.6 BA U.S. FOOD DRUG

DMINISTRATION

   

Medical Device Safety Action Plan:
Protecting Patients,
Promoting Public Health

Medical Device Safety
Action Plan:

Protecting Patients, Promoting Public Health
Introduction
Medical devices play a crucial role in the treatment and diagnosis of illness and disease. They
range from common medical supplies (bandages, hospital gowns) to complex instruments that
help save and sustain life (heart valves, artificial pancreas). They include tools that aid in the
detection of disease (MRIs, in vitro diagnostics) and digital technology that is driving a revolution
in health care (medical apps, surgical planning tools, closed loop drug delivery devices). The
Food and Drug Administration (FDA) regulates over 190,000 different devices, which are
manufactured by more than 18,000 firms in more than 21,000 medical device facilities worldwide.
Although medical devices provide great benefits to patients, they also present risks. FDA’s
public health responsibilities span the life cycle of medical devices and, at every stage, FDA
must make well-supported regulatory decisions, taking into account the totality of the evidence,
to determine whether the benefits outweigh the risks. FDA strives to permit marketing of only
devices with a favorable benefit-risk profile, but not all information regarding benefits and risks
of a device is available nor can be generally known before a device reaches the market. New
information about the device’s safety, such as reports of unexpected adverse events, may
become available once the device is more widely distributed and used under real-world
conditions (e.g., in routine clinical practice, in the home setting), in broader patient populations,
and by a broader range of clinicians. Or, the risks associated with a device may change—for
instance, if modifications to a device introduce new or increased known risks, or changes in
manufacturing adversely affect the quality of a device.
Ensuring the safety of medical devices on an ongoing basis is far more complex than having a
vigilant postmarket surveillance system for quick identification of new or increased safety
concerns, timely public communication about them, and effective interventions. FDA also must
foster innovation that spurs the development of safer, more effective technologies and assures
timely patient access. Doing so will more effectively improve the health and quality of life of
patients and enable decision-making based on the best available evidence about medical
devices. Innovation and safety are not polar opposites but rather two sides of the same coin.
Spurring innovation to develop safer, more effective devices and devices that address unmet
needs, so that patients are not harmed by or experience fewer adverse health effects from their
underlying disease, is also about improving patient safety.
_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 1

 In recent years, FDA has focused substantial effort on a range of initiatives designed to promote
patient access to innovative new therapies and diagnostics. We have modernized and
streamlined premarket review processes, such as by establishing the Breakthrough Devices
Program. The Breakthrough Devices Program may be used, for instance, for devices that
effectively treat or diagnose a life-threatening or irreversibly debilitating condition and offer
significant advantages over existing alternatives, such as devices that are safer than available
products. i In addition, we have developed new regulatory science tools to better assess the
performance of devices during the premarket review process. We have enhanced the
predictability and transparency of premarket review through the development and finalization of
several key programmatic guidance documents and through significant improvements in
meeting performance goals set under the Medical Device User Fee Act (MDUFA). We have
recalibrated the benefit-risk framework used in premarket review and postmarket oversight of
devices, and we have adapted our regulatory footprint to keep pace with rapidly evolving new
technologies, such as in the digital health space. And we have taken important steps to
modernize our traditional safety surveillance capabilities.
Throughout this effort, FDA has endeavored to sustain an approach that both advances and
interweaves our innovation and safety priorities. As device technology continues to evolve and
the types of medical devices expand exponentially, we are mindful that the ways in which we
assure reasonable device safety must also keep pace. We must be vigilant in upholding our
mission to protect and promote the public health by minimizing unnecessary risks and ensuring
that devices provide clinical benefit, and we must assure that consumers, patients, caregivers,
and providers have access to the information they need to make well-informed decisions about
prevention, diagnosis, and treatment. And we must do so across the Total Product Life Cycle
(TPLC) of a device by leveraging the full range of our premarket and postmarket expertise, data,
knowledge, and tools at all stages of a device’s development, evaluation, and marketing.
The Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health outlines a
vision for how FDA can continue to enhance our programs and processes to assure the safety
of medical devices throughout the TPLC, to provide for the timely communication and resolution
of new or increased known safety issues, and to advance innovative technologies that are safer,
more effective and address unmet needs. Specifically, this plan focuses on how FDA can:
1. Establish a robust medical device patient safety net in the United States
2. Explore regulatory options to streamline and modernize timely implementation of
postmarket mitigations
3. Spur innovation towards safer medical devices
4. Advance medical device cybersecurity
5. Integrate the Center for Devices and Radiological Health’s (CDRH’s) premarket
and postmarket offices and activities to advance the use of a TPLC approach to
device safety

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 2

 In each of these areas, this plan outlines tailored actions, some of which can be accomplished
under FDA’s existing authorities and some of which would require consideration of new
authorities or funding. Our efforts to achieve these actions will build upon and complement
existing patient safety programs.

Framework for device oversight
The basic framework under which FDA oversees medical devices was put in place when
Congress enacted the Medical Device Amendments of 1976, which were incorporated into the
Federal Food, Drug, and Cosmetic Act (FD&C Act or the Act). In signing the legislation,
President Gerald Ford noted that, when “well designed and well-made and properly used,”
medical devices “support and lengthen life.” But when medical devices are “poorly designed,
poorly made, and improperly used,” they can “threaten and impair life.” His words remain true,
and continue to guide FDA’s work today.
The FD&C Act provides a flexible framework for medical device oversight that takes into
account that medical devices inherently carry some risk, recognizes that “safe and effective”
does not mean “risk free,” and requires that FDA tailor its oversight of devices to the degree of
risk presented.
FDA’s oversight of devices is tailored to three risk-based classifications ii:
•

Class I devices: Except for a small subset of class I “reserved” devices, class I devices
generally can be marketed in the United States without prior FDA review. However,
device makers are typically subject to reporting, labeling, and good manufacturing
practice requirements. Class I device types make up about 50 percent of all medical
devices. Examples include color change thermometers and elastic bandages.

•

Class II devices: For these devices, FDA generally reviews 510(k) submissions that
provide a demonstration of substantial equivalence to a legally marketed predicate
device. These submissions generally include extensive non-clinical testing, and, where
appropriate, clinical testing. Class II device types make up about 43% of all medical
devices. Examples of class II devices include glucose test strips and infusion pumps.

•

Class III devices: FDA generally reviews premarket applications (PMAs) containing
clinical and non-clinical data to determine whether there is a reasonable assurance of
safety and effectiveness for these devices. In 2017, FDA approved 64 PMAs. These
included the first continuous glucose monitoring system that can be used by adult
patients to make diabetes treatment decisions without calibration using a blood sample
from the fingertip, making the care of people living with diabetes, easier and more
manageable.

FDA’s evidentiary standard for premarket review of devices is valid scientific evidence, a
standard established by Congress in 1976 that still sets the benchmark for evidence to support
premarket submissions. iii This benchmark assures that the evidence is of sufficient quality to be

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 3

 relied on to determine whether there is reasonable assurance that a device is safe and effective
for its conditions of use and that it should be approved or cleared.
To assure the safety and effectiveness of devices once they are on the market, FDA uses a
multifaceted approach that relies on various methods and techniques under our current
authorities, including:
•
•
•
•
•
•
•
•
•

Medical device reports (MDRs), which are reports of certain adverse events and device
malfunctions iv
Medical Product Safety Network (MedSun)
Post-approval studies v
Postmarket surveillance studies (also referred to as “522 studies”) vi
Premarket approval application annual reports vii
Review of the scientific literature
Inspection of device establishments for compliance with quality system and other
applicable requirements viii
Manufacturer reports of corrections and removals ix
Complaints and allegations made by members of the public, often by competitor
companies.

While useful, these tools have inherent limitations. MDRs rely on a person, often a clinician, to
identify that a problem occurred, to realize that the problem may have been associated with the
use of a device, and to take the time to report the incident to FDA or the manufacturer. Postapproval studies can be challenging to perform if the data are not otherwise being collected for
the provision of healthcare because patients often lack an incentive to enroll in a clinical study
once a device has been approved. In response to these and other challenges, FDA has taken
several important steps to enhance our ability to assure the safety of medical devices through
the application of a TPLC approach.

Modern enhancements to FDA oversight of device
safety
In response to these inherent limitations, FDA has taken steps to significantly strengthen the
infrastructure to assure medical device safety and effectiveness in recent years. New statutory
authorities, new capabilities established through partnership with the public and private sectors,
and new programs developed under existing FDA mandates, individually and in combination,
amount to a tremendous leap forward in the Agency’s ability to assess the benefits and risks to
patients of medical devices, both pre- and postmarket. Many of these new programs and
systems have taken years to build, as FDA worked with members of the public, Congress,
industry and others to develop ideas, gather support, solicit feedback on potential designs, and
ultimately move the projects from paper to reality. Patients, providers, and FDA itself are on the
cusp of realizing the returns on these investments through improvements in patient safety and
health outcomes for years to come.

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 4

 Key enhancements include:
•

Establishing the unique device identification system

As directed by the Food and Drug Administration Amendments of 2007 (FDAAA) and the Food
and Drug Administration Safety and Innovation Act of 2012 (FDASIA), FDA established and
continues to implement a unique device identification system to identify medical devices through
their distribution and use. When the system is fully implemented, the label of most devices will
include a unique device identifier (UDI) in human- and machine-readable form, and the labelers
of those devices will submit certain information about each device to FDA’s Global Unique
Device Identification Database (GUDID). x
Establishment of the unique device identification system has been a tremendous milestone in
building a stronger, more modernized medical device safety net. The UDI provides a standard
and clear way to document device use, including in electronic health records, clinical information
systems, claims data sources, and registries. It allows more accurate reporting, reviewing, and
analyzing of adverse event reports so that new and increased known safety issues can be
identified and corrected more quickly. It provides a mechanism to reduce medical errors by
enabling healthcare professionals and others to more rapidly and precisely identify a device and
obtain important information concerning the device’s characteristics, which also prevents
confusion between similar devices that can lead to device misuse. It provides a mechanism to
help device manufacturers, distributors, and healthcare facilities manage device recalls more
effectively. And it provides a foundation for a global, secure distribution chain, helping to
address counterfeiting and diversion and prepare for medical emergencies. xi
•

Improving regulatory clarity regarding use of real world evidence

Real-world evidence—derived from multiple sources outside typical clinical research settings
(e.g., electronic health records, claims and billing activities, product and disease registries, or
health-monitoring devices)—provides an immense new set of information about medical
devices, and it plays an increasing role in health care decisions. Under the right conditions, realworld evidence may be suitable to support clearance or approval of a new device, or the
expansion of indications for the use of devices that are already on the market. In addition,
aggregation of real-world data (e.g., from medical device registries) is already proving useful for
ongoing device safety surveillance and additional evidence for effectiveness. In particular,
leveraging real world data sources has helped address the current challenges with patient
enrollment in post-approval and other postmarket studies. To realize the full promise of realworld evidence, FDA has sought to clarify what it is, what it can reveal, and how it can be used
most effectively at various stages of the device life cycle.
In 2016-2017, CDRH set—and exceeded—goals to increase access to, and use of, real-world
evidence to support regulatory decision-making. In 2017, FDA issued final guidance on Use of
Real-World Evidence to Support Regulatory Decision-Making for Medical Devices, describing
how FDA evaluates real-world data (the raw information about patient health status and/or
delivery of health care collected from a variety of sources) and determines whether they are of
sufficient quality for generating the types of real-world evidence that can be used in FDA

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 5

 decision-making for medical devices at various stages of the device life cycle. xii The guidance
describes the characteristics that FDA considers in assessing the relevance and reliability of the
data, as well as specific examples in which real-world evidence may be used. In combination
with the potential sources of data that will be available through the National Evaluation System
for health Technology (discussed below), FDA’s use of real-world evidence to support
regulatory decision-making for medical devices holds tremendous promise to incentivize
development of robust new sources of evidence of device safety and effectiveness, in less time
and at lower cost than ever before. xiii
•

Developing the National Evaluation System for health Technology (NEST)

To realize the promise of the UDI and real-world evidence, FDA must optimize postmarket data
collection, quality, completeness, and analysis, and develop a comprehensive framework for the
timely evaluation and management of significant postmarket safety signals. To support that
objective, FDA has championed the creation of what is now called the National Evaluation
System for health Technology or “NEST.” Modeled as a public-private partnership, NEST is run
by the non-profit Medical Device Innovation Consortium (MDIC) through the NEST Coordinating
Center (NESTcc). NEST is intended, in part, to be an active surveillance and evaluation system
that complements the passive surveillance approaches currently in use. FDA’s current reliance
on more traditional surveillance studies can take a long time before we can characterize any
risks and determine whether a signal represents a true safety concern. By driving
standardization of data capture, quality, and completeness by electronic health information
owners; by establishing agreements with those data owners for efficient data access; and by
providing for the linkage and aggregation of large data sets to which advanced methods and
analytics can be applied prospectively, NEST will facilitate detection of potential safety risks that
would not otherwise have been identified as quickly, or at all, as well as facilitate more timely
assessment of potential safety signals. In doing so, NEST also will provide for data that better
capture the safety and effectiveness of devices across diverse populations and across the
range of clinical settings, allowing for better device evaluation pre- and postmarket.
In 2016, FDA provided seed funding to establish the NESTcc and secured partial funding for
NEST as part of the commitments under the latest Medical Device User Fee Agreement
(MDUFA IV). In the coming years, as discussed in the Action Plan below, FDA will continue to
nurture the successful development of NEST through active leadership and participation in its
nascent activities. xiv
•

Signal Management Program

The CDRH Signal Management Program was established in October, 2012 to ensure
consistency, efficiency, accountability, and transparency in how CDRH evaluates and
addresses signals related to marketed medical devices. Signal management also provides an
avenue to transfer new postmarket information to the premarket review process, so that device
safety concerns are considered before similar devices reach the marketplace. A signal
represents a new potentially causal association or a new aspect of a known association
between a medical device and an adverse event or set of adverse events. Following
identification of a signal, a team of multi-disciplinary subject matter experts is convened to
_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 6

 refine, research and understand the issue, then determine the appropriate public health and/or
regulatory actions to mitigate the identified risks. Since the program’s inception, more than 150
signals have been evaluated, resulting in numerous public health and/or regulatory actions
taken, the most common being the issuance of a public safety communication. During this time,
nearly 50 communications related to safety signals have been issued. In addition to public
communications, other actions taken to mitigate safety risks include modifications to product
labeling, issuance of mandatory postmarket studies (522 Orders), product recalls, development
of regulatory guidance, recognition/development of national and international standards, public
advisory committee meetings, and clinical research. In recent years CDRH has updated and
refined its policies and internal processes to enable more timely communication around
identified signals so the public has information to act on sooner.
•

Recalibrating the benefit-risk framework for device oversight in the pre- and postmarket
settings

FDA’s standard for premarket review of Class III devices has always required FDA to weigh the
probable benefits of a device against its probable risks. In recent years, however, FDA has
issued a series of guidance documents to articulate a more flexible, patient-centric, and
transparent benefit-risk framework to evaluate devices in both the pre- and postmarket settings,
including:
 Factors to Consider When Making Benefit-Risk Determinations in Medical Device
Premarket Approval and De Novo Classifications xv
 Benefit-Risk Factors to Consider When Determining Substantial Equivalence in
Premarket Notifications [510(k)] with Different Technological Characteristics (Draft
Guidance) xvi
 Factors to Consider Regarding Benefit-Risk in Medical Device Product Availability,
Compliance, and Enforcement Decisions xvii
 Factors to Consider When Making Benefit-Risk Determinations for Investigational
Device Exemptions. xviii
This framework, which was developed with public feedback, recognizes that a patient’s safety
may be impacted not only by the use of a device that causes harm, but also when a patient
cannot access a device that would benefit his or her health. By considering a patient’s inability
to access a potentially life-saving or life-sustaining treatment as a safety concern, this
framework recalibrates FDA’s evaluation of the benefit-risk balance in decisions involving
premarket authorization or prioritization of resources for compliance and enforcement efforts.
For instance, under this approach, if a device presents a real likelihood of preventing serious
disability or death, FDA may determine that its benefits outweigh the greater uncertainty about
its risks if appropriate risk mitigations are taken (such as labeling). And, if data supports a
conclusion that a marketed device exhibits new or greater risks, FDA may determine that it can
remain on the market, with appropriate mitigations, because it continues to provide a positive
impact, such as on a patient’s survival, the ability to perform activities of daily living, or as relief
from the symptoms of the disease or condition that the device is intended to treat.

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 7

 Yet it is currently cumbersome for FDA to require that a company implement new mitigations,
such as labeling and user training, to address new or increased known safety risks of a device.
For example, if new information about an increased known risk changes the benefit-risk profile
of a type of marketed device, FDA must engage in rulemaking to create or amend the applicable
special controls—a process that is time- and resource-intensive. To complement the flexible
decision-making enabled by the benefit-risk framework, as discussed in the Action Plan below,
FDA will explore regulatory options to streamline timely implementation of postmarket
mitigations.
•

Creating a competitive marketplace for device quality

Meeting FDA requirements for manufacturing and product quality is essential for manufacturers
to make safe and effective devices, and FDA will continue to take appropriate steps, including
enforcement actions, to assure continued compliance. FDA’s own analysis has found, however,
that while quality system compliance and enforcement is important for assuring device safety, it
is not sufficient. FDA continues to see the same problems arise repeatedly across various subsectors of the medical device industry, as the current regulatory approach yields immediate, but
sometimes temporary, results.
FDA envisions a future state where the medical device ecosystem is inherently focused on
device features and manufacturing practices that have the greatest impact on product quality
and patient safety. FDA aims to adopt learnings from other industries, such as aerospace,
where companies compete on quality and product users have access to quality metrics that
allow them to be informed consumers. Internally, this requires a shift in FDA’s traditional
regulatory approach, toward a model that helps manufacturers identify and prevent problems
before they occur, adapts to changes in science and technology, and rapidly addresses events
that impact safety. Externally, this may require partnerships and shared responsibility among
FDA, industry, practitioners, and patients to evaluate and adjust continuously based on
experiences across the full life cycle of a device.
In 2011, FDA launched the Case for Quality, an initiative to elevate the focus of all medical
device stakeholders from baseline regulatory compliance to sustained, predictive practices that
advance medical device quality and safety to achieve better patient outcomes. xix As discussed
in the Action Plan below, FDA will continue exploring ways to spur a competitive marketplace for
device quality and innovation towards higher quality medical devices.
•

Addressing the cybersecurity of medical devices as a patient safety concern

Medical devices from insulin pumps to implantable cardiac pacemakers are becoming more
interconnected, which can lead to safer, more effective technologies. However, like computers
and the networks they operate in, these devices can be vulnerable to security breaches, and
exploitation of a device vulnerability could threaten the health and safety of patients. To prevent,
detect, and respond to vulnerabilities and exploits, FDA has taken steps to promote a multistakeholder, multi-faceted approach of vigilance, responsiveness, recovery, and resilience that
applies throughout the life cycle of relevant devices.

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 8

 At the premarket stage, FDA’s approach recognizes that, to avert potential risk, cybersecurity
needs to be included in product design and development, including capabilities that enable
device patching and updating in a timely way. Appropriate threat modeling and premarket
testing needs to be conducted to assess the adequacy of security for the device’s use
environment. In 2014, FDA issued a guidance document, Content of Premarket Submissions for
Management of Cybersecurity in Medical Devices, xx to describe the factors in the design and
development of medical devices that manufacturers should consider to assure device
cybersecurity, maintain device functionality, and reduce potential risk to patients.
Once a device is on the market, risk-management planning is essential to manage any risks that
might emerge and to reduce the likelihood of future risks. In 2016, FDA issued a guidance
document, Postmarket Management of Cybersecurity in Medical Devices, xxi to emphasize that
manufacturers should take a proactive, risk-based approach to cybersecurity throughout a
device’s life cycle, including a combination of monitoring, maintenance, identification of potential
issues, and action to address cybersecurity vulnerabilities and exploits.
FDA recognizes that a key to the adoption of proactive postmarket cybersecurity is the sharing
of cyber risk information and intelligence within the medical device community. FDA routinely
collaborates with the Department of Homeland Security (DHS) on potential cybersecurity
vulnerabilities and exploits that could impact medical devices or the healthcare sector. In
addition, FDA has been taking steps towards creation of a collaborative, multi-stakeholder
environment that fosters communication about cybersecurity vulnerabilities that may affect the
safety, effectiveness, and security of medical devices, or the integrity and security of the
surrounding healthcare IT infrastructure. FDA also continues to work with external partners to
advance the state of cybersecurity in the medical device ecosystem through several initiatives,
including supporting the establishment of additional medical device vulnerability Information
Sharing Analysis Organizations (ISAOs). xxii
•

Conclusion

These examples represent only a subset of FDA’s programmatic enhancements in the past
several years to promote American patients’ timely access to devices, without compromising
standards of safety and effectiveness. While these changes are relatively new, and the longterm effects on device safety cannot yet be measured, they have already impacted FDA
oversight of devices coming to, or already on, the market. And they provide the foundation for
the next coordinated wave of programmatic advancements set forth in the following Action Plan.

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 9

 Action Plan
The Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health outlines a
vision for how FDA can continue to refine our oversight of medical device safety throughout the
TPLC.

1. Establish a robust medical device patient safety net in the United States
The promise of NEST involves the ability to link and synthesize data from different electronic
health information sources, including device registries, electronic health records, medical billing
claims, patient-generated data, and other sources. The system will, among other capabilities,
help improve the quality of real-world evidence that FDA can use to detect emerging safety
signals quickly and take appropriate actions. It will provide another source of information for
medical device manufacturers to assess the safety and effectiveness of their devices and
continue to develop innovative improvements. And it will help healthcare providers and patients
stay better informed about the evolving benefit-risk profile of devices on the market and enable
them to make more informed decisions.
To help realize these goals, FDA intends to:
 Work collaboratively as a member of the NESTcc and with other partners to create
capabilities in NEST to perform active surveillance; perform timely, efficient
postmarket safety studies; and develop, test, and apply new methods for enhanced
safety signal detection and evaluation.
 Seek additional funding for NEST to assure the development of an active
surveillance capability and for FDA to support postmarket studies to evaluate
medical device safety concerns. Currently, NEST will receive $6 million in user fee
funding annually for the next five years. However, the multi-stakeholder Planning
Board for NEST estimated that the system would require $40 to $50 million annually
for the first five years to become fully operational. To that end, the FY 2019
President’s Budget seeks to fund a New Medical Data Enterprise, including
dedicated funding to support NEST and to support FDA postmarket studies that
address device-specific safety concerns. In addition, FDA will work with the NESTcc
and other stakeholders to help make NEST financially self-sustaining in the longterm.
In addition, as a complement to NEST, FDA recognizes the need to improve the quality and
efficiency of real-world evidence generation specifically for technologies used to address
women’s health. Over the years, several significant medical device safety issues have involved
devices intended for women’s health uses. To improve evidence generation about the safety
and effectiveness of health technologies in clinical areas that are unique to women, FDA intends
to:
 Continue working with external stakeholders to build the Women’s Health
Technologies Strategically Coordinated Registry Network (CRN), through the

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 10

 Medical Device Epidemiology Network Initiative (MDEpiNet) Public-Private
Partnership. The objective of the CRN will be to harmonize evidence generation,
promote interoperability and structured data capture, and link registries to other data
sources to provide more complete evidence for health technologies in clinical areas
that are unique to women, such as uterine fibroids, pelvic floor disorders, and female
long-acting, reversible contraception and sterilization. xxiii
 Leverage existing CRNs to evaluate sex/gender differences and long-term safety for
devices in multiple clinical areas. Devices for potential initial study, due to the
maturity of existing CRNs, include certain orthopedic and vascular devices.

2. Explore regulatory options to streamline and modernize timely
implementation of postmarket mitigations
If FDA identifies new information—such as through postmarket surveillance enabled by NEST—
that impacts the benefit-risk profile of a type of device, FDA can require companies to
implement mitigations (e.g., labeling, user training, device features) through the imposition of
additional special controls. However, because the establishment of special controls requires
rulemaking, which can entail extensive resources and time, it can be challenging for FDA to
require mitigations quickly. As a result, FDA often works with individual manufacturers to
voluntarily implement mitigations, an approach that is not always effective.
Accordingly, FDA intends to consider other actions that can be taken. Specifically, FDA will:
 Explore whether, under current statutory authorities, FDA can impose special controls,
when warranted to address new or increased known risks, more quickly through the
issuance of an umbrella regulation; and if not, explore what additional actions might be
taken, including considering potential new authorities.

3. Spur innovation towards safer medical devices
Once devices are on the market, firms tend to modify them continually, particularly new devices,
to improve their performance, add new features, or address new safety concerns. The
marketplace, however, often does not provide strong incentives to make an established device
safer in the absence of a new or greater-than-previously-understood safety concern. FDA
believes the marketplace should drive and reward developers who innovate to make safer
devices and strive for safety excellence. Although reimbursement is outside of FDA’s purview,
Congress has charged FDA with advancing policies that encourage and reward medical
innovation and facilitate timely patient access while continuing to provide reasonable
assurances that devices are safe and effective. To that end, FDA can provide both regulatory
incentives and scientific expertise to help drive the marketplace to develop safer technologies in
addition to devices that address unmet medical needs.
Specifically, FDA intends to:
 Explore what actions the Agency can take to spur innovation towards technologies
that make devices and their use safer. For devices intended to be safer than

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 11

 currently available technologies but that do not otherwise meet the Breakthrough
Device criteria, such actions could include greater interactions between FDA staff
and developers during the development, evaluation and premarket review phases or
even a distinct program similar to what the Agency offers under the Breakthrough
Device Program. Other actions could include focusing more of our regulatory science
research activities on safety innovation; developing scientific toolkits for developers
to better assure their devices are safe; providing more streamlined pathways for
comparative safety claims; and working with technology incubators who seek to
advance safety innovation.
 Establish a voluntary, more modern 510(k) pathway for demonstration of safety and
effectiveness for certain moderate risk devices. For the majority of Class II devices,
as well as some Class I and Class III devices, manufacturers must seek premarket
review through FDA’s 510(k) program and demonstrate substantial equivalence of
the device to a legally marketed predicate device. xxiv Substantial equivalence is
rooted in comparisons between new devices and “predicates,” which are legally
marketed devices to which a new device may be compared because it has the same
intended use and sufficiently similar technological characteristics. Predicate devices,
however, may be decades old. To facilitate a more modern paradigm, FDA intends to
expand the existing 510(k) program to allow manufacturers of certain wellunderstood device types to use objective performance criteria established or
recognized by the Agency to demonstrate substantial equivalence. FDA would
ensure that the objective criteria represent performance that is equivalent to modern
technologies. This approach would provide more direct evidence of the safety and
performance of a device, better information for patients and providers to make wellinformed health care decisions, and an opportunity for device developers to
demonstrate that their product meets or exceeds these modern performance criteria
as well as the ability to do so in a more straightforward and streamlined manner than
under the traditional 510(k) pathway. Through this more direct and transparent
approach, FDA may drive greater market competition to develop safer devices.
Manufacturers would be able to demonstrate that their products meet or exceed
objective performance criteria (including for safety), and they can more readily
demonstrate that their products perform better than other devices on the market
(including that they are safer). The framework for this voluntary program is outlined in
draft guidance released in April 2018, Expansion of the Abbreviated 510(k) Program:
Demonstrating Substantial Equivalence through Performance Criteria. xxv
 Building on the Case for Quality Initiative, create a competitive marketplace for
device quality. FDA will pilot the use of a progressive maturity model appraisal
approach to evaluate participants’ organizational excellence, identify any gaps, and
recognize when a participant performs above a compliance baseline. The pilot is
intended to establish organizational performance metrics and device quality metrics
that can be tracked in a “dashboard”-like format to facilitate continuous monitoring
and, accordingly, improved visibility to potential manufacturing, product quality, or
patient safety issues. The pilot will evaluate the effectiveness and scalability of the
_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 12

 model with the goal of standing up a voluntary third-party appraisal program in 2019.
The President’s FY2019 Budget reflects a proposal to Bring MedTech Manufacturing
Home: Advance Medical Device Manufacturing and Quality, which would include
funding to support creation of this program.

4. Advance medical device cybersecurity
In recent years FDA, manufacturers, and healthcare entities have made tremendous strides to
improve the cybersecurity of medical devices. However, all stakeholders, including FDA, must
strive to keep pace with emerging threats and vulnerabilities. To that end, FDA will explore
steps to help us build on the work that we and our stakeholders have already achieved.
Specifically, FDA plans to:
 Consider potential new premarket authorities to require firms, on the front end, to:
(i) build capability to update and patch device security into a product’s design and to
provide appropriate data regarding this capability to FDA as part of the device’s
premarket submission; and, (ii) develop a “Software Bill of Materials” that must be
provided to FDA as part of a premarket submission and made available to medical
device customers and users, so that they can better manage their networked assets
and be aware of which devices in their inventory or use may be subject to
vulnerabilities. In addition, availability of a “Software Bill of Materials” will enable
streamlining of timely postmarket mitigations.
 Update the premarket guidance on medical device cybersecurity to better protect
against moderate risks (such as ransomware campaigns that could disrupt clinical
operations and delay patient care) and major risks (such as exploiting a vulnerability
that enables a remote, multi-patient, catastrophic attack).
 Consider new postmarket authority to require that firms adopt policies and
procedures for coordinated disclosure of vulnerabilities as they are identified.
 Explore the development of a CyberMed Safety (Expert) Analysis Board (CYMSAB),
a public-private partnership that would complement existing device vulnerability
coordination and response mechanisms and serve as a resource for device makers
and FDA. The CYMSAB would encompass a broad range of expertise (including
hardware, software, networking, biomedical engineering, and clinical) in order to
integrate critical patient safety and clinical environment dimensions into the
assessment and validation of high-risk/high-impact device vulnerabilities and
incidents. Its functions would include assessing vulnerabilities, evaluating patient
safety risks, adjudicating disputes, assessing proposed mitigations, serving in a
consultative role to organizations navigating the coordinated disclosure process, and
serving as a “go-team” that could be deployed in the field to investigate a suspected
or confirmed device compromise at a manufacturer’s or FDA’s request. The
operationalization of a CYMSAB would be an invaluable asset to FDA, industry, and
healthcare facilities in averting and responding to cybersecurity vulnerabilities and
exploits. To address this unmet gap, the President’s FY2019 Budget reflects a
_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 13

 proposal to Expand the Digital Technology Industry, which would include funding to
support creation of the CYMSAB.
5. Integrate the CDRH’s premarket and postmarket offices and activities to advance
the use of a TPLC approach to device safety
Historically, FDA’s medical devices center, CDRH, has been organized largely according to the
stage of the product’s life cycle—premarket review, postmarket surveillance, and compliance—
rather than holistically by the type of product being regulated. Although that structure allows our
employees to become specialized by function, it does not always promote the type of
communication and collaboration that is proving essential to the continuously evolving
innovation of medical devices.
In 2015, CDRH began exploring a possible organizational transformation that could consolidate
the pre- and postmarket functions and create an infrastructure that can better adapt to future
scientific, regulatory, organizational, and ecosystem needs. This type of structure would seek to
consolidate and integrate many of the current aspects of product review, quality, surveillance,
and enforcement into a new, team-based approach. Key purposes of the approach would be to
enhance the efficiency and agility of our regulatory oversight by making information and
expertise-sharing within the organization easier; compressing the levels of review; and
facilitating employee development of a longitudinal, integrated, broader and deeper view of
device safety, effectiveness, and quality. Rather than assessing a device only at one point in
time—for instance, to evaluate whether a device meets the standard for approval, or to evaluate
postmarket data involving a device safety signal—reviewers, compliance officers, and other
experts would work in teams with responsibility for device oversight throughout the product’s
development and commercialization.
To facilitate this approach, CDRH is evaluating a potential structural design of one large office
comprised of seven smaller device-specific offices that would each be responsible for premarket
review, postmarket surveillance, manufacturing and device quality, and enforcement. The
design also would include a new office that would be dedicated to clinical evidence and
analysis, under which teams would be focused on clinical evidence policy, evidence synthesis
and analysis, biostatistics, bioresearch compliance, and collaboration with and outreach to
clinical researchers outside of FDA. The new office’s objectives would include advancing the
generation of more informative data across the TPLC about the benefits and risks of new
devices that would help inform regulatory decisions of CDRH staff throughout the TPLC
organization.
Accordingly, FDA plans to:
 Take appropriate steps to initiate such a reorganization.
This reorganization would better recognize that all our device program employees are
responsible for considering the data and other information from both premarket and postmarket
settings in assessing the benefits that patients will derive from a new device as well as the risks
they might encounter once it is in clinical use. By allowing our employees to take a more

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 14

 universal view of device oversight, the reorganization would help ensure that FDA can meet its
obligations as an agency that regulates medical devices throughout their life cycle.

Conclusion
FDA’s device program has evolved, and will continue to evolve, alongside changes in medical
technology and advancements in the systems to collect and evaluate data regarding
performance of that technology. Recent programmatic improvements, collectively, have
emphasized the importance of a “Total Product Life Cycle” approach to device premarket
review, manufacturing quality, and postmarket surveillance. At every stage of a device’s life
cycle, FDA continues to maintain a robust program for evaluating the safety of medical devices.
The Agency is also committed to identifying and acting on opportunities to strengthen this
program, and FDA intends to take the additional steps outlined in this Action Plan to continue to
build on, and enhance the returns from, those enhancements.
We welcome comments and feedback on this proposal and encourage other ideas and
suggestions on how we can strengthen our regulatory programs. Input may be submitted
through the public docket (FDA-2018-N-1315) at www.regulations.gov.

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 15

 References
FD&C Act § 515B(b); see also Breakthrough Devices Program, Draft Guidance for Industry and Food and Drug Administration
Staff (Oct. 25, 2017), available at
https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM581664.pdf.
ii FD&C Act § 513; 21 C.F.R. § 860.3.
iii FD&C Act § 513(a)(3)(b); 21 C.F.R. § 860.7.
iv FD&C Act § 519; 21 C.F.R. Part 803.
v 21 C.F.R. § 814.82.
vi FD&C Act § 522.
vii 21 C.F.R. §§ 814.82(a)(7) and 814.84(b).
viii FD&C Act § 510(h); 21 C.F.R. Part 820.
ix FD&C Act §§ 513(e) and 519(g); 21 C.F.R. Parts 810 and 806.
x GUDID is a database administered by FDA that will serve as a reference catalog for every device with an identifier. FDA makes data in
GUDID available to the public through the AccessGUDID application programming interfaces (APIs), search tools, and downloads. See
https://accessgudid.nlm.nih.gov/.
xi Additional information on the Unique Device Identification system can be found on FDA’s website at
https://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/UniqueDeviceIdentification/default.htm.
xii Use of Real-World Evidence to Support Regulatory Decision-Making for Medical Devices, Guidance for Industry and Food and Drug
Administration Staff (Aug. 31, 2017), available at
https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm513027.pdf.
xiii Additional information on the use of real world evidence can be found on FDA’s website at
https://www.fda.gov/ScienceResearch/SpecialTopics/RealWorldEvidence/default.htm.
xiv Additional information on NEST can be found on FDA’s website at
https://www.fda.gov/aboutfda/centersoffices/officeofmedicalproductsandtobacco/cdrh/cdrhreports/ucm301912.htm and at
https://nestcc.org/.
xv Factors to Consider When Making Benefit-Risk Determinations in Medical Device Premarket Approval and De Novo Classifications,
Guidance for Industry and Food and Drug Administration Staff (March, 28, 2012; updated on August 24, 2016), available at
https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm517504.pdf.
xvi Benefit-Risk Factors to Consider When Determining Substantial Equivalence in Premarket Notifications [510(k)] with Different
Technological Characteristics, Draft Guidance for Industry and Food and Drug Administration Staff (July 15, 2014), available at
https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM404773.pdf.
xvii Factors to Consider Regarding Benefit-Risk in Medical Device Product Availability, Compliance, and Enforcement Decisions,
Guidance for Industry and Food and Drug Administration Staff (Dec. 27, 2016), available at
https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm506679.pdf.
xviii Factors to Consider When Making Benefit-Risk Determinations for Investigational Device Exemptions, Guidance for Investigational
Device Exemption Sponsors, Sponsor-Investigators and Food and Drug Administration Staff (Jan. 13, 2017), available at
https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm451440.pdf.
xix Additional information on the Case for Quality Initiative can be found on FDA’s website at
https://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/MedicalDeviceQualityandCompliance/ucm378185.htm.
xx Content of Premarket Submissions for Management of Cybersecurity in Medical Devices, Guidance for Industry and Food and Drug
Administration Staff (Oct. 2, 2014), available at
https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm356190.pdf.
xxi Postmarket Management of Cybersecurity in Medical Devices, Guidance for Industry and Food and Drug Administration Staff (Dec.
28, 2016), available at
https://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm482022.pdf.
xxii Additional information on medical device cybersecurity can be found on FDA’s website at
https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm.
i

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 16

 Additional information about the CRN initiative can be found on the MDEpiNet website at http://mdepinet.org/womens-health-crn/.
For a comprehensive explanation of the 510(k) program, see The 510(k) Program: Evaluating Substantial Equivalence in
Premarket Notifications [510(k)], Guidance for Industry and Food and Drug Administration Staff (July 28, 2014), available at
https://www.fda.gov/downloads/MedicalDevices/.../UCM284443.pdf.
xxv Expansion of the Abbreviated 510(k) Program: Demonstrating Substantial Equivalence through Performance Criteria, Draft
Guidance for Industry and Food and Drug Administration (April 12, 2018), available at
https://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM604195.pdf.
xxiii

xxiv

_____________________________________________________________________________________________________
Medical Device Safety Action Plan: Protecting Patients, Promoting Public Health
Page 17