Specific areas manufacturers need to watch out for, are the changing MDR Classification rules in Annex VIII. Manufacturers need to determine whether new conformity assessment routes are now applicable to their device portfolios and if their devices still fall into the same regulatory risk classification or they have been up classified. Changes have been made to the way that medical devices are classified, with requirements being increasingly scrutinised based on the risk posed to patients. Once you confirm the scope of your product fits the definition in article 2 and that it is a medical device, you then need to ensure that the product is classified correctly, and this should be conducted following the classification rules described in Annex VIII of the EU MDR 2017/745.
There are ‘extra requirements’ for devices that fall into any of the following categories; sterile, reusable surgical or has a measuring function.
The only available Conformity Assessment route for self-certified class I devices is to create and maintain technical documentation in compliance with Annex II & III. For class I (other requirements Is, Im, Ir), a limited QMS should be in place to ensure production controls are in place, as is detailed in Annex XI-Part A, or you may choose Annex IX – Chapter I, depending on which route suits your needs.
Once determined, you should ensure that your products meet the relevant ‘General Safety Performance Requirements’ (GSPRs) listed in Annex I of the MDR and IVDR. The benefits of using the device must outweigh risks and achieve the claimed performance. This must be proven with supporting clinical evidence or investigation, chemical, physical and biological properties. The ‘General Safety Performance Requirements’ (GSPR’s), are based on the previous Essential Requirements laid out in the MDD 93/42/EEC and AIMD 90/385/EEC, however, they are now much more prescriptive (thankfully). You will now see specific requirements for products containing nano particles. Also requirements for usability have been called out in much more detail, focusing on protecting the ‘layperson’ and addressing specific use risks. Historically this has been a problematic area, causing much confusion to manufacturers about what is required for legacy devices and the best way to address the requirement.
The regulation also calls out very specific requirements on what needs to be contained on the label. For instance,‘Unique Device Identification’ (UDI) is a new requirement, which is causing manufacturers many problems as new software, systems and processes are required and to accommodate this. There are also many new requirements in the labelling section of Annex I, whereby you are now required to identify your product as a ‘Medical Device’. New requirements relating to information on your Instructions for use e.g. bearing a notice to the user and/or patient that serious incidents should be reported to the manufacturer and competent authority. While the concept of serious incident reporting/vigilance reporting is not new, it was not previously required to inform users or patients in the IFU that such incidents should be reported. Patient reporting of adverse events would likely be new to manufacturers and may require new procedures and investigation practices. However, for class (I & IIa) devices, it is not mandatory to supply Instructions For Use, with your product, as long as the device can be used safely without.
Some of the other key problems that have already been highlighted in industry relate to changes. The concept of how this will work is still unclear. Typically, self-certified manufacturers would need to notify their Competent Authority (CA) about more administrative changes, for instance things like; registered address, company name, company type, adding or removing device(s) to your registration record, change of authorised representative (AR), change of contact details including email addresses and telephone numbers.
For true Class I Devices you do not have an obligation to tell the Competent Authority (CA) each time there is a change to the product, although this should be documented in your technical documentation, with a solid QMS process that is super sensitive to changes. The Competent Authority (CAs) do not currently have mechanisms to check product changes or to deal with the queries.