What does Medical Device Regulation (MDR) mean for companies in the medical technology sector? What challenges will it face and what requirements must future Product Information Management in particular meet? With regard to our in-house EPIM suite, we shed some light on the situation.
Almost no other industry is as characterized by regulatory requirements as medical technology. When it comes to people’s health, safety and reliability are paramount. Nevertheless, there are also disruptive developments in medical technology that intensify competition and promise great benefits for customers. Whether the end users are hospitals benefiting from new business models like Product-as-a-Service (PaaS), or patients themselves who are more mobile and secure thanks to modern monitoring solutions based on IoT technology – the potential of modern technology in the medical sector is enormous. Along with the benefit, the amount of data to be managed and the security requirements also increase – be it in terms of protection against cyber-attacks or to prevent disruptions. As a result, compliance requirements in the medical technology sector are very high and companies have to invest significantly in order to meet the relevant requirements. Medical Device Regulation (MDR) is currently causing many manufacturers and dealers a lot of headaches. Some manufacturers are even certain that the effectiveness of the regulation in May 2020 will put some companies out of business.
Focus on quality and safety of medical devices
Based on a high level of health protection for patients and users, this Regulation aims to ensure a well-functioning internal market for medical devices, taking into account the small and medium-sized enterprises operating in this sector. This Regulation also sets high standards for the quality and safety of medical devices in order to remove general safety concerns about them. Common to all current challenges is the absolute need for medical device manufacturers and distributors to review their information supply chain management. The management of huge amounts of data, the secure handling of sensitive information, the protection of system interfaces, central content management and complete documentation with comprehensive transparency are the most important cornerstones for companies that want to survive in the market in the future. A first step in the right direction is the establishment of comprehensive data governance as a guarantee for a planned approach. It guarantees that the necessary rules are implemented to ensure compliance and control internal processes. Only then are companies really prepared for their digital transformation.
Medical Device Regulation and Data Governance
Most companies in the medical technology sector are currently more than fully occupied with the implementation of the Medical Devices Ordinance. The implementation of the guideline makes it necessary to optimize the master data administration within the companies and to organize relevant data. Especially for manufacturers and distributors of medical devices, mistakes in labelling or packaging can endanger patients and lead to criminal consequences, which makes efficient data management indispensable. Complex product launches and counterfeit products are also topics that companies are concerned about. At the same time, medical device manufacturers, like any other company in any industry, face increasingly complex challenges. Growing amounts of data, including data produced by medical devices themselves, and increasing demands for data quality make professional handling more and more important. Product Information Management – sustainable information management. Therefore, companies should not regard the topic of data management as a threat, but as an opportunity to establish sustainable information management. Data governance as a business-critical task area in company management is currently playing a central role. Basically, it is about the definition of a regulatory framework with rules for strategic information management. It also provides the necessary tools for monitoring and controlling regulations, internal rules and legal requirements.
Data governance: data quality, risk management and the management and optimization of business processes
The tasks of data governance, therefore, include the definition of criteria that ensure data quality in compliance with the applicable guidelines. At the same time, however, risk management and the management and optimization of business processes are also the subject of data governance. Throughout the entire data lifecycle, data governance is intended to help identify and avoid risks while exploiting the business potential and reducing costs. At its core, successful data governance leads to the creation of corporate responsibilities and the development of processes and standards that all have the common goal of optimizing information management and ensuring the efficient use of data as business-critical assets. When it comes to responsible roles, it must also be clear that data governance is a shared responsibility: Corporate governance is just as important as the business departments and customer service, sales, marketing and IT. All distributed knowledge about processes and application systems must be bundled and a central definition of business rules created. At the same time, continuous monitoring of these rules must be guaranteed in order to ensure the added value of company data. Companies that neglect this central management task for too long run the risk of leaving potentials unused and ultimately facing an ever-increasing mountain of difficulties and obstacles that they will no longer be able to overcome in the long term.
Medical Device Regulation and Compliance
In an industry such as medical technology, strict regulatory requirements are important to ensure the safety of consumers, in this case, patients. As of May 2020, these regulations will be further strengthened by the above-mentioned obligation to MDR (Medical Device Regulation). The new regulation, which is based on specifications from the US FDA (Food and Drug Administration), replaces the previous guidelines for medical devices. The requirement requires that all medical devices, regardless of their risk class, be provided with a UDI (Unique Device Identification) code and that this product information be transferred to the Eudamed database so that all medical devices in the global market are uniquely identified and transparently traceable – throughout the supply chain. Up-to-date, correct and complete product information is therefore indispensable and poses major challenges for companies’ data management. The primary objective of the Medical Devices Ordinance is, therefore, the complete documentation and traceability of medical devices – worldwide. The consequence for manufacturers and dealers is, among other things, the fact that approval documentation must be extended – not only for newly manufactured medical devices, but also for older products. The associated costs are estimated to be enormous, and quite a few companies fear that the market will be initially purged by MDR.
Medical Device Regulation also has its Advantages
Nevertheless, the new Regulation also has advantages for businesses. On the one hand, the effort required to optimize data management provides an opportunity to review and, if necessary, improve internal processes and systems, and on the other hand, the standard also ensures that product counterfeiting and piracy are significantly impeded. Communication with suppliers and customers is also made more efficient and warehouse management optimized. What at first glance appears to be a major challenge with high costs, including monetary ones, can in the long term lead to more efficient processes and lower costs for companies. But in order to be able to realize these advantages, companies must ensure that the administrative processes of their information management function optimally and lead to complete and transparent documentation. Every workflow must be clearly defined, as must the associated access rights and roles. Continuous and comprehensive reporting supports immediate localization and reaction to errors and changes. In addition, this monitoring forms the basis for compliance-compliant documentation. The regulatory requirements, therefore, affect the entire information supply chain and make it necessary to formulate a comprehensive digital strategy. Otherwise, it will be very difficult to meet the requirements, and especially small and medium-sized companies without a clear IT organization will face major difficulties and, in case of doubt, will have to withdraw products from the market.
Why Viamedici EPIM in medical technology?
Viamedici EPIM enables complete control over the product data and manages it up-to-date, carefully and consistently. Viamedici EPIM also improves the visibility and traceability of data, reduces the effort required for compliance processes and thus creates the capacity to meet further challenges for the company. The system supports all compliance initiatives in all industries and also provides traceability of role-based security settings and auditable change logs. Escalation and control of time-critical checks and approvals are also included. With the Viamedici EPIM Enterprise Product Information Management Suite, even the largest volume of data can be efficiently and reliably maintained and managed company-wide – along the entire process chain. Viamedici EPIM offers a particularly simple implementation of guidelines, processes, version controls and releases. In addition, thanks to integrated Business Process Management, it takes predefined business rules and workflows into account. A management panel with analysis, reporting and visualization functions ensures end-to-end transparency and control in all processes. Processes can be monitored centrally and problems identified quickly and easily. Managers can check the current status of the company at any time, even via mobile devices. Viamedici EPIM effectively supports the implementation of data governance and ensures that the defined rules are continuously monitored and implemented.