveillance strategy for each device type. It is important to note that the requirements for postmarket surveillance should be directly aligned with the risks associated with the device based on its intended and indications for use. Using the words “in proportion to” or “in alignment with” is appropriate from a procedural standpoint.
In developing a robust surveillance process, your company should consider whether or not the product or technology is new to the manufacturer and/or the marketplace. Legacy products have a successful past in the market, whereas new devices, new technological adaptations and revised indications for use should be a focus of more intense surveillance activities. Remember, it’s all about risk. How many times have you heard that over the past seven years? When your company has a long history of development and marketing of similar device types, you are likely to have a clear understanding of the patient population and the reasonably foreseeable risks associated with this legacy product. Available data regarding state-of-the-art market experience for similar products and technology may be adequate for low-risk devices with a long history of clinical success.
Whether it’s for FDA or EU compliance, postmarket surveillance should be a systematic process having to do with data collection and lessons learned and a proactive exercise concerned with collecting and analyzing information on a regular basis. If your company consistently collects the same types of relevant information, you might be able to see trends. The degree, level of depth, methods and use of this information are subjective and should be defined succinctly in your company’s Risk Management Plan. Some companies have a great process in place and they collect a lot of data but, in fact, they don’t do anything with the information. Risk management is a tool that helps define this gathering process, but disseminating the information into action plans is another story. Your company needs to be somewhere between superfluous and relevant. You should plan this activity from a strategic standpoint and tactically embrace the information at every QRB meeting and every Management Review session.
As I said, the old-fashioned approach of looking at just complaint data is an after-the-fact story and those trends, being very important to the big picture, don’t necessarily include these sources of valuable information:
Clinical evaluation reports | Literature reviews | Focus panels | In-house quality data
Post-launch production changes | Competitive claims | Labelling presented on websites
Service reports | Adverse events, per se | Regulatory filings/actions/guidance
Interestingly enough, these same data elements can be used effectively in your company’s risk management process. The challenge is how to get all of this wonderful information cross-functionally in a useable format that can be analyzed and then used to prevent future issues. I’ll outline a framework below, but first, let’s see how postmarket surveillance is defined in the U.S. and EU.
Next: The Lifecycle Approach
- Next >>