Reshaping Policy to Polish Compliance

Consultant Steve Niedelman, an FDA veteran, believes the reduced frequency of FDA inspections has led to complacency on the part of some in industry. He wants to change that.

Erik Swain

January 1, 2007

18 Min Read
Reshaping Policy to Polish Compliance

Q & A

Today's medical device regulatory structure owes a lot to Steve Niedelman. In his 34 years at FDA, he implemented many of the statutory requirements and shaped many of the regulations and policies affecting the sale, distribution, and promotion of medical devices. But now, as a consultant, he believes too many firms are taking those regulations and policies for granted. And he is looking to set them on the right path.

Before leaving the agency this past summer, Niedelman rose to deputy associate commissioner of regulatory operations, where he oversaw three Office of Regulatory Affairs (ORA) headquarters: the Office of Regional Operations, the Office of Enforcement, and the Office of Criminal Investigations. He helped in the day-to-day management of FDA's field staff responsible for investigative and laboratory operations, and he cochaired FDA's Compliance Policy Council and served as the point person on regulatory policy issues involving the medical device industry. Previously, he had served as acting director of the Office of Enforcement. And before that, he spent 24 years at CDRH, in the Office of Compliance.

During his FDA tenure, he received the Distinguished Career Service Award, the FDA Award of Merit (twice), and the Commendable Service Award (twice). He also received the first Ronald H. Brown Award from the U.S. Department of Commerce for his technical assistance to the international medical device community.

In July, he joined the Rockville, MD, office of Quintiles Consulting as executive vice president, overseeing and directing all global regulatory compliance operations. In that role he helps clients with quality systems development and optimization, FDA enforcement solutions, validation, bioresearch monitoring, and medical device development. A major goal for the company is to help firms develop corrective action plans that ensure that business needs and regulatory requirements are properly balanced. He spoke to MD&DI editor-in-chief Erik Swain in October.

Q: In your years at FDA, what did you think were the agency's most significant accomplishments pertaining to medical device regulation?

A: All the regulations and guidances created by CDRH and FDA have contributed to the safety and effectiveness of devices being sold—whether the guidances are related to manufacturing, design, clinical development, or to providing marketing information. Each regulation or guidance can be considered another piece of the puzzle.

The particular regulation that I believe FDA and the industry has gotten the most out of is the quality system regulation (QSR). It is the road map that ensures [that companies implement the] manufacturing effectiveness, manufacturing controls, and design controls that contribute to a safe and effective device. It is the tool that FDA uses to hold executive management responsible for ensuring that a firm is manufacturing devices correctly and following procedures. More than anything, it provides the assurance about device quality that the public demands and expects.

One of the most important features included in the regulation is the requirment for design controls on the initial version of a device. Before the QSR, devices often didn't do what was expected, which resulted in complaints and problems. There was no assurance that the product design would do what it was supposed to do. This QSR requirement has contributed significantly to the improved quality of devices. Manufacturers are also required to investigate and trend complaints and to take appropriate corrective and preventive action (CAPA) to prevent recurrence. This requirement is the number one FDA-483 observation that has been found during device inspections. Industry probably needs to do a better job and pay more attention to CAPA activities.

Q: FDA's relationship to industry has ranged from collaborative to combative. What in your mind is the most optimal point on that pendulum?

A: It's in the interest of all stakeholders to have the pendulum in the middle. That way, everyone knows what to expect from each other, and there aren't any surprises.

Unfortunately, due to reasons beyond its control, FDA does not have enough resources to do everything it needs to do. That means FDA does not visit manufacturers as regularly as it used to, or should. So, there is a natural tendency to overreact on both sides. As a result, I've seen some firms be lulled into a false sense of complacency and totally ignore the requirements. Conversely, sometimes FDA may take a more aggressive stance and target certain firms or industries because of widespread problems. If you push too hard one way, there is a tendency for the pendulum to overcompensate and swing the other way. You have to hope that it does not polarize things into extreme positions. The goal for both industry and FDA should be balance.

Q: How would you assess the Medical Device User Fee and Modernization Act of 2002 (MDUFMA) so far? What changes would you like to see for the 2007 reauthorization?

A: In my opinion, it has been a win-win for industry and FDA. FDA has built up a solid, quality staff that has been able to provide timely review of submissions. FDA has met most of its goals and has reduced the number of review cycles. Industry needs to understand that, just like it wants stability, FDA also needs to have a stable, predictable source of funding to maintain its first-class staff.

Industry expressed its concerns about stability of fees, which are entirely based on the number of submissions FDA receives. Their concerns were in large part addressed by passage of MDUFSA (Medical Device User Fee Stabilization Act of 2005). As MDUFMA II is being considered for authorization, industry should look at other fees that aren't as susceptible to the volatility of being based solely on the number of product submissions; that would provide a steady stream of stable funding that can be offset with reduced application fees.

And it should look at other user-fee programs within the agency for ideas, such as payment of a registration fee. That would provide a steady, relatively stable source of consistent funding.

Q: Why haven't more device manufacturers taken advantage of MDUFMA's third-party inspection program? Will a single GMP inspection covering all domestic and international requirements ever become a reality?

A: The third-party inspection program has not been successful to date. There has not been a lot of interest from industry to participate in it, even though it was a provision in MDUFMA that industry had asked for. I was responsible for looking into industry's reluctance to participate in the program and its reluctance to pay for third-party inspectors. The response I got from industry and some auditors was, “Why pay a third-party inspector to come around every two years when FDA does it for free every 5–7 years?” This attitude was even shared by some large multinational corporations that spend a lot of time with European Union (EU), Canadian, and U.S. auditors and would be able to bundle their visits into one. Some industry members specifically stated they want their firms inspected by FDA, which they consider to be the gold standard.

Before I left, I learned that industry was especially reluctant to participate in an Accredited Person's third-party training audit. As required by statute, FDA created a third-party training program that comprises both classroom training and practical experience. The practical program requires doing combined audits with FDA investigators to demonstrate that participants can apply their classroom training. For their first audit, they watch FDA; FDA and the third party do the second audit jointly; and for the third audit, the third party conducts it and FDA observes. Industry was especially fearful of hosting the third audit because they thought the third party would go hard on them to impress FDA.

ORA, which is supportive of this program, has spent a lot of time, money, and resources on developing and training for this program. To date there has not been a lot of payoff, nor has there been much for the Medical Device Mutual Recognition Agreement (MRA) with the EU. FDA hopes to overcome that in MDUFMA II. If FDA ever started charging user fees for audits, I'm sure the popularity of the program would change. I'm not suggesting FDA has anything like that in mind. But at least firms would have more incentive to decide whether to pay FDA or a third party.

FDA is supportive of the third-party inspection program and would like to see it succeed. If industry uses a third party, FDA can better cover the landscape and still stay within its resources. FDA would gain current intelligence about a facility, from which it could make a decision to reinspect because of concerns raised or spend its time at another firm and broaden coverage. If a third-party auditor identifies anything violative, FDA could always initiate its own inspection and follow up appropriately. Manufacturers, especially multinationals, would benefit from one-stop shopping by getting their ISO and GMP audits conducted at the same time, thereby reducing the amount of time they need to spend with the many inspectors and auditors they routinely deal with. They would also help to control the timing of these audits, because they are prearranged.

Q: The third-party review system is used much more now than at its inception. Could the third-party inspection program follow suit?

A: The third-party review program started slowly as well, and then took off when FDA began to charge user fees. At that point, there was an incentive for industry to participate. Again, I'm not suggesting user fees for inspections, but that's some of the historical perspective on how the review program turned the corner.

There is a new program that FDA has entered into with Canada that will be interesting to watch. It's a small pilot program. Canada depends almost entirely on third-party audits. If you market a device in Canada, you need a third-party auditor. FDA will be providing U.S. firms that market to both Canada and the United States the chance to have one third-party audit to cover both countries' requirements. That's a bit more of an incentive than the general program. If you are already paying for a third-party audit, why not maximize the outcome? Hopefully, this program will be successful and will be seen as a step to gaining wider acceptance of third-party audits in the United States.

The ultimate goal is to create a harmonized system in which one inspection will satisfy FDA as well as the EU, Japan, Canada, and everywhere else. FDA is active in the Global Harmonization Task Force, especially in the auditing arena. A truly harmonized global inspection process should be able to get through at some point in time. The pressure to make that happen resides in part with FDA. As responsibilities grow, as the numbers of foreign sites increase, as new technologies are introduced, and as FDA resources for inspections continue to shrink, FDA needs to continue to consider alternatives to the traditional methods. Third-party audits are certainly one of those alternatives that could help immensely. Inspections in other countries are not considered to be as thorough as FDA's efforts. There are still certain gaps. But creating a hybrid inspection program to cover those gaps shouldn't be that difficult. Other countries do it all the time.

Q: How would you assess today's warning-letter process? Is there anything about the process you would change?

A: The numbers don't tell the whole story about warning letters. No one should think that they do. Fewer warning letters does not equal fewer violations or less enforcement.

Issuance of warning letters had started to get out of control. There was little follow-up once they were issued. FDA became, basically, a paper tiger. Warning letters are intended to serve as notification of FDA's concern to top management and that failure to correct may result in enforcement action.

The Office of Chief Counsel, in conjunction with ORA's Office of Enforcement, developed agencywide procedures for reviewing and issuing these letters. The chief counsel became part of the review process to ensure that the agency was on solid regulatory ground when a letter was issued. As FDA gained experience with this setup, the process became less onerous. For the more frequent types of warning letters that address similar issues, templates have been developed. If the same or similar scenario exists as it had in the past, you can just use the template and not have to go through all the reviews.

The new system also requires the agency to track the letters, create a repository of all warning letters issued, and provide some level of assurance that it will follow up. This follow-up would ensure the next step [of enforcement] if the problem persists or if promised corrections are not made. Just because the number of warning letters issued is lower, it does not mean FDA is not doing its job. It just means that FDA is looking at other regulatory options as it applies many of the risk-based principles that have been developed. For example, in some cases, a meeting with management to address concerns may be a better option than a warning letter. Other tools can be just as effective, and FDA is using them.

Q: What are the most common compliance mistakes you see medical device manufacturers make? How can they address those mistakes before FDA walks in their door?

A: First and foremost, industry needs to remain compliant. Just because FDA is not often in your facility doesn't mean you're not required to manufacture according to GMPs and the other requirements of the Federal Food, Drug, and Cosmetic Act. You need to remain vigilant and know how your product is performing in the marketplace. You need to track and trend service reports, which can provide clues to product performance and can indicate whether you are in compliance with the QSR.

You need to be up front with the agency. The consequences for bringing a problem to its attention are much less when it is reported in a timely manner, as opposed to sitting on it and waiting for it to be found by an inspector. A report of corrections and removals requires timely reporting of decisions to correct a problem or remove a product that poses a risk to health—a requirement established by Congress to reduce the incidence of silent recalls that were not being reported to FDA.

And, not to sound too self-serving, it is a good idea to use consultants. It is best to have some independent eyes evaluate your compliance with the requirements. It does not hurt to bring someone in to do mock audits, your internal audit, or supplier audits.

Device firms or other investors also need to consider performing due diligence audits of prospective firms and products they want to acquire—before they buy a potential regulatory mess. Go in with your eyes open. Recognize what needs to be done and what it may take to do things right. Acquisitions are becoming more commonplace, and firms need to know about the company, the plant, and the devices they are buying. Far too many acquisitions do not turn out well for the purchaser.

FDA is encouraging firms to make their processes consistent globally. If you have a problem in one plant, FDA expects you to make the necessary corrections to your entire system to ensure that it doesn't crop up in the other plants. I've personally heard executives say that as long as FDA isn't visiting their plants, they're not going to worry about compliance issues as much. That's very disappointing. The public relies on industry to provide the same high-quality healthcare devices you would expect for your own family. There are steps to be taken whether or not FDA is at your doorstep.

OEMs need to take a systems approach; ultimately that will save time and money for their firms and for the agency. FDA is doing the best job it can, given its fiscal constraints. The agency's current efforts should not be construed as lax enforcement, but rather as a more-efficient risk-based approach to ensuring compliance.

Q: Although device counterfeiting is not as large a problem as drug counterfeiting, it still exists. What preventive measures can device companies take?

A: Perhaps the most important thing is to know the companies that you are buying from and selling to. Make sure they are legitimate and trustworthy. It's your company's name and reputation that you have to protect, and that will be scarred if your product is counterfeited. Follow the recommendations of the Counterfeit Drug Report, which can be found on FDA's Web site.

Unique product identification may help as well. It's one way to distinguish a legitimate product from a counterfeit one. You also may want to look at track and trace technologies such as radio-frequency identification or two-dimensional bar coding in addition to other packaging attributes such as holograms and color-changing inks. You need a multitiered approach. With access to computers and high-quality printers, it's easy to duplicate and print labels these days. You have to make it as challenging as possible to reproduce your package design.

It can be very difficult for someone in the supply chain to tell the difference between a legitimate product and a counterfeit one, and it's even more difficult for the uneducated consumer. Sometimes microphotographs depicting differences in font size are needed to distinguish between the legitimate and the counterfeit labels. Also, monitor the Internet to see whether there are unauthorized sources selling your products, and see how cheaply they are offering them for sale. Keep your ears open for information in the marketplace. If your customers are suddenly asking for steep discounts because they say they can get a product cheaper elsewhere, it could mean they've been buying counterfeits.

Q: Why did CDER take over responsibility for enforcing 21 CFR Part 11, and what does that mean for device companies?

A: While CDER is taking the lead, every center is participating in its development and execution. Part 11 applies to all device companies. CDER's taking over responsibility for Part 11 had more to do with timing and its initiative that was being rolled out at the time, GMPs for the 21st Century. There was concern from industry about the scope and enforcement of Part 11 being developed by FDA at that time, so the decision was made to narrow the focus so that it was more meaningful to industry and less onerous. Responsibility for development and implementation had earlier been transferred by CDER to the Office of Enforcement when John Taylor and I were there. We felt that it was appropriate to put the responsibility for modifying Part 11 on those who were devising the GMPs for the 21st century initiative for CDER. Part 11 was originally developed under CDER, so it was not unnatural to bring it back to that FDA center.

Q: You were one of the officials heading up CDRH's Postmarket Transformation Initiative. What has been accomplished so far, and what do you expect from it in the future?

A: I was very proud to have been asked to serve as a member of the steering committee. I've not seen any final report, but I understand it should come out shortly. I look forward to reading it upon its issuance.

Based on what we had been seeing and reading about the performance of products in the marketplace, it was very clear to me that stronger emphasis needed to be put on postmarket safety. I hope the agency rethinks the way it handles medical device reports (MDRs) so that information can be appropriately and thoroughly evaluated in a timely manner. Those reports identify a significant event that has the potential to be a major problem and needs to be investigated and followed up appropriately. That used to be a more common practice. It is an enormous task to review all of the MDRs received by the agency each year. I also hope that there is better communication between CDRH and ORA so that they can share information as early as possible and issue appropriate follow-up to investigate.

Q: Are there any issues that may not be on the radar now but will become significant for device manufacturers in the future?

A: With the work that's going on in the Global Harmonization Task Force, it may become easier to develop and sell devices in the global marketplace and meet all regulatory requirements simultaneously. These days, 25% of the 15 million FDA-regulated products being offered for import to the United States are devices. A decade ago, that percentage was close to zero. That's surely a sign of how medical technology is going global and an indication of how the U.S. consumer is depending more on foreign-made products.

Process optimization techniques should become more widely used. These tools can ensure that your process becomes more efficient, produces better yields, and remains fully compliant with all the requirements. Many tools and experts are available to help manufacturers with new opportunities and to ensure success.

Q: How are you handling the transition from FDA to consulting?

A: I'm enjoying working with our industry clients and sharing my knowledge and expertise with them in a way that supports both FDA's mission and the companies' needs. I hope to help industry understand the importance of knowing the requirements and complying with them and how doing so can actually help their business interests.

With my experience and this new position, I have the unique opportunity to continue the mission I supported at FDA while also helping industry see compliance in a new light. Meeting regulatory obligations doesn't have to be at odds with having efficient, optimized processes, and I am looking forward to the challenge of delivering that message—and having the opportunity to deliver that service.

Copyright ©2007 Medical Device & Diagnostic Industry

Sign up for the QMED & MD+DI Daily newsletter.

You May Also Like