After Approval, You’re Not off the Hook

POSTMARKET SURVEILLANCE

As a result of its Postmarket Transformation Initiative, CDRH is undergoing some major shifts in how it processes postmarket safety information and how it communicates that information. Among other things, the center is putting in systems to better analyze postmarket data for safety trends, and finding ways to feed information learned from the postmarket arena back into the premarket approval process, so mistakes don't get repeated.

So what does it mean for device companies right now? The initiative has not yet produced a whole lot of developments that are immediately affecting industry, experts say. New tools such as electronic medical device reporting have not been fully implemented yet. But that does not mean industry does not need to pay attention. The regulatory authority for FDA to monitor postmarket safety and sanction firms that have problems with it is already in place, and has been for a long time. What is starting to happen, though, is that FDA is stepping up its enforcement of the existing regulations and is doing what it can to get firms to use postmarket information as part of their product development processes.

“CDRH clearly understands the growing significance of postmarket issues,” says Steve Niedelman, executive vice president of Quintiles Consulting (Rockville, MD). “FDA has made it very clear to industry that postmarket surveillance is a top priority. It is very important that industry pay attention to FDA signals on this issue. You do not want to be left flat-footed or appear unprepared when an issue arises. Postmarket surveillance is finally getting the attention it has deserved for some time.” Niedelman, who served at FDA for 34 years, was an original member of the Postmarket Transformation Initiative's steering committee.

The emphasis on postmarket monitoring has coincided with realizations that regulators and industry aren't always going to be able to identify problems based on premarket data, says Danielle Giroud, vice president of strategic development, medical devices, for Premier Research (Philadelphia).

“FDA is willing to consider market access of products based on limited clinical data with the commitment of companies to conduct additional postmarket surveillance studies on larger populations,” she says. “With long-term implants, this is indeed a crucial element, because companies cannot always wait to have product life-experience data before putting their product on the market. Rationalistic approaches are needed to avoid putting patient safety at risk, but we must also take into consideration the significant benefits such products can bring to patients who have no other or poor alternatives.”

And with that comes the need to figure out how postmarket data can help the premarket process.

“CDRH has had its premarket activity concentrated in the Office of Device Evaluation and its postmarket activity concentrated in the Office of Compliance. [These offices] have not traditionally shared information,” explains Sheila Hemeon-Heyer, vice president of global regulatory affairs for Boston Scientific (Natick, MA). “The Postmarket Transformation Initiative is what happened when FDA realized that it needed to connect the dots. It needed to put systems in place to enable the agency to analyze postmarket information and feed it back to the premarket side.”

Getting the Message

Firms seem to be getting the message, too, albeit slowly in some cases, says Robert Schiff, PhD, president of Schiff & Company, Inc. (West Caldwell, NJ). “In the past, companies were not as diligent [about postmarket surveillance] as they could be,” he says. “Not because they wanted to do any harm, but because they just did not want to make the investment. There have been cases in which, because of financial or market considerations, companies have gone a bit slow with a recall or government notification. I have seen incidents in which a quality assurance person became aware of a problem, reported it to management, and then there was investigation after investigation before something was done. But now, at least the companies we are working with are taking it more seriously. Most QA and regulatory people I have met are strongly interested in improving the follow-up on devices in the marketplace, and helping FDA as much as they realistically can.”

Ignoring these developments can open a firm up to enforcement action, but perhaps even more importantly, in today's climate it is a bad business practice. A significant postmarket safety issue may produce not only a worldwide recall, but also a slew of negative headlines. These can expose a company to unnecessary costs, losses in sales, and a drop in stock price.

“Notwithstanding the regulatory requirements, a strong postmarket surveillance program is a good business practice,” says Richard Wright, principal consultant for Parexel Consulting (Waltham, MA). “It should be mandated from the top down as part of a successful business practice.”

While this advice is most pertinent to firms with high-risk products, it is not limited to them. “FDA focuses on high-risk products, but some low-risk products can be devastatingly [affected] by bad publicity,” says Judith Andrews, PhD, director of quality and compliance services for Medical Device Consultants Inc. (North Attleboro, MA). “That could be something that could have a bad business impact if not properly handled.”

Wright agrees. “Even though clinical data are not required for most [premarket notification] 510(k) products, you still need to have a good postmarket program for them,” he says.

Structure and Function

So what should a successful postmarket system accomplish?

“It's not only about whether you have the right system in place, but also about how well you are executing it,” says Hemeon-Heyer. “How competent are you in gathering the right information, taking the data about adverse-event information, and linking it all together? Only when you link it all together do you see trends that can tell you whether there is an issue with a product. It's not an easy thing to do. You must have adequate resources, and you must give this a high priority.”

“The most important thing is that you make sure to tap all sources of information,” says Andrews. “You can't just wait for [reports] to come back from the doctors. You have to tap into your sales representatives. They can be a great source of information about problems, as can anyone who has direct contact with users. Customers may not come forward with issues, but if you ask them a question, you'll get an earful. And when you do, look for something that meets the definition of a complaint.”

There is no universal formula for how to structure personnel and responsibilities for postmarket surveillance. Nor is there any blueprint in the laws, regulations, and guidelines. Some firms do it within the quality functions that are already in place, such as complaint handling and corrective and preventive action (CAPA) management. Others create special teams that are charged with overseeing all postmarket surveillance issues. “Special teams might be a good idea, depending on the size of the company,” Wright says. “It may come down to the number of complaints and reports that you think you might have to deal with.”

“Everyone needs to be on the same page,” he emphasizes. “There needs to be philosophical compatibility across the different groups that will be working together. You need to add quality individuals who can perform root cause analysis, and take the life cycle approach with it. That is, you have to ensure that information from the postmarket arena feeds back into the premarket arena.”

What is important, however, is that a comprehensive strategy be in place, and that personnel from all relevant departments be involved.

“Postmarket surveillance strategy is not only a quality and regulatory responsibility, but needs global company input and collaboration,” says Giroud. “Sales and marketing need to realize that postmarket surveillance is there to guarantee a product's safety on the market, and they should take this as a benefit for sales. On the other hand, poorly constructed postmarket surveillance studies may be a waste of money. So it is essential that there is an optimal collaboration with all departments including clinical research, R&D, senior management, and finance.”

Firms should develop compliant postmarket surveillance plans that meet FDA requirements, Niedelman says, “as well as what works best to meet the needs of your organization. The importance of developing an appropriate postmarket surveillance plan should not be simply to comply with FDA, but more importantly to ensure that you are manufacturing and distributing quality products.”

None of this may work, however, if senior management doesn't care.

“To have a successful postmarket surveillance strategy, you must engage senior management,” says Hemeon-Heyer. “Management must understand how a postmarket strategy can benefit the company. And that must be ingrained in the company's a culture.”

She also encourages firms to embrace the principle of “sustaining engineering.” That may take a cultural shift. “Everyone in R&D wants to make new devices, not fix things,” she says. “But you must have R&D people in place who are charged with using postmarket information to improve products. And it has to be seen as a valuable contribution to the company.”

Training is also crucial, she says, because “once a culture and a structure are in place, you must make sure that people are executing.”

“The quality team should be in charge of postmarket surveillance,” emphasizes Schiff. “The last people I want in charge is marketing. You want to have people in charge who are objective. Marketing folks are good at what they do, but postmarket surveillance is a quality function, not a marketing function.”

Executing the Strategy

When it comes to executing, it is extremely important to have a system that allows personnel to gather as much postmarket data as possible and organize them coherently.

“The best way to follow up on how a device is performing is to discuss the device with the end-user, if the hospital and distributor allow it. You get real information that way,” says Schiff. “You are more likely to get good information if you call them, than if you e-mail them or do nothing.”

Spectranetics Corp. (Colorado Springs, CO), a firm that makes devices that use excimer lasers, is an example of a firm with a significant data-gathering system in place. “We pay individual attention to each customer complaint,” says Don Fletcher, vice president of quality assurance and regulatory compliance. “We look to give a personalized, technical response to each customer complaint filed with us. And we use a postmarket database that we built to keep us abreast of customer concerns. This is then mapped to a CAPA system that enables us to address the customer complaints. Also, how we document particular improvement to our products is associated with postmarket safety input,” Fletcher says.

The most important step a firm can take when it becomes aware of information relating to postmarket safety issues associated with the use of their products, says Niedelman, is “not to sit on it. Search for and determine the root causes. Tie it back to potential quality system problems, and address it appropriately. Be aware of information that has been reported about your firm's products from all sources; you need to know how your product is performing in the market and what is being said about your device.”

Also important, he says, is “don't bank that FDA will not find out about problems associated with your devices. Be up front with the agency. Share your information in a timely manner and remain vigilant about identifying problems.”

And once problems are identified, the premarket personnel need to know about them.

“In design control at Spectranetics, a major player is postmarket safety,” says Fletcher. “Feeding back postmarket information into the design process was always my understanding of design control. Now we are making that a reality.”

The Role of Risk

A coherent postmarket surveillance strategy is not complete without a risk management plan. Risk analysis is extremely important when trying to ensure that unexpected problems will not pop up in the postmarket arena. And risk communication is extremely important in the event that they do.

“The new version of ISO 14971 puts more emphasis on postmarket risk,” says Andrews. “You need to identify postmarket risk in the premarket process, so that you can understand the risks and what you will do about them if they arise. I recommend that every company do a risk analysis. That way, you can understand the business implications of the worst-case scenarios.”

“Everything concerning a product is risk management, even things like labeling, language coverage, minor design changes, selection of distributors, and training of the users,” adds Giroud. “If we want to work in a medical environment, then we need to be risk-management-conscious at all times and never compromise, because in the end, a human being somewhere may be harmed. I think any human being should be able to understand this, even finance people, who should look at it as a long-term investment.”

In the event of a problem, any device company must carefully weigh its risk and decide which information is best to pass on to clinicians and the public. Firms have to consider what kind of information might be most useful for each audience, and what the consequences might be of telling or not telling certain details.

“Risk communication is an essential element of an effective postmarket surveillance program,” Niedelman says. “It is an area that has become a bit tricky. It's important that you be able to explain a technical problem in layman's terms, so the public can understand it. One thing FDA learned is that patients want to know about what could happen to them. They do not want to be kept in the dark.”

“Risk is what the market perceives it to be,” adds Andrews. “If risk is not managed properly, the market perception of risk can become greater than what FDA or your company suspect. I'm not sure everyone in a company understands the consequences of not addressing problems, even if they don't look very big. Even the smallest products can get you into trouble in the worst-case scenario. You have to be aware of how that can happen. It needs to be part of your risk strategy.”

Device companies should take into account how potential problems might be perceived by the mainstream media. “The press always glorifies and magnifies the negative. They do not look at things objectively,” says Schiff. “And once that happens, Congress gets on the bandwagon.”

Conclusion

A strong medical device postmarket system is mandated by and supported by top management. It is closely tied in with the quality system and is spearheaded by quality personnel. It has buy-in and participation from all departments. It makes coherent use of data-gathering systems such as complaint handling and field reports. It enables the analysis of such data in order to correct problems. It feeds the analysis back to the premarket process and to the manufacturing plant to make sure problems aren't repeated. And it is an integral part of the risk management process. Failure to build a strong system can result in unpleasant surprises, and even more unpleasant financial consequences.

Copyright ©2008 Medical Device & Diagnostic Industry