Blog


Enterprise Risk Strategy and Emerging Technologies to address critical needs

Posted by on 5:33 pm in BLOG | 0 comments

Enterprise Risk Strategy and Emerging Technologies to address critical needs

On July 31, 2019 I had the opportunity to listen into a PricewaterhouseCoopers (PwC) webinar hosted by SDRAN discussing how to build a risk strategy utilizing emerging technologies such as Artificial Intelligence, Blockchain and IOT to improve quality, strengthen compliance and controls such as adverse event controls, reporting and reduce non-conformances.

As technology has advanced, the amount of data being produced by corporations is enormous and at best only a small fraction (PwC estimates .5%) is currently analyzed leaving a huge opportunity for anyone willing to invest in these emerging technologies. A more data driven focused approach can assist in accuracy, completeness and timeliness of reporting and compliance.

Underlying the point of adoption of emerging technologies in large firms, PwC conducted a survey of 7,300 respondents in 123 territories with the majority of respondents being senior executives. The results showed that continuous monitoring of network and email for security is showing the greatest adoption at 40% of respondents utilizing the tech. Anomaly detection, proactive detection of threats and data dashboards all have around 30% adoption and are a critical component of an analytics focused company. The leading edge is using data scientists and AI (with 17% and 11% adoption respectively) to use big data to solve ranges of issues to combat fraud, advance automation projects and streamline operations and workflows.

PwC’s 2018 Global Economic Crime and Fraud Survey was completed by 7,228 respondents from 123 territories. Of the total number of respondents, 52% were senior executives of their respective organizations, 42% represented publicly-listed companies and 55% represented organizations with more than 1,000 employees.

The three main areas of focus that are ready for enterprise adoption now are: Artificial Intelligence (defined as a collection of “smart” technologies and algorithms that are aware of and can learn from their environment to assist /augment human decision making), Blockchain (immutable, publicly distributed ledger) and IOT or Internet of Things (“Devices utilize embedded technology to communicate, record, and interact with the external environment using the internet as a means of communication”), with a synchronicity or convergence of these technologies allowing for benefits to rise while negating some of the downsides as well as the potential for true disruption.

Side note: In the mid-term (3-5 yrs.) 3D printing and robotics are coming up for wide scale enterprise use, followed by nanotechnology and quantum computing in the next 5-10+ yrs.

By demonstrating some case studies and best practices, it made these topics more relevant and realistic for those looking to adopt these strategies. Some examples of how adoption of these three emerging technologies is and could play out around the areas of Risk and Regulatory Affairs:

Registration and License Tracking can benefit from securing data sharing to guarantee patient data privacy through securing the credentialing process using an immutable anonymous ledger or blockchain.

Regulatory Intelligence and Complaint processing could benefit from Unstructured data mining using NLP (natural language processing) and using risk algorithms to determine fraud.

Regulatory Submissions and Clinical Trial Data Analysis could benefit from machine learning algorithms, using NLP as well as well using automated scripts in the cloud or on servers to reduce manual inputs and better manipulate, pull, label and organize data across an IT system.

Case Study 1 [Blockchain Application]: Blockchain can transform and vastly simplify the gathering and capturing of transaction detail across systems, allowing for a complete record to be stored on the blockchain and automating appropriate access and audits of the data to appropriate entities (i.e. Regulatory entities and payers)

Post Marker Regulatory Change Management could become more efficient and benefit in reduced manual processes using AI algorithms and cloud synchronization across IOT devices.

Adverse Event Reporting has many different sources (Mobile texts, Email, information in excels, dashboard or internal tools, etc.) and can all be merged using cloud hosted data source to ingest the data into a separate database for processing. There the data is read through NLP nodes to identify and label key entities. Finally, the data is interpreted with machine learning and rules-based models perform interpretation and then sent back to the appropriate workflow across the IT system. All the while, the entire process is being tracked and monitored by humans through a detailed user interface.

Case Study 2 [AI Application]: Example of funneling data sources to a centralized Machine learning algorithm to enable more automated adverse event reporting

Centralizing and streamlining Health Data to create virtual consultations and analysis. One further application which currently is being led by IOT devices such as the Apple Watch, is tracking, monitoring and packaging health data progression over time to be sent to physicians. A case study provided was where PwC partnered with iBData to create a single process for capturing and transmitting IBD progress in a way that is easy for the patient and informative for the clinician. This resulted in Clinicians being able to compile a comprehensive patient profile and develop a targeted treatment plan with standardized updates on a patient’s symptoms.

Case Study 3 [IOT Application]: Using Apple Watch to track IBD and then turn the data into useful dashboard for both clinicians and patients

The speakers did caveat this with the fact that biases are inherent in AI designed systems by the programmers and inputs, so best to be as objective with data as possible and conduct data audits and set clear baselines and review all model outputs. Other suggestions include setting clear validation tests for the model with real and created inputs. Furthermore, to really make these technologies work cohesively they need to constantly be a work culture of testing and looking at data, defines clear objectives of models and improve the model to get closer to answers that meet the objective as well as ensure it is reverse engineerable and explainable/auditable.

Background art source: https://www.lightfarmbrasil.com/

FDA Issues New Import Data Requirements

Posted by on 3:57 pm in BLOG | 0 comments

FDA Issues New Import Data Requirements

One of FDA’s many responsibilities is to review imported products regulated by the agency to determine admissibility. This job has become increasingly challenging with growing volumes of imports of FDA-regulated products each year — from six million import entries in 2002 to 35 million in 2015.

To help meet that challenge in a way that benefits both government and the trade community, import entries of products regulated by FDA are submitted through an electronic system called the Automated Commercial Environment (ACE). A final rule published on November 29 in the Federal Register specifies certain data that must be submitted in ACE when an FDA-regulated product is offered for import into the United States. The effective date of the rule is December 29, 2016, 30 days from the date of publication.

The trade community helped us pilot ACE, which is operated by U.S. Customs and Border Protection (CBP), from August 2015 to May 2016. In July 2016, ACE became the sole CBP-authorized system for electronic submissions of entries that contain FDA-regulated products.

The rule also includes technical revisions to certain sections of FDA regulations:

  • The owner or consignee of an FDA-regulated product is now defined as the importer of record. This brings FDA regulations up to date with previous revisions to customs laws. (21 CFR 1.83 and 21 CFR 1005.2)
  • FDA will now directly provide a notice that an FDA-regulated product is to be sampled, rather than having to go through CBP to provide that notice. (21 CFR 1.90)
  • FDA may now provide written notices electronically to the importer of record about FDA actions to refuse FDA-regulated products and/or subject certain drug products to administrative destruction. (21 CFR 1.94)
  • The rule clarifies that FDA can reject an entry for failure to provide through ACE the complete and accurate information required by the rule.

As a result of the more streamlined import process for FDA-regulated products provided by ACE, the rule is expected to lead to an efficient use of FDA and importer resources, and more effective enforcement of laws and regulations enforced by FDA.

Compliance Dates for UDI Regulatory Requirements

Posted by on 8:54 pm in BLOG | 0 comments

Key compliance dates in the UDI final rule.

Compliance Date Requirement
September 24, 2014 All Class III devicesThe labels and packages of class III medical devices and devices licensed under the Public Health Service Act (PHS Act) must bear a UDI. § 801.20.Dates on the labels of these devices must be formatted as required by § 801.18. Data for these devices must be submitted to the GUDID database. § 830.300.

A 1-year extension of this compliance date may be requested under § 801.55; such a request must be submitted no later than June 23, 2014.

Class III stand-alone software must provide its UDI as required by § 801.50(b).

September 24, 2015 Class II Implantable, life-saving, and life-preserving DevicesThe labels and packages of implantable, life-supporting, and life-sustaining devices must bear a UDI.  § 801.20.Dates on the labels of these devices must be formatted as required by § 801.18.
A device that is a life-supporting or life-sustaining device that is required to be labeled with a UDI must a bear UDI as a permanent marking on the device itself if the device is intended to be used more than once and intended to be reprocessed before each use.  § 801.45.Stand-alone software that is a life-supporting or life-sustaining device must provide its UDI as required by § 801.50(b).
Data for implantable, life-supporting, and life-sustaining devices that are required to be labeled with a UDI must be submitted to the GUDID database. § 830.300.
September 24, 2016 Remaining Class II DevicesThese are required to be labeled with a UDI must bear a UDI as a permanent marking on the device itself if the device is a device intended to be used more than once and intended to be reprocessed before each use. § 801.45.
The labels and packages of class II medical devices must bear a UDI.  § 801.20.Dates on the labels of these devices must be formatted as required by § 801.18.Class II stand-alone software must provide its UDI as required by § 801.50(b).
Data for class II devices that are required to be labeled with a UDI must be submitted to the GUDID database.  § 830.300.
September 24, 2018 All Remaining DevicesDevice that is required to be labeled with a UDI must bear a UDI as a permanent marking on the device itself if the device is a device intended to be used more than once and intended to be reprocessed before each use. § 801.45.
The labels and packages of class I medical devices and devices that have not been classified into class I, class II, or class III must bear a UDI. § 801.20.Dates on the labels of all devices, including devices that have been excepted from UDI labeling requirements, must be formatted as required by § 801.18.
Data for class I devices and devices that have not been classified into class I, class II, or class III that are required to be labeled with a UDI must be submitted to the GUDID database.  § 830.300.Class I stand-alone software must provide its UDI as required by § 801.50(b).
Compliance dates for all other provisions of the final rule.  Except for the provisions listed above, FDA requires full compliance with the final rule as of the effective date that applies to the provision.

These compliance dates will impact 510k and PMA submissions.  Contact us and our FDA Regulatory Consultant will help you guide your firm through the new paradigm.

 

Strategic and Effective FDA Pre-Submissions

Posted by on 4:39 am in BLOG | 0 comments

The purpose of the FDA Pre-Submission Program* (formerly Pre-IDE) and Meeting with FDA  is to provide a mechanism for applicants through which they can request feedback from the Food and Drug Administration (FDA) regarding potential or planned

1) Medical device Investigational Device Exemption (IDE) applications,

2)  Premarket Approval (PMA) applications,

3) Humanitarian Device Exemption (HDE) applications,

4) De novo Petitions (Evaluation of Automatic Class III Designations ),

5) Premarket Notification (510(k)) Submissions,

6) Clinical Laboratory Improvement Amendments (CLIA) Waiver by Application,

FDA Feedback may include

a) Written feedback by email

b) Conference call (max 1 hour)

c) Face-to-Face Meeting (max 1 hour)

For #a and #b – Meeting minutes must be drafted and submitted for FDA review.  Approved minutes become part of the Pre-Submission record

Contact Glen Feye -FDA regulatory consultant– at glen@accuratefdaconsultanting for help with planning, submitting and leading Pre Submission meeting

*Per 2012 Draft FDA Guidance titled- The Pre-Submission Program and Meetings with Food and Drug Administration Staff

Addressing FDA Import Alert and “Notice of FDA Action”

Posted by on 8:52 pm in BLOG | 0 comments

IN LIMBO ON THE BORDER – by Glen Feye

FDA is the main gatekeepers for foreign Medical Devices and Drugs imported into the United States.

If your shipment is questioned by FDA and receive a “Notice of FDA Action” contact your US Agent and you may need a FDA Compliance Consultant .

If your shipment is non compliant- expect   “HOLD DESIGNATED

If the appropriate action is not taken in a timely manner- expect ” REFUSAL OF ADMISSION

FDA wants these products out of the country or distroyed in a timely manner

1) Letter of Authorization

All FDA communications  must include the Entry Number

If you are working with a third-party consultant – FDA requires a Letter of Authorization from firm

2) Current FDA Registration and Device Listing-

Note-This is an annual process- and  medical devices manufacturers must pay the appropriate User Fee  by the beginning of the upcoming year

3) Regulatory Status- Devices and Drugs

Define product mix.  Develop a comprehensive spreadsheet which defines the following:

Devices-

Define device classification based on intended use of device as well as the appropriate product code and device listing

Identify 510k or PMA number(s)

Device accessories are devices

Components are not devices

Drug

Define drug based, – obtain the NDC numbers.

Navigating through this process and getting proper communication with FDA is challenging.

Contact www.accuratefdaconsulting.com or call a FDA Consultant to get help to properly remediate these import complications