The newest update of ‘Blue Guide’ and EUDAMED schedule and a fantastic Book of the Year Award!
Read also about Ekaterina Riabova – one of our consultants.
September 2022 is here, and back to work from summer holidays. Here at QAdvis we would like to share some interesting news from the regulatory world. Our consultants Nils Lidström and Irene Sebastianutto share their views on the newest updates on the ‘Blue Guide’ and the EUDAMED schedule. Also, some sensational info from the Regulatory Affairs Professional Society (RAPS) about the book Software as a Medical Device.
Clarification on software updates in the new Blue Guide
More often than not rules need interpretation in order for them to be easy to follow. Therefore, the European commission provides guidances to create a common understanding of how EU law shall be applied. For the MDR and IVDR (the EU law covering medical devices and in vitro devices), specific guidances are compiled by the Medical Device Coordination Group (MDCG). But if a topic isn’t covered or has a wider scope you can also use the Blue Guide.
What is the Blue Guide?
The Blue Guide provides explanations and a better understanding of EU product rules for the entire New Legislative framework, which means it covers everything from toys, radio equipment, fertilizers to medical devices and more. Just like the MDCG guidances, the Blue Guide is non-binding and aims at facilitating an effective and uniform application of the EU law.
The new Blue Guide
During the summer a new Blue Guide, which is described as a substantial update, was published. For medical devices and in vitro devices there isn’tmuch of great substance, but for a very good summary we suggest reading Erik Vollebregt’s blog posts on the subject. However, there is a new section on software that contains a useful explanation on when a software change shall be considered substantial and needs to be evaluated by the notified body, provided that the device has a higher risk class. The section links software updates to hardware repair and maintenance:
Software updates or repairs could be assimilated to maintenance operations provided that they do not modify a product already placed on the market in such a way that compliance with the applicable requirements may be affected. As is the case for physical repairs or modifications, a product should be considered as substantially modified by a software change where: i) the software update modifies the original intended functions, type or performance of the product and this was not foreseen in the initial risk assessment; ii) the nature of the hazard has changed or the level of risk has increased because of the software update; and iii) the product is made available (or put into service where this is covered by the specific Union harmonisation legislation).
Blue Guide 2022, section 2.1
The interesting difference
There is currently no MDCG guidance that covers this topic, meaning that this section in the new Blue Guide is the best available information on what shall be considered a substantial change of a software application.
However, in MDCG 2020-3 Guidance on significant changes regarding the transitional provision under Article 120 of the MDR with regard to devices covered by certificates according to MDD or AIMDD there are descriptions of what shall be considered a significant change to a so-called legacy device that is covered by the transitional provision of MDD and AIMDD devices. Notably, a significant change of these devices leads to the device having to be certified under the MDR.
Comparing the descriptions of a substantial change (in the Blue Guide) and a significant change (in MDCG 2020-3, for legacy devices), directly shows that one tricky criterion is not part of a substantial change. In MDCG 2020-3 a new or modified architecture or database structure is considered a significant change but there is no equivalent in the Blue Guide.
The importance of the difference – the cybersecurity aspect
As described in MDCG 2020-3, under the transitional provision of Article 120, changes to a software application were allowed in the case of corrective actions, without the device having to be certified under the MDR. However, for modern software delivered as a service, service delivery and cybersecurity are truly continuous processes where improvement efforts are made constantly. Many actions are taken proactively to avoid possible future corrective actions and often this involves slight adjustments of the software architecture and underlying services. Of course, regardless, every change of a medical device must be carefully evaluated, and decisions should always be documented and justified.
Finally, it is worth reiterating that the Blue Guide and the MDCG guidances are not legally binding, they are only providing explanations on how the legislation shall be understood.
Link: The ‘Blue Guide’ on the implementation of EU product rules 2022
EUDAMED – is delayed, again
The European database on medical devices (EUDAMED) is meant to be a big game-changer in the MDR* and IVDR**. EUDAMED is an integral part of the implementation of the two Regulations and will collect information about medical devices related to actor registration, unique device identification (UDI) and device registration, notified bodies and certificates, clinical investigations and performance studies, vigilance and market surveillance.
Currently, the use of EUDAMED is not yet mandatory , since only few modules are available, which can be used voluntarily. However, when fully functional, and thus mandatory, the purpose of EUDAMED will be to increase overall transparency and public accessibility to information concerning medical devices, and to enhance cooperation between the different EU Member States.
EUDAMED was originally scheduled to be launched by March 2020, but was delayed a first time to May 2022. Recently, the European Commission has postponed the release of EUDAMED again, to the second quarter of 2024 (Q4 2024). The European Commission will announce the full functionality of EUDAMED (i.e. all six modules) through publication of a Commission notice in the Official Journal of the European Union (OJEU).
Following a 6-month transitional period (Q4 2024), EUDAMED will become mandatory as regards obligations and requirements related to the actors, vigilance, clinical investigations and performance studies, and market surveillance modules. Requirements related to the UDI and device registration, notified bodies and certificate modules will become mandatory after a 24-month transitional period, by Q2 2026.
* European medical devices regulation (MDR; Regulation (EU) 2017/745).
** European in vitro diagnostic medical devices (IVDR; Regulation (EU) 2017/746).
Resource: md_eudamed_timeline_en.pdf (europa.eu)
What is your area of expertise within the Medical Device industry?
I have a broad expertise within developing, implementing and maintaining QMS compliant with the relevant regulatory requirements for both medical device and IVD medical device manufactures as well as providing regulatory support for product development, especially analytical performance of IVD devices.
What is your best quality in your work as a consultant?
I have a scientific background which helps me to get acquainted with the new products and medical areas rather quickly and be able to help the customer navigate through complex regulatory requirements and find the solutions.
If you can only pick ONE piece of advice to give to your client, based on your expertise, what would it be?
Embrace your QMS as a friend and not an enemy.
Where do you find recovery in your everyday life?
I spend time with my family, enjoy gardening and knitting.
“The evaluation of analytical performance of in vitro diagnostic medical devices is often underestimated, done in the last minute or even neglected. This often leads to delays and unpleasant surprises in the developments process. Thorough testing is essential for stable device performance and a key to the product’s success on the market. It is a worthwhile investment that pays off as reliable devices that benefit both patients and caretakers.”
Ekaterina has a background in research and over 10 years of experience in product development, product improvements, vigilance, quality management systems and auditing, clinical and regulatory support for new product development projects and global product registrations.
Ekaterina holds a Ph.D. in Bioinorganic Chemistry and a M.Sc. in Enzymology.
Book of the Year Award
Regulatory Affairs Professional Society (RAPS) has congratulated Robert Ginsberg and Mikael Dahlke for their efforts in co-writing Software as a Medical Device as a “publication that is well-written, accurate, relevant, and presents new information that fills a gap in regulatory knowledge on an emerging, cutting-edge, or state-of-the-art topic.” It was selected for the RAPS Book of the Year Award. Robert and Mikael have written the chapter related to: Safety risk management of software.
Congratulations, and thank you Robert and Mikael and the other leading software expert colleagues for your thought leadership and for your commitment to the profession! Your effort to simplify the regulatory complexity for the industry is well appreciated.
The book can be purchased from RAPS, and Robert and Mikael can be reached at www.qadvis.com and email@example.com .
If you have any questions about our newsletter, please feel free to contact Hermine Redl, Office Manager, by phone on +46 8 621 01 05 or email here.