R&Q's Blog

Medical device industry news and trends - and the resources to understand and act on them.


Cybersecurity for Medical Devices: Questions and Answers

As the number of network connected medical devices increases, opportunities for improved patient care also increase. As a consequence, the vulnerability to cyber-attacks becomes a greater threat. Medical device cybersecurity threats can be dangerous for providers, networks, and device manufacturers. They can put patient safety at risk and/or create a breach of data. The FDA encourages manufacturers to consider potential cybersecurity risks and vulnerabilities “throughout the product lifecycle, including during the design, development, production, distribution, deployment and maintenance of the device.”

R&Q recently presented the webinar, Cybersecurity: Regulatory and quality ramifications. During the session we answered several of your questions, a sample of which are below. To see all of the questions and answers from the session, along with the slides and recording, check out the on-demand webinar.

MDUFA IV: More Than Just User Fees - FDA Reauthorization Act (FDARA) Passes Senate

Pending the expected signature of President Trump, MDUFA IV will be implemented (along with PDUFA VI and GDUFA II). Passage, including the associated rise in user fees for device manufacturers over the term of the act (FY18-22), was largely expected.

Legislative politics involve give-and-take, of course, and increased user fees are reasonably expected to result in systemic improvements in regulation, via industry favored initiatives. FDA has described their “give” portion of the give-and-take process in the document MDUFA Performance Goals and Procedures, Fiscal Years 2018 Through 2022. Unsurprisingly, focus remains on Total Time to Decision metrics for premarket submissions. The linked MDUFA Performance Goals document describes some of the approval or clearance process mechanisms by which improvements in Total Time to Decision might be achieved, as well as various cooperative review mechanisms planned. The Pre-Sub program will be continued, with specific requirements on response timing and meeting date options, and required publication of an updated version of the Request for Feedback on Pre-Market Submissions guidance document. Another provision of the bill requires annual reporting on the previous year’s inspection activities for device and drug facilities, including timing information. Those who have been subjected to lengthy or highly intermittent inspections, or delays in comment on response adequacy, are likely to welcome this additional scrutiny of inspection timelines.

Clarifying the Clinical Evaluation Requirements: A Case Study

About R&Q's Case Studies: We hope this Clinical Evaluation Report case study is valuable to you. Here are our currently available case studies. Subscribing to our blog is the best way to know when future case studies and other resources are available. Questions on this particular subject? Contact us.


Design changes and MEDDEV 2.7/1 rev 4 compliance.

The client was implementing multiple design changes on a Class III implantable heart transplant device that required a submission to the Notified Body. As part of this submission, the Clinical Evaluation format needed to be updated to provide clarity and comply with MEDDEV 2.7/1 rev 4. The Notified Body provided feedback on the prior clinical evaluation reports and the client needed assistance in interpreting and addressing the feedback. The primary roadblocks / challenges were interpreting the information provided by the client, identifying and requesting any missing or insufficient documentation, and ensuring the information was comprehensive and understandable to the Notified Body once included in the Clinical Evaluation Report.

EU MDR: Your Questions, Our Answers

On May 5, 2017 the EU MDR (Medical Device Regulation) was published in the EU Official Journal. This date starts the three-year mandatory transition period where the MDR will replace the MDD (Medical Device Directive). The expanded scope of the MDR combined with the time frames for compliance is compelling medical device companies to focus significant attention on transition strategies and will require substantial hands-on work.

R&Q recently presented the webinar, EU MDR: Assessing the Impact and Next Steps. During the session we answered several of your questions, a sample of which are below. To see all of the questions and answers from the session, along with the slides and recording, check out the on-demand webinar.

Regulatory and Quality Solutions Names Julie Maes Director of Territory Operations – Northern Lakes Region

Maes brings 25+ years of medical device regulatory, quality, and project management experience to R&Q.

Pittsburgh, PA -- Regulatory and Quality Solutions LLC (R&Q), a provider of industry-leading regulatory and quality engineering services to medical device and combination product companies, announced that Julie Maes has been named Director of Territory Operations for Minnesota. An industry veteran of the global healthcare and medical device industry, Maes brings extensive management and hands-on quality systems development experience to R&Q’s expanding Minnesota area operations.

In her role at R&Q, Maes will manage designated resources to guarantee the highest quality consulting and complete customer satisfaction in the region. She will also contribute to R&Q’s Center of Excellence as a subject matter expert, providing industry education on the most critical and timely regulatory and quality challenges facing our market.

The Lowdown on Cybersecurity for Medical Devices

Every one of us has probably either been affected by or knows someone who has been affected by a cybersecurity vulnerability. Some attacks happen for the thrill, some to expose weaknesses between competitors, some for malicious intent, and some for money. We hear of these issues in our daily life - from computer viruses to financial incidents.

These types of threats have certainly surfaced in the medical device industry and we need to make sure we are positioned to address these early in the product development process and the post-market space. The ultimate goals are to make sure that a weakness in cybersecurity practices does not affect the functionality of a medical device in a harmful way, and to make sure sensitive patient data is protected as defined by region-specific regulations.

[Free R&Q Webinar] Cybersecurity for Medical Devices: The regulatory and quality ramifications.


Please join us for a free R&Q Intelligence Series webinar:
Cybersecurity for Medical Devices: The regulatory and quality ramifications.

The session will be held on Tuesday, July 25 from 1:00pm - 2:00pm EST.

RESOURCE: The MDR and IVDR Have Been Published! See Our Table of Key Dates

Publication in the Official Journal of the European Journal on May 5, 2017 means the regulations will enter into force on May 26, 2017, twenty days after publication. We will have a three-year transition period for the MDR and a five-year transition period for the IVDR. Products can be issued a certificate under the MDD with a full five-year expiry for the first two years of the transition period but should comply with all other aspects of the MDR in May, 2020. Since most IVD products are currently on the market as a self-certified they will require certificates by the end of the five-year transition period where most products now require Notified Body involvement.  

MEDDEV 2.7/1 & CERs: Know the Changes and What to Do [Webinar]

Part of your month, [almost*] every month: R&Q Intelligence Series webinars are held on the fourth Tuesday of every month. These free webinars from some of the medical device industry's leading-most experts are designed for reporting on and analyzing the top industry trends and topics in the medical device space, each providing key and actionable takeaways for attendees. Slides and recordings will be made available to all registrants. Next up: July 25th, where we'll discuss cybersecurity (*there will be no R&Q Intelligence Series webinar in June).

EU MDR and Clinical Evidence: What You Need to Know

THE SKINNY: The Council of the European Union adopted the proposed new European Medical Device Regulation (EU MDR) in March 2017 and passed by Parliament in April 2017. It is expected to be published in the Official Journal of the European Union in the upcoming weeks, making the application date mid-2020. The EU MDR will replace the Medical Device Directive (Council Directive 93/42/EEC) and the Active Implantable Medical Device Directive (Council Directive 90/385/EEC). Among the vast changes occurring with this transition from directive to regulation are the new requirements surrounding clinical evidence. If you found the clinical portion of your technical documentation to be challenging in the past, you need to prepare for some additional hurdles.


~ Note: This post is just a taste of the detail we'll explore during our R&Q Intelligence Series webinar on EU MDR April 25th at 1:00pm EST. All registrants will have access to the slides and recording from the session.

Register Now


Lists by Topic

see all