• Internet of Medical Things Banner Home

  • White paper Banner Home

  • careers

  • careers

 
 
 
Blog

by Jay Crowley

IRELAND BLOG JAY 675x300

We are excited to be at the Medtec Ireland conference in Galway this week. As an Irish descendant and a Guinness aficionado – I always enjoy my trips to the Emerald Isle. Ireland is home to many medical device manufacturers (8 of the world’s 10 largest medical device companies are located in Ireland – and 18 of the top 25 devices companies have a base in Ireland) and a good deal of sophisticated manufacturing of devices that are distributed globally. And of course, the big topic for EU countries (as well as those countries that leverage the European regulations of devices – e.g., Norway, Liechtenstein, Iceland, Turkey and Switzerland) is the transition to the new medical device regulations (the MDR and IVDR) – and ALL the many changes that this entails. This should be a great opportunity to share understanding and progress to date.

One of the more interesting and complex challenges for device manufacturers implementing the MDR/IVDR (especially those that are not physically located in Continental Europe) are the new requirements for economic operator involved in the distribution of their medical devices. The MDR/IVDR places very specific obligations on distributors and importers to ensure that the devices that they place on the EU market on behalf of a device manufacturer are compliant with the regulations and that any issues are addressed as quickly and effectively as possible. And of course, the way that we tie all the devices and economic operators together is through UDI. This increased scrutiny and clearly identified roles and responsibilities will provide more transparency and help secure the supply chain.

Specifically, the regulations require that importers and distributors verify, before distributing a device, that the manufacturer has properly assigned a UDI to the device. This also includes assuring that the UDI is in compliance with the rules of the chosen issuing agency. This applies not just to the device/label UDI – but to the UDIs on various higher levels of packaging as well. And though not specifically stated, it would seem that UDI assignment in a vacuum is of little use – so the UDI must be properly represented in the UDI carrier (AIDC and HRI) and the product master data submitted to Eudamed’s UDI Database must be valid and up to date. Moreover, when an importer or distributor believes that a device is not in conformance with the regulations, they must NOT place the device on the market until it has been brought into conformance – and must inform the manufacturer (or their authorized representative). And, if the importer or distributor believes that the device may presents a serious risk or is a falsified device – then they must also inform the relevant competent authority. A lot of new responsibilities for importer or distributor that will obviously require more and better communication between and among the various parties…

 

 

About the Author

Jay Crowley 6Jay Crowley is the Vice President of the UDI Services and Solutions at USDM Life Sciences. Jay was most recently Senior Advisor for Patient Safety in the Food and Drug Administration’s Center for Devices and Radiological Health. Jay developed the framework and authored key requirements for FDA’s Unique Device Identification system.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by David Blewitt

david blog 675x300

25 years have passed since the Good Automated Manufacturing Practice (GAMP®) forum was founded to deal with the evolving regulatory expectations for good manufacturing practice (GMP) compliance of manufacturing and related systems. GAMP published its first guidance in 1994.  

Over the years, GAMP® has become the defacto approach to dealing with these expectations, and has morphed into leveraging a “Risk Based Approach” to tackling the nuances of computer systems qualification and validation. It has been 9 years since the last version of the guide – GAMP® 5 was published.

With the avalanche of companies moving their infrastructure and systems to the cloud, what does that mean for that approach? How do you keep up with changes to your compliant systems occurring continually and often without the option of choosing not to embrace them?

Don’t get me wrong, risk management and validation still go hand in hand.  It is still critical to focus the right level of attention on the critical elements of your system, and if the number of changes per release are of a “manageable” level – and can be assessed on a case by case basis (as is the case with some cloud systems), then the approach is applicable.

But – what about systems that don’t have changes limited to an established cadence – the “published release” approach?  More and more cloud vendors are realizing the power and advantages of making continual changes to their platforms. In these cases – where hundreds of small changes can occur on a weekly basis, the traditional “Risk Based” approach is no longer viable. It simply is not possible to assess that many changes and produce an accurate mitigation. In fact – it becomes riskier to try to do this as manual inputs are so contingent on an individual’s own interpretation and there is not enough time to produce a fully reviewed and quality mitigation strategy for the inherent risks.

A new “hybrid” approach is needed; an approach that was not possible a few years ago.  Leveraging advances in technologies such as Automated Testing Tools, it is possible to designate specific elements of a systems architecture that you want to focus upon (utilizing a risk based determination process) and perform “Continual” or “Adhoc” testing of those elements to ensure the data integrity is not compromised. The outputs from these tests can be tailored to produce bespoke, real-time dashboards of platform operation and performance, showing the compliant state at any given time.

It could be argued that this approach, if implemented correctly, is in fact much less risky than the traditional approach. Since the elements tested can be determined once, and repeatedly tested ad infinitum, the chances of an unintentional adverse effect on cGxP functionality made by a cloud vendor being missed by a manual assessment of release notes is drastically reduced.  

New tools enable new approaches. The approach is still risk based, but it has evolved – it is more thorough. In fact, the necessity to focus only on highly critical elements can even be removed - since a one-time bout of test creation enables continual testing henceforth. You could, if you desired, decide to test everything, all the time.  

And that is where this all began. In the early nineties companies were more often than not testing everything, to the nth degree. There was far too much money, time and resources being spent. So naturally, risk based approaches made sense. It’s now possible to more accurately, and more efficiently test everything – if so desired – providing even more assurance of your cloud’s continued compliance.

USDM is already working with cloud vendors on these approaches. For more information contact usdm@usdm.com.

 

 

About the Author

David Blewitt 8David Blewitt is the Vice President of Cloud Compliance at USDM Life Sciences. David is an accomplished Life Sciences Regulatory and IS Compliance Professional with extensive hands-on and leadership experience in the Pharmaceutical, Medical Device, Biotech and Blood Management Industries, specifically in the fields of; Computer Systems Validation, Risk Management, Issue Investigation – Root Cause Analysis and Remediation, Quality Assurance, Software Development Lifecycle, Lean IS Compliance Enhancement Initiatives, Business Analysis, Product Lifecycle Management and Systems/Process analysis with Compliance Roadmap development.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Manu Vohra

Box Blog 675x300

Life Sciences companies are focused on drug development and manufacturing that traditionally have long, multi-year R&D cycles. While this is business as usual for Biopharmaceuticals, other industries are jumping forward by leaps and bounds by leveraging Digital Transformation principals and modern tools such as real-time analytics, IoT, bleeding edge computing, and Artificial Intelligence (AI) processing. So, how do Life Sciences companies hop on the Dx ‘band wagon’? It all starts with a cloud content management layer like Box.com.

Biopharmaceuticals generate copious amounts of content across their organizations, ranging from R&D to Manufacturing to Commercialization. Managing this content with varied regulations and fluctuating business processes presents a unique challenge. Enterprise Content Management (ECM), formerly known as Enterprise Document Management (EDM), is not a new concept but the legacy giants such as Documentum and OpenText catered to this issue with lots of operational overhead such as a qualified infrastructure layer, ongoing maintenance, support staff, hefty license fees, long upgrade cycles, and user disruption for any changes. 

So what are some of the factors that make a cloud ECM System a must-have for Life Sciences?

1. All Cloud – By utilizing cloud based storage there is a massive reduction in operational overhead in the form of service staff, server maintenance costs, licensing costs, sourcing software time, and upgrade costs. A multi-tenant environment allows life sciences to achieve economies of scale on this significant expense.

2. Readily Available Integrations – The advantage of an open-system is that the solutions of tomorrow are coming faster than ever, and using an ECM platform with available connectors and APIs allows integrations to happen easily and quickly compared to the months of custom development required with legacy solutions.

3. Global – Todays business operations know no boundaries. The ability to securely interact with other organizations, partners, sites and manufacturing facilities has been elevated from a ‘nice-to-have’ to a ‘must-have’. Cloud-based ECM allows content to be accesses securely from anywhere without the need for slow, costly, and often unavailable VPNs.

4. Ability to Expand – Content Management Solutions span entire enterprises and are often utilized for only a fraction of their potential. With licensed-based cloud solutions like Box.com, integration with numerous applications is often turnkey, governance principles can be consolidated, and to expand to other teams and departments, only additional licenses need to be provisioned.

Queue box.com. Box, known for its File Sync & Share (FS&S) services, is much more than that. Box is a content management platform layer that meets all the above requirements for a modern ECM Platform and can be used for other GxP operations such as a Clinical trial Operations, managing manufacturing batch records or providing on-the-field training for Medical Liaisons. The cloud ECM band wagon is ready to go. You just need to jump on. 

USDM Life Sciences is a certified Systems Integrator of Box and Digital Transformation Solutions. Contact usdm@usdm.com for more information.

 

 

About the Author

Manu Vohra 85x105 rightManu Vohra is the Vice President of Enterprise Content Management Services and Solutions at USDM Life Sciences. He is a seasoned professional with two decades under his belt deploying content management solutions for Life Sciences while running operations within several IT functions supporting Drug Discovery to Commercialization. He specializes in guiding Biopharmaceuticals in developing long term content management strategies by applying Digital Transformation principles and technologies.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

Notes from a Lonely Life Sciences Digital Transformation Junkie (A.K.A Bryan Coddington)

MED DEV DT BRYAN BLOG 675x300

Digital Transformation isn’t about meeting your goals; it’s about blasting through them and reinventing your business. To do that, you often need to throw out the book and find solutions that are new, bold, and even disruptive to your team. As a medical device company, those solutions aren’t just about the latest and greatest technology but ones that also meet the rigor and requirements of the quality organization.

We all know moving to the cloud is a big part of going digital but in Regulated/GxP business areas, such as field service, the qualification of a platform can be a daunting challenge to even the most experienced quality team. But don’t fear the cloud, for it can be as easy as identifying three things - What, Who, and How.

“What” means what are you qualifying? What does the cloud system consist of? Things like configuration, integration, traceability, change control, release management, disaster recovery, user requirements, and IQ/OQ/PQ must all be documented, risk assessed, and tested if needed.

“Who” means who is responsible for the items listed above? A cloud vendor is responsible for their infrastructure, release management, and disaster recovery. As a customer of a cloud platform, you are responsible for documenting and testing your configuration, integrations, user requirements, risk assessment, traceability, IQ/OQ/PQ, and change management.

“How” is about how to accomplish the items you are responsible for. It starts with performing a risk-based qualification effort and then continuing to leverage the supplier’s activity to eliminate the need to re-qualify low risk items. From there, analyze any custom elements and specific configurations against the latest system requirement spec (SRS) and OQ. You then determine gaps and create new scripts (PQ) if needed on top of current SRS and OQ. Finally, you must establish a release upgrade strategy by performing an analysis and testing any issues with step by step guidance.

Now that you know the basics for qualifying a cloud-based field service application, how can it really transform your business? Imagine an application that was built from the ground up to be mobile and collaborative with enterprise analytics and customer/partner communities. But because it’s cloud, you might be thinking that not all areas have Wifi connectivity - and that’s ok. Today’s cloud-based field service applications, like ServiceMax, have offline capabilities so your team can access their data anytime from anywhere. We can go even further with predictive maintenance and IoT, connecting devices out in the field to your application to automatically create alerts and assign technicians.

So how do you be bold and disruptive within your organization to implement a cloud-based field service application? The numbers tell the story. 18% increase in productivity, 13% increase in service revenue, 11% reduction in costs, and 11% increase in customer satisfaction. Management will want this type of change and as you read above, your quality team can sleep at night knowing that cloud platforms like ServiceMax can be qualified.

 

 

About the Author

Bryan Coddington 85x105 rightBryan Coddington is the Vice President of Cloud Technology at USDM Life Sciences. For almost a decade, Bryan has been a senior executive in the Cloud space with in-depth knowledge of sales, marketing, and service and support processes and best practices, helping companies maximize their investment in cloud-based CRM applications.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Jay Crowley

CIMDR BLOG 673x300

Over the past 15 years, I have been fortunate enough to travel around the globe discussing and developing Unique Device Identification (UDI). I am always struck by how similar – and yet interestingly different – people, societies, and countries (as well as the regulation of medical devices) are around the world. Nowhere is this truer than in China. Though the people of China are similar in many ways, there is so much that is different. There are differences in the language (both written and spoken), the food, the culture, the politics, and the “eastern” toilets (enough said). And at least for those of us from the east coast of the US – I find it very interesting that the hour is the same – just half a day ahead…at least I don’t have to change my watch!

I am reflecting on these similarities and differences as some of us were in Hangzhou, China, for the 8th China International Medical Device Regulatory (CIMDR) Forum two weeks ago. The key question that we have been wrestling with – for over 8 years now – is how “similar” (if at all?) will the China Food and Drug Administration (CFDA) UDI scheme be to the US and EU regulations? And, when does something that is similar, yet different, become so different that it can no longer be considered the same or similar?

As previous posts have discussed – the goal of the Global Harmonization Task Force (GHTF) and International Medical Device Regulators Forum (IMDRF) UDI guidance documents are to provide a common regulatory framework to follow – such that a “globally harmonized approach” (whatever that really means?) to UDI would be realized. As we have already seen with the EU MDR/IVDR UDI regulations – “globally harmonized” does not mean “the same.” There are critical differences between the US and EU UDI regulations – even though they are both based on the same (global) guidance documents.

At least from what we could discern from the presentations and conversations at the Forum, we are likely some time away from seeing a UDI proposal from CFDA. They continue to work on device nomenclature/classification and seem to want to focus their UDI activities initially (at least for now) on implants. (More to come on this as it becomes available.) For me, these similarities and differences beg larger questions – can (should?) companies continue to strive to produce a single labeled/packaged device for global distribution? When are there enough differences (e.g., languages, “UDIs”) that a country/region-specific label is warranted? I know our collective goal has been a single global UDI – but I am wondering if this is going to be sustainable moving forward…

 

 

About the Author

Jay Crowley 6Jay Crowley is the Vice President of the UDI Services and Solutions at USDM Life Sciences. Jay was most recently Senior Advisor for Patient Safety in the Food and Drug Administration’s Center for Devices and Radiological Health. Jay developed the framework and authored key requirements for FDA’s Unique Device Identification system.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

Notes from a Lonely Life Sciences Digital Transformation Junkie (A.K.A Bryan Coddington)

Cloud Blog 675x300

Salesforce is an amazing platform that has remained one of the most innovative and disruptive technologies since its inception in 1999. Along with CRM, customers are finding new ways to extend the platform throughout their organizations to take advantage of its powerful feature-set, such as collaboration, workflow, mobile, and reporting – to name a few.

Using Salesforce for GxP applications is a relatively new and exciting area for Life Sciences professionals. For compliance reasons, users tend to be more cautious because they are relying on someone outside of their organization to provide and maintain elements of the application. We are committed to helping people successfully and compliantly move to the cloud, optimize their processes, and digitally transform their businesses. Here are 5 tips I’ve found lead to success when using Salesforce for GxP:

1. Qualify the platform: Salesforce, as a cloud vendor, is responsible for various compliance elements such as change control, audit history, and software development SOPs. As a customer, you are responsible for obtaining proof of these procedures. Depending on your own compliance requirements, this may require an onsite audit. You are also required to test and document the core features of the Salesforce platform such as security, permissions, object/field configuration, audit history tracking, and many others. Sound daunting? It can be if you haven’t done it before. The good news is that if it’s done correctly, the Salesforce platform qualification creates a baseline for incredibly powerful, user-friendly GxP applications that are available to purchase or can be created to your exact requirements.

2. Have a process for the 3-releases per year: Every year Salesforce releases new versions in the spring, summer, and winter. Along with these releases come enhancements, fixes, and new features that make the system better than before. These releases are not voluntary and are pushed out on a schedule (check it out here: //trust.salesforce.com). The majority of changes are not GxP, but some are, and require testing and documentation. To best prepare for these releases, you can obtain the release notes as soon as they come out, evaluate each change to determine GxP risk, and then test and document accordingly. Having documentation that is not up to date with the latest Salesforce release will take you out of compliance if there’s a GxP element that YOU haven’t proven to work as expected.

3. Don’t just put your existing process in Salesforce: Taking your as-is process and moving it over to Salesforce without changing anything is easy, but it’s not the best way to go. The fact that you’re selecting a new technology and platform makes it the perfect time to update and optimize your process. Perhaps your process was developed 5-10 years ago, or even a few years ago, and at the time was the best way to do things. Now your business has changed, new guidelines are being enforced, new people and skill sets have entered your organization, and the Salesforce platform has tool and capabilities that you haven’t had access to. Make sure to take the time to identify areas that need improving or can take advantage of additional workflow, collaboration, mobile, and real-time reporting.

4. Start with 1 or 2 GxP processes at a time: Salesforce is powerful and flexible enough to do almost anything or integrate with any other system. The key is to focus on 1 or 2 high priority items such as QMS, doc control, or even just pieces of these larger applications. Configuration of Salesforce can happen quickly but really developing the solution, having the right user-interface development, possible integrations, and training, takes time. Don’t try to do it all at once. For medical device, perhaps start with a product registration process. For clinical, perhaps optimizing sites evaluation. Once you have built and validated a few processes, you can quickly add more and with that, add incredible value and ROI to your organization.

5. Have a centralized governance team for all things Salesforce GxP: The fun thing about Salesforce is once you get those first few apps released, word is going to spread and more users are going to want it for their teams. Because it’s GxP, more rigor is required to properly document requirements, test the end-use, and approve the final product. These can pile up and remain in a “draft-state” if there’s not a team dedicated to their completion. Also with Salesforce, more and more teams and processes are going to be in the same system. This lends itself to sharing common objects and workflow, which requires a team with awareness and visibility to the entire system. Otherwise, you have multiple groups in there duplicating efforts or worse, breaking things or erroneously changing settings that negatively affect other users. Right from the get-go, this governing body or “Center of Salesforce GxP Excellence,” can establish SOPs and maintenance schedules, and create a living, breathing roadmap to bring on new processes and users.Until next time!

 

 

About the Author

Bryan Coddington 85x105 rightBryan Coddington is the Vice President of Cloud Technology at USDM Life Sciences. For almost a decade, Bryan has been a senior executive in the Cloud space with in-depth knowledge of sales, marketing, and service and support processes and best practices, helping companies maximize their investment in cloud-based CRM applications.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Jay Crowley

UDIBLOG rodeo 675x300

As I mentioned in my last post, I believe our goal of a “globally harmonized” approach to UDI appears to be on a path to relative success. Though not our intent in developing the Global Harmonization Task Force (GHTF) and International Medical Device Regulators Forum (IMDRF) UDI guidance documents, the majority of the EU Medical Device Regulations (MDR)/In Vitro Diagnostic Regulations (IVDR) UDI System requirements are literally copied and pasted from the IMDRF guidance document (please send an email to usdm@usdm.com if you would like a copy of the comparison). More importantly, other regulators have also committed to following the principles in these guidance documents. So maybe a word of caution to other regulators: these documents provide “guiding principles” that need to be incorporated into the appropriate regulatory framework. They are not intended to be out-of-the-box regulatory text.

The one area where we do see (necessary) diversion is in the UDI Databases. Each country or regulator manages the regulation of devices differently – and, in many cases, has different (or additional) purposes for UDI. For example, in the US, we are focused on identifying a device through distribution and use to facilitate more accurate adverse event reporting; reducing medical errors; documenting device use in, for example, electronic health records; improving post market surveillance; better recall management; and helping to address counterfeiting and diversion. The EU system is also intended, for example, to “…improve purchasing, waste disposal policies and stock-management by health institutions.” Those needs necessarily require certain (additional) data attributes to be provided.

To “borrow” a phrase from my friend Dennis Black, what we are seeing now is an exponential growth in the data (the “attribute rodeo”) that is required for each UDI Database. For example, although there are 17 data attributes that appear to be common between the Global UDI Database (GUDID) and the European Database of Medical Devices (Eudamed), close to half may need to be provided differently to Eudamed than they are to GUDID. Eudamed also has 10 additional data attributes that are not in GUDID (GUDID has about 15 that are not in Eudamed). Moreover, there are likely to be at least 6 data attributes in Eudamed that will need to be translated (and submitted) into the 24 official languages of the EU. And all that data will need to be created, stored, submitted, updated and managed over the life-cycle of the device. You do the math…

 

 

About the Author

Jay Crowley 6Jay Crowley is the Vice President of the UDI Services and Solutions at USDM Life Sciences. Jay was most recently Senior Advisor for Patient Safety in the Food and Drug Administration’s Center for Devices and Radiological Health. Jay developed the framework and authored key requirements for FDA’s Unique Device Identification system.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Bob Lucchesi

Welcome to my first in a series of auditing blogs. I hope you find them interesting, useful, and sometimes entertaining, because if you are like me, I am bombarded with information surrounding the Life Sciences industry and I am always seeking relevant information to aid in my career. First, allow me to introduce myself. I am a long-time consultant who has spent the majority of his life helping customers with a variety of both complicated and not-so-complicated problems and issues in the areas of compliance, regulatory, validation, and all things Pharmaceutical, Medical Device, and Biotech. I also play in a rock cover band, and have been doing so for years. My broad-based background, keen insight into industry trends, the variety of clients I have worked with, and my reputation in the industry should hopefully serve well to ensure that what I am saying is real, relevant, and most critical – important to you! I like to weave stories into my blogs, so I hope you enjoy and welcome to my world.

AUDIT 675x300

 

The American Society for Quality (ASQ) defines an audit as “…the on-site verification activity, such as inspection or examination, of a process or quality system, to ensure compliance to requirements. An audit can apply to an entire organization or might be specific to a function, process, or production step.” I define it as a pain in the behind, but lo and behold, there are ways to prepare for these audits to make them as painless and efficient as possible. Statistically speaking, I have found that over 90% of my audits contain some type of failure. So even the best preparation will probably not prevent a completely “clean” audit, but it should significantly reduce the number of findings. And to be clear, these findings are typically not “show stoppers.” Over the past 6 years, I have only had 3 audits where the findings were critical enough to cause my client to cease from using that vendor’s services. And to be even clearer, I am NOT one to use a checklist and then consider the number of findings as the basis of a good audit. I have had a few audits with absolutely no findings or recommendations.

 

That said, the first thing you need to do to prepare for an audit is get your own house in order well before audit requests come flooding in. If you have recently added a functionality to your core business and it’s aligned with your sales and marketing activities, then there is a good chance you will be hosting audits for those customers that will be using these new services. But along with this is the simple fact that you will most likely be audited by your current customer base. You should already know this based upon experience and history. But as your customers evolve into more mature external qualification programs, there will be an increasing number of audit requests. I dealt with one client who made one simple change to their portfolio that caused an increase of vendor qualifications by over 60%! If you have a history of audits from one particular customer, look at their frequency. If they are on a two-year cycle, then there is a good chance you will continue to be audited every two years. Sounds simple, right? But you will be surprised how many firms I contact requesting an audit that are shocked to hear from me! Why? Because they are either not prepared, or there is someone new in that position. Since 2010, the turnover rate for the Life Sciences sector–quality, in particular–has jumped about 6% to a staggering 19%! If you are new to your position and responsible for hosting audits, then please do your research when you are hired. Know what to expect for the upcoming year.

The other most glaring area that I see that results in unprepared audits concerns the agenda. I recently sent out an agenda to a vendor requesting very specific items, including a list of documents for me to review. Upon arrival, there were no documents staged and the host took all morning to find what I requested. Finally, at noon, I gave up and informed the auditee that I was coming back the following morning, and proceeded to write several things I needed to see on the white board. I told the person that if I did not have these when I came in, that I would recommend to my client that they stop using their services because they failed to comply. When I came in the next morning, there was a stack of documentation on the table. Apparently, the host spent the entire night gathering this, which could have been avoided by taking the agenda seriously! So do yourself a favor and pay attention to the agenda. Don’t think that what YOU want to give an auditor is what THEY want.

Other areas of preparation include conducting internal or mock audits, research everything pertaining to your customer (recent complaints, history of purchases, interactions with other departments), and notifying other departments of the audit. This last one always fascinates me in that so many times I ask to speak to other departments (environmental monitoring, laboratory, warehouse, and others), and the personnel seem surprised that they have to answer questions from an auditor. A trick I always use with my customers is to have a flip chart or white board available in the conference room, and write down everything I need to see that day. If this is done fairly early on in the process, then affected departments can be notified and ready by early afternoon. Trust me, this works! And it keeps the auditee and the auditor on the same page. I really do not like keeping people from their jobs and keeping them after hours. The worst part of an unprepared audit is to review the action items at the end of the day and realize that you still need to provide a litany of items! Don’t be that auditee!

Okay, I’ve kept you from your job long enough…more next time!

 

 

About the Author

Bob Lucchesi 3Bob Lucchesi is the Vice President of Global Regulatory Compliance, Quality Assurance and Auditing at USDM Life Sciences. Bob offers nearly 30 years of experience in quality assurance and regulatory compliance in pharmaceuticals, bio-tech, medical device, engineering and nuclear industries. Bob has led audit teams for Quality, mock FDA, policies and procedures, Part 11, NIST, supplier-vendor (internal, external, sterile, non-sterile, manufacturing, logistics), mock recalls, and major life sciences assessments. Bob is also an expert in risk based validation methodologies, GAMP, enterprise content management, data and content migrations as well as overall pharmaceutical and medical device regulatory issues.

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Jay Crowley

global harmony 675x300

As I mentioned in my last post, we were focused not only on developing a US UDI System, but maybe more importantly on a globally harmonized approach to UDI. There were a number of reasons for this; the first, and hopefully obvious one, is that a global UDI would allow all to have visibility across the global supply chain and be better able to share data among regulators about the safe and effective use of devices and, for example, be able to identify problems more quickly or address recalls across borders. Moreover, the device industry often labels and packages a single product for many (most/all) markets. And – unlike the pharma industry – we did not want (nor did we think we could afford) to have “national” or regional labels/packages (which would be required if there was national/regional device identifiers). Therefore, a “global” UDI – one that could be put on the labels and packages of devices and used anywhere in the world that UDI was required – was a paramount concern during the development of UDI.

Among the many activities undertaken to support this, including many bilateral discussions between FDA and other regulators, was the development of first the Global Harmonization Task Force (GHTF) and then the International Medical Device Regulators Forum (IMDRF) UDI guidance documents (see here and here). The goal of these documents, as stated in the Introduction, is to “… [provide] a framework for those regulatory authorities that intend to develop their UDI Systems that achieves a globally harmonized approach to the UDI.” To a VERY large extent, the US FDA UDI System regulation, as well as the recently published EU MDR/IVDR UDI System requirements, follow the guiding principles in these documents. Other regulators (e.g., Canada, Taiwan, Saudi Arabia) who have indicated a desire to develop their own UDI requirements have also indicated their willingness to follow these guidance documents.

So, from an identifier and label/package perspective, we can see that the goal of these guidance documents has largely been realized. With some (mostly) minor differences, we should be able to assign device identifiers to labels/packages and use that to meet global device identification requirements. The rules for assignment, changes, and construct are also largely aligned. What is NOT aligned, however, is the data that each country/regulator will want associated with each device identifier. Each country/regulator regulates devices differently and has different purposes for UDI, and therefore has specific (and different) national data needs. This means the new (and exponentially more complicated) challenge for the device industry is understating how to develop and maintain the ever-increasing (and different) data set associated with a single product distributed in multiple markets. More on master data management and UDI databases next time…

 

 

About the Author

Jay Crowley 6Jay Crowley is the Vice President of the UDI Services and Solutions at USDM Life Sciences. Jay was most recently Senior Advisor for Patient Safety in the Food and Drug Administration’s Center for Devices and Radiological Health. Jay developed the framework and authored key requirements for FDA’s Unique Device Identification system.

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

by Jay Crowley

MEDICALDEVICE 675x300

It is hard to imagine that, what I started in 2002 as an idea to better identify the specific medical devices potentially involved in adverse events, has – over the past nearly 15 years – become the globally recognized and accepted concept of Unique Device Identification – or UDI. The term and concept did not exist before this point. There were of course other concerns to address – the better identification of devices subject to a recall, availability of devices for public health emergency response, supporting anti-counterfeiting efforts, and the need to identify devices specifically in the emerging Medical Device Epidemiologic Network (MDEpiNet). But the beginning was focused on knowing specifically which device was potentially involved in an event – and having quality information about the manufacturer and the brand name – and other important information – such as how the device was on the market (e.g., its 510k or PMA number). It is hard to imagine now that we didn’t have this already.

And now looking back – it is amazing what the past 15 years has brought us. A bit more than a decade was spent working with the vast number of stakeholders to understand how UDI (and GUDID) could work and what could be its benefits – and developing what is now the UDI regulation and its associated Global UDI Database (GUDID). And though we all thought that we understood a lot – in reality, that was just the beginning. Since the publication of the final rule on September 24, 2013 – we have, sometimes painfully, continued to learn and evolve our understanding of both UDI and how it could or should work for the VERY broad (and diverse) array of medical products regulated as devices (including combination products and HCT/Ps) – and, more maybe interestingly, to address the myriad of issues that, while not directly related to UDI, sometimes significantly affect how UDI can or should be implemented.

We also realized very early on that the ultimate objective was not a US based UDI system (as we have for example with pharmaceutical products with the NDC) – but rather a GLOBAL system that allowed us to have visibility across the global supply chain and be able to easily share data about the safe and effective use of devices globally. And now we are starting to realize that vision – we have the EU MDR/IVDR and its UDI requirements – as well as many other countries and regulators looking to leverage UDI to address a host of other safety, cost, and access issues. In subsequent posts we will address both the specific (e.g., labeler, accessories, kits) and the broad (master data management, GUDID, global regulatory convergence/harmonization). We look forward to the conversation and welcome any feedback or thoughts about topics.

 

 

About the Author

Jay Crowley 6Jay Crowley is the Vice President of the UDI Services and Solutions at USDM Life Sciences. Jay was most recently Senior Advisor for Patient Safety in the Food and Drug Administration’s Center for Devices and Radiological Health. Jay developed the framework and authored key requirements for FDA’s Unique Device Identification system.

 

 

About USDM Life Sciences

USDM Life Sciences is a global life science and healthcare services company, providing strategy and compliant technology solutions to regulated industries. If you work in Life Sciences or Healthcare, partnering with USDM Life Sciences makes it easy to accelerate innovation and maximize productivity. USDM Life Sciences only focuses on regulated industries and has built trusted partnerships with the most innovative technology companies in the world, and boast a staff of industry leading experts in the areas of technology and compliance.

 

Testimonials

  • Clintrak - Jeffrey D. Coffin
    I have had the great pleasure to work with Bob for 5 years in his position of VP of Quality at Fisher Packaging Services while I acted as Director of Quality services at a sister…
See all Testimonials