About FDA

Key Elements of Effective Compliance

  • 1. Operational Excellence
    • 1.1. Our compliance operations span the product lifecycle and are based on prompt, strategic, clear, and visible initiatives that address important problems. We apply metrics to confirm the impact of these initiatives on public health.
      • 1.1.1. We work with out partners across the Center to pick and fix important problems and our focus is on outcomes, not outputs.
      • 1.1.2. We define and set goals before choosing compliance strategies.
      • 1.1.3. We collect and analyze data and use metrics as a standard part of compliance planning.
        • 1.1.3.1 Our sources include a database that identifies inspection sites based on weighted factors (e.g., inspection and compliance history, risks posed by product flaws, recalls, medical device reports (MDRs), and accidental radiation occurrence reports). The factors used by this database are developed, in part, through retrospective reviews of past compliance actions.
        • 1.1.3.2 We identify and escalate compliance signals, and we clarify these signals with support from the Office of Surveillance and Biometrics.
        • 1.1.3.3 We use information captured in data sources – such as data on the volume, types, and classifications of recalls – to assess the success of our compliance initiatives.
        • 1.1.3.4. We track resource allocations for projects and assignments.
      • 1.1.4. We follow Warning Letters and Class I recalls with inspections to gauge compliance. When firms do not come into compliance, we take escalated steps, such as seizures and injunctions.
      • 1.1.5. The above actions are supported by high-quality, reliable data maintained in interoperable systems.
        • 1.1.5.1 Data systems do what they are supposed to do and respond to user needs.
        • 1.1.5.2. Our data repositories are centralized. For example, we track assignments in a single database, we receive work through a single portal, and we run reports from a consolidated data source.
        • 1.1.5.3. Our databases are interoperable with systems outside the Center for Devices and Radiologic Health (CDRH) and data across these systems are consistent and current.
        • 1.1.5.4. We are able to easily find information located across the agency.
    • 1.2. We integrate our work with the work of the Office of Regulatory Affairs (ORA) and the Office of Chief Counsel (OCC).
      • 1.2.1 ORA and CDRH have a shared view of the importance of CDRH compliance programs, and ORA is committed to the timely completion of CDRH field work, including foreign inspections.
      • 1.2.2. CDRH leads the direction of field inspections and adjusts performance goals to match Center priorities.
      • 1.2.3. CDRH communicates effectively with ORA regarding compliance policy, strategic planning, and specific compliance matters.
        • 1.2.3.1. Based on this communication, ORA understands CDRH’s compliance priorities and the investigation and evidence necessary to support compliance referrals.
        • 1.2.3.2. There is front-end coordination with ORA on compliance matters, including specific areas of focus during inspections.
        • 1.2.3.3. CDRH Compliance staff and ORA field staff communicate directly without the need for prior supervisory approval.
      • 1.2.4. ORA staff is trained on and understands CDRH compliance programs. This training is accomplished through models such as:
        • 1.2.4.1. CDRH-based or joint CDRH/ORA training and certification of field staff (based on demonstrated competency in inspections, write-ups, and case review);
        • 1.2.4.2. Participation of CDRH experts in inspections of facilities that produce complex medical devices and electronic products (e.g., in vitro diagnostics or defibrillators).
      • 1.2.5. ORA’s referrals to CDRH are clear, timely, and complete.
        • 1.2.5.1. ORA understands CDRH’s need for timely and well-supported referrals.
        • 1.2.5.2. CDRH returns incomplete and poorly-prepared submissions to the originating Districts.
        • 1.2.5.3. Districts input foreign establishment inspection reports and bio-research monitoring (BIMO) exhibits into MARCS-CMS (the Mission Accomplishments and Regulatory Compliance Services-Compliance Case Management System).
      • 1.2.6. CDRH understands ORA policies and operations. This understanding results from strategies such as training provided by ORA, CDRH staff details to ORA headquarters and District offices, and participation of CDRH staff in ORA-led inspections of device and electronic product manufacturers.
      • 1.2.7. There is early communication and collaboration with OCC on CDRH compliance initiatives.
        • 1.2.7.1. CDRH and OCC partner to develop and maintain boilerplate components of compliance materials. This boilerplate speeds review and reduces inconsistent OCC feedback on like submissions.
        • 1.2.7.2. OCC timely clears guidance documents, which includes moving less controversial and lower-priority guidance documents through OCC while more controversial documents are pending.
        • 1.2.7.3. OCC and CDRH have a shared view of OCC’s role: OCC determines whether actions are legally supportable and defers to CDRH’s scientific, technical, and policy expertise. This shared view extends to which compliance actions require OCC review and which do not.
    • 1.3. We use quality management systems to improve compliance work.
      • 1.3.1. We document and share best practices, including work that can be consolidated or eliminated.
      • 1.3.2. We promote consistency in compliance activities across the Center.
        • 1.3.2.1. We develop, aggregate, and use templates, standard operating procedures (SOPs), and other standardized work tools.
        • 1.3.2.2. We follow defined processes for what to communicate, when to communicate, and how to assure that Compliance staff and other parts of the Center send consistent messages to constituents.
        • 1.3.2.3. We work with other parts of the Center to assure the consistency of materials coming to Compliance staff.
      • 1.3.3. We use an efficient process to develop and review compliance actions.
        • 1.3.3.1. We streamline the process for issuing assignments (e.g., through using assignment templates and electronic signatures).
        • 1.3.3.2. We streamline the review of assignments. This includes decreasing the layers of review and eliminating redundant review through tactics such as:
          • 1.3.3.2.1. Holding early conversations among participants in the review chain to discuss requirements for clearance;
          • 1.3.3.2.2. Replacing serial review with simultaneous review (i.e., a single meeting at which all reviewers comment on and clear an assignment);
          • 1.3.3.2.3. Piloting peer-to-peer review of assignments; and
          • 1.3.3.2.4. Using track-changes to edit and revise assignments.
        • 1.3.3.3. We streamline the process for clearing assignments, for example by:
          • 1.3.3.3.1. Having reviewers designate alternate signers and establishing “go” deadlines for cases in which there is no response from reviewers;
          • 1.3.3.3.2. Creating templates for acknowledgment letters and authorizing staff to sign and issue these letters; and
          • 1.3.3.3.3. Not requiring Office of Compliance clearance of compliance documents cleared by senior managers in the Office of In Vitro Diagnostic Device Evaluation and Safety and the Office of Communication, Education, and Radiation Programs.
        • 1.3.3.4. We identify and implement fixes for poorly-run and unproductive meetings and excessive E-mails. Solutions may include requesting unsubscribe features for recurring third-party E-mails, using E-rooms and other collaborative technologies, and providing training on managing effective meetings.
    • 1.4. Our operations are guided by a work-force and resource assessment.
      • 1.4.1. This assessment accounts for the capabilities of staff that are on-board. It includes:
        • 1.4.1.1. Understanding our work processes and documenting our workload – what we do and the resources needed to do it; and
        • 1.4.1.2. Identifying our compliance goals and measuring the resources (staff and otherwise) necessary to meet them.
      • 1.4.2. We apply resources and obtain additional resources to close the gap between current capabilities and compliance goals. This strategy may include:
        • 1.4.2.1. Increasing support staff to allow professional staff to focus on higher-level activities;
        • 1.4.2.2. Using Team Leaders to increase the manager-to-staff ratio and promote staff development;
        • 1.4.2.3. Developing action groups to take on special projects; and
        • 1.4.2.4. Training academic centers to perform research to support our compliance efforts.
      • 1.4.3. We select and account for activities stopped due to lower priority or lack of resources.
    • 1.5. We engage in comprehensive staff training and development.
      • 1.5.1. Our training includes an on-boarding program for new hires that integrates mentoring, organizational orientation, and substantive training on topics such as quality system regulations (QS regs), MDRs, BIMO, electronic product radiation control (EPRC), the Mammography Quality Standards Act, and case development.
      • 1.5.2. We apply a well-developed training program for all Compliance staff.
        • 1.5.2.1. This includes using compliance actions both to expand our compliance programs’ impact and to enhance staff understanding of how to develop these actions.
        • 1.5.2.2. This also includes developing specific expertise in technical areas like QS regs and EPRC and functional areas like recalls. Additional training topics may include creating and using SOPs, instruction on decision-making skills, and analytical training.
        • 1.5.2.3. Training is developed in partnership with CDRH’s Staff College and outside resources, such as ORA’s Division of Human Resource Development.
        • 1.5.2.4. We keep Compliance staff updated on emerging issues and technologies.
        • 1.5.2.5. We provide Center-wide – and in some cases Agency-wide – training on compliance programs: what the programs are, who administers them, and how they relate to other programs.
        • 1.5.2.6. We train our managers on effective management – this includes working with staff to set priorities and providing support and guidance on staff assignments.
      • 1.5.3. We develop and retain high-performing staff.
        • 1.5.3.1. We identify emerging leaders and develop emerging and current leaders.
        • 1.5.3.2. We demonstrate that employees are valued by recognizing employee successes (monetary and non-monetary recognition).
      • 1.5.4.We foster a culture based on mutual respect, collaboration, and alignment toward common goals.
    • 1.6. We practice top-to-bottom accountability.
      • 1.6.1. This includes accountability for deadlines.
        • 1.6.1.1. We determine and hold ourselves accountable to realistic timelines that account for varying degrees of work complexity.
          • 1.6.1.1.1. Staff is involved in setting these deadlines and has the resources to meet them.
          • 1.6.1.1.2. We recognize that we must be timely in delivering work to other parts of the Agency. When circumstances prevent us from completing an assignment on time, we advise those waiting for it – before the assigned deadline passes – that we will not meet the deadline and the reason for the delay. We then work with those individuals to set a new deadline.
      • 1.6.2. This includes accountability for product quality – we take accurate and well-supported positions conveyed in written work that is clear, concise, and complete.
      • 1.6.3. This includes accountability for effective management – we train our managers on how to manage successfully, and we conduct 360-degree reviews of their performance.
    • 1.7. We engage in Center-wide communication, built on:
      • 1.7.1. Relationships with colleagues across the Center that promote communication and collaboration;
      • 1.7.2. Participation in Center forums such as pre-market application (PMA) panel meetings and Office of Device Evaluation rounds; and
      • 1.7.3. Advising Center colleagues about new compliance programs and policies, and communicating with these colleagues about competing priorities (ours and theirs) to resolve areas of tension.
    • 1.8. We apply a total product life cycle approach to our compliance work.
      • 1.8.1. Compliance staff are engaged in the pre-approval decision-making process, giving input into areas such as data reliability, the quality of manufacturing processes, and the structure of post-approval studies (e.g., assuring that these studies can be adequately inspected).
      • 1.8.2. We feed compliance programs’ post-approval findings into pre-approval decision-making. Compliance-generated data in areas such as recalls and QS regs and MDR compliance factor into what is required of specific sponsors and industry sectors.
  • 2. Substantive Excellence
    • 2.1. We assure the production of medical devices and electronic products according to quality manufacturing practices.
      • 2.1.1. In assuring compliance, we look beyond documentation to design aspects and supporting science. We work with manufacturers to continuously improve QS reg and EPRC compliance and promote quality by design.
      • 2.1.2. We require demonstration of QS reg compliance in the PMA approval and 510(k) clearance processes.
      • 2.1.3. We assure that manufacturers of radiation-emitting electronic products apply sound quality-control testing programs. We use a single inspection of manufacturers of radiation-emitting medical devices to evaluate EPRC and QS reg compliance.
      • 2.1.4. We target for inspection, and follow-on action when merited, products and firms of concern. Examples include: infusion pumps; sterilization and disinfection devices; medical software; endoscopes; condoms and latex gloves; implantable defibrillators; medical imaging equipment; and high-powered lasers. We require non-compliant firms to implement measures to achieve and maintain a state of compliance.
    • 2.2. We assure that devices and radiation-emitting products comply with clearance and approval requirements and applicable standards.
      • 2.2.1. We target for inspection, and follow-on action when merited, products and firms of concern. Examples include: laboratory-developed tests; direct-to-consumer genetic tests; fraudulent products, such as sham H1N1 remedies; radiation-emitting devices; and high-powered lasers.
      • 2.2.2. We target sponsors who improperly claim substantial equivalence when seeking 510(k) clearance or who improperly claim exemption from 510(k) clearance. We likewise target sponsors who file 510(k)s when PMAs are required. This initiative includes educating sponsors about when devices are exempt from clearance and approval, when devices meet the 510(k) substantial equivalence standard, and when pre-market approval is needed.
    • 2.3. We assure that devices and radiation-emitting products that may injure consumers are quickly removed from the marketplace.
      • 2.3.1. Our recall operations follow SOPs that cover recall identification and review, use of precedents, and follow-up inspections of firms conducting Class I recalls.
      • 2.3.2. ORA and industry provide CDRH with timely notice of medical device and electronic product recalls. This includes submission of complete recall packages, which ORA field coordinators require from recalling firms.
      • 2.3.3. We enhance recall operations through constituent education on topics such as what is a recall, when to conduct a recall, how to advise FDA of a recall, and what information to submit to FDA when conducting a recall.
      • 2.3.4. We expand the scope of recall notification through the use of MedWatch, MedSun, and outreach to patient and healthcare provider organizations.
      • 2.3.5. We measure the impact of our recall operations, including the scope and timing of notification and product removal, and the timing and outcome of follow-up, at the recalling firm.
    • 2.4. We assure that consumers and healthcare providers receive complete and accurate product information.
      • 2.4.1. This information includes product labeling, advertising, and promotional materials. Based on available resources and authority, we review these materials for all devices, not just those subject to PMAs.
      • 2.4.2. We have a compliance program in place to oversee device advertising and promotion. Based on available resources, and if doing so enhances compliance operations, this program is run by a stand-alone group that regulates advertising and promotion across all device areas. This group develops compliance policies and initiatives covering advertising and promotion, collaborates with product and technical experts, and serves as a resource to other Compliance staff.
    • 2.5. We make compliance decisions based on accurate and complete information about firms and their products.
      • 2.5.1. We hold firms accountable for registration and listing requirements and device reporting requirements.
      • 2.5.2. Manufacturers of radiation-emitting products submit radiation safety reports confirming that their products satisfy applicable standards.
      • 2.5.3. We use a risk-based strategy to select for review a portion of the total reports that we receive, and we do not require constituents to submit reports that we do not regularly review.
      • 2.5.4. We use state and foreign inspection data to enhance our knowledge of device facilities.
    • 2.6. We assure that devices and radiation-emitting products offered for import are safe and effective and that they meet applicable standards.
      • 2.6.1. Working with ORA, we apply a risk-based inspection plan to direct an increasing number of foreign inspections. We supplement these inspections with information from foreign regulatory partners and accredited third parties.
      • 2.6.2. We help build the capacity of our foreign regulatory partners to oversee firms that export devices and radiation-emitting products. We leverage relationships with these partners to obtain information and support in resolving violations.
      • 2.6.3. We conduct outreach to foreign manufacturers about their regulatory responsibilities, including the need to assure the integrity of their supply chain. Foreign manufacturers understand that failure to meet FDA requirements will prevent entry of their products into the U.S.
      • 2.6.4. We conduct enhanced, risk-based surveillance and sampling at ports of entry, including greater input into and use of PREDICT (the Predictive Risk-based Evaluation for Dynamic Import Compliance Targeting system).
    • 2.7. We revise regulations and propose statutory changes to enhance our oversight capacity. This includes supporting new legislation for administrative detention and automatic destruction of violative devices, enhanced inspection authority, formalization of the application-integrity policy, and an obligation that contract research organizations satisfy BIMO requirements.
    • 2.8. We regularly and clearly communicate compliance priorities and expectations.
      • 2.8.1. We use guidance documents to transmit compliance policy and regulatory requirements.
      • 2.8.2. We target outreach through press releases, public presentations, articles, and other forums.
        • 2.8.2.1. We develop and disseminate this outreach in collaboration with agency stakeholders such as DICE (Division of Industry and Consumer Education  and DHC (Division of Health Communication).
        • 2.8.2.2. We explain the reasons for our actions. When we take enforcement, we explain how similarly-situated firms can avoid this outcome.
        • 2.8.2.3. This outreach includes the key message that firms are ultimately responsible for assuring compliance and that doing so makes good business sense.
          • 2.8.2.3.1. CDRH does not tolerate dangerous and poor-quality products, so industry’s emphasis must be on safety and efficacy, not speed to market.
          • 2.8.2.3.2. We recognize firms that work with us, and we encourage others to follow suit. We publicize actions against firms that violate regulatory requirements.
        • 2.8.2.4. We multiply the impact of our messages by collaborating with partners such as the Department of Defense, the Veteran’s Administration, the Centers for Medicare and Medicaid Services, and Tricare, for example by advising these organizations when we take action against products that they use or reimburse.
        • 2.8.2.5. We publicize CDRH Learn and provide technical assistance to small businesses and firms that make niche and orphan products.
  • 3. Organizational Excellence
    • 3.1. Our organizational model effectively and efficiently supports our compliance work. It likewise accounts for the diversity of medical devices and radiation-emitting products that we regulate.
    • 3.2. Staff develops product-specific, functional, and technical expertise, and we balance development of expertise against assuring a manageable range of duties. Strategies to strike this balance may include:
      • 3.2.1. Organizing staff according to compliance functions (e.g., specialists in Warning Letters and enforcement actions, recalls, pre-market inspections, etc.). This may enhance work distribution and staff’s ability to back each other;
      • 3.2.2. Adding to product areas staff with technical expertise, such as knowledge of QS regs or medical software oversight. These individuals would oversee compliance matters requiring their expertise, freeing up other staff to operate elsewhere; and
      • 3.2.3. Adding staff with functional expertise to product areas. Thus, a staff member working in a product area might partner on a compliance matter with an expert in enforcement actions or recalls, for example by focusing on the early stages of a compliance initiative and then passing the initiative to a functional expert.
    • 3.4. Our organizational model fosters cross-Center coordination of strategic compliance planning and policy development.
      • 3.4.1. We promote consistent compliance decisions across product areas.
      • 3.4.2. We enhance cross-Center communication of compliance strategy and policy decisions and provide a forum to resolve conflict in these areas.
      • 3.4.3. We integrate Compliance staff and promote interaction between Compliance and non-compliance staff.
      • 3.4.4. We identify a focal point for the Center for Drug Evaluation and Research, the Center for Biologics Evaluation and Research, and other FDA Centers to engage with CDRH, thereby supporting cross-Agency interaction.

 

Page Last Updated: 11/04/2014
Note: If you need help accessing information in different file formats, see Instructions for Downloading Viewers and Players.