Key focus areas for FDA in 2015 include: CAPA+2 (Corrective and Preventative Actions), Unique Device Identification (UDI) implementation and premarket/postmarket controls enforcement. In a Medmarc webinar entitled, “FDA CDRH in 2015: Gazing through the Crystal Ball,” John Avellanet, founder of Cerulean Associates LLC, a lean compliance consulting firm, further explained FDA’s plans in 2015 and the ways that companies should prepare for upcoming changes.
What should manufacturers expect in 2015?
- The need to keep concise records demonstrating device safety and efficacy, from initial design control through postmarket decision-making
- An increase in Class II device costs due to UDI implementation
- Increased liability risks from public enforcement of poor design control records and postmarket surveillance actions
- The need to adapt substantial equivalence submissions and requests to newer format with specific data sets
- Increased premarket data integrity controls around clinical data
2015 Enforcement Forecast
Companies should be prepared for enforcement in the following areas.
CAPA+2: CAPA+2 (CAPA+Production+1) will become the guiding inspection method. This involves the examination of ten random CAPAs and ten production records, plus one other area such as design control, raw material controls, outsourced production-related controls, process validation, records controls, distribution controls and postmarket surveillance and MDR.
UDI: The deadline for UDI implementation of implantable, life-supporting or sustaining devices is September 24, 2015. Beginning in 4Q15, public warning letters will be issued to firms making little or no progress. Firms struggling with implementation will need proof, such as conflicting advice/letters from UDI issuers and/or a scheduled meeting with FDA.
Data integrity: The Center for Drug Evaluation and Research and Center for Biologics Evaluation and Research 2010 data integrity “special focus” inspections will be extended to CDRH, resulting in the enforcement of documentation and validation of cybersecurity controls.