It did not turn out to be what I expected in all respects. First, it contained also an amendment to the IVDR: a removal of the sell-off period at the end of each of the stacked grace periods, which makes this proposal very relevant for the IVDR as well. Secondly but logically it also contain an amendment for custom made devices that I personally had not expected but with hindsight makes a lot of sense.
The proposal reminded me of the epic philosophical dialogue in the “I want more life father” scene in the movie Blade Runner, in which the soon to expire replicant Roy meets Tyrell, the person who invented him, and argues for “more life”, posing to Tyrell the existential question “Can the maker repair what he makes?”
Tyrell says he cannot change the facts of life [you have to transition to transition to the MDR sooner or later] and explains how difficult it is to change processes in a life form that is already underway [once a law has been adopted, changing it is always problematic and messy and sometimes may not fix the problems created already]. An intense argument about possible ways to do it follows, where Roy makes suggestions that are each falsified by Tyrell. Tyrell ends the discussion with his consolation “You were made as well as we could make you.”, which the EU legislator will no doubt think about the MDR. Let’s hope the MDR extension does not end like the Blade Runner scene, in which Tyrell does not survive the confrontation with his angry creation that does not accept his fate.
In the case of the MDR the extension comes at a price as we will see below. Age old wisdoms are that there is no such thing as a free extension and that you have to beware of people bearing gifts in situations where they might want something from you. In this case both of these old wisdoms apply. The MDCG has been warning for a long time that whatever is going to be done to help in terms of bridging and extensions is supposed to only benefit the manufacturers that have already taken steps to transition to the MDR. If your company has gambled and kick the can down the road, you will find that your options under this proposal are very limited, and intentionally so.
Let’s pick this proposal apart with the knowledge of now. The MDR part of the proposal completely upends article 120 sections (2), (3) and (4) MDR.
Article 120 (2) changes: validity of certificates
Article 120 (2) MDR is proposed to be changed to keep the valid (AI)MDD certificates valid or have them relive and be valid (in case of expired certificates) from the expiry date on the certificate for the period until the risk class based backstop date in the new article 120 (3b) (31 December 2027 or 2028).
Wait what? Expired certificates relive?! Yes, but only under conditions set out in the new article 120 (2) (a) and (b):
- Either you have both signed an agreement with a notified body before the expiry of the certificate for the legacy device or a “a device intended to substitute that device” OR
- You have a valid article 59 MDR derogation or a valid article 97 MDR exemption (either of which apparently does not have to be in place at the expiry date of the certificate, which makes sense).
An important question is what the concept of “a device intended to substitute that device” means, because this is a gating item both for the notified body and for the manufacturer. This concept is not clarified anywhere in the recitals or the explanation to the proposal, yet is a crucial concept for application of the amended transitional regime. For example: would this device need to be equivalent to the legacy device it is intended to replace? And is that then evaluated by reference to the criteria for equivalence under the MDR? Or can it be a device that has a broader intended purpose? Nobody knows and this concept will need Commission or MDCG clarification. And we all know what that means: this will not arrive soon.
The fact that this clause extends the validity of existing and valid legacy device certificates by operation of law from the expiry date (even if that date is still in the future) but also – in exchange – makes the article 120 (3b) – (3d) conditions immediately applicable to the device (see conditions discussion below). So whether you like it or not: with a still valid certificate as a result of automatic application of article 120 (2) MDR you are shunted into the new regime – no choice. What does that mean for you?
Article 120 (3) changes: stacked risk based grace periods
Interestingly for a change the MDR proposal follows an earlier IVDR legislative amendment, implemented early 2022, which implemented stacked grace periods by risk class. The MDR now copies this mechanism, as I predicted as a likely option, but adds additional conditions for the use of the extended grace periods that are aimed to foreclose the extended grace periods to manufacturers that do not meet one of the article 120 (2) conditions for certificates to be valid beyond their expiry date:
- Either you have both signed an agreement with a notified body before the expiry of the certificate for the legacy device or a “a device intended to substitute that device” OR
- You have a valid article 59 MDR derogation or a valid article 97 MDR exemption (either of which apparently does not have to be in place at the expiry date, which makes sense).
Let’s look at the details of what changes in article 120 (3). “Due to the length of the provision, paragraph 3 is replaced by paragraphs 3a to 3g.”, says the explanatory memorandum.
Article 120 (3a) – derogation from Article 5 MDR
This means that when you meet the requirements of the proposal (device qualifies under article 120 (3b) or (3c) MDR and you meet the conditions under article 120 (3d) MDR you get to be exempted from the core requirement in the MDR: having a valid CE marking under the MDR.
120 (3b) – to suture or not to suture?
Article 120 (3b) provides for triage of devices that are already subject to an (AI)MDD certificate. Triage happens based on risk class under Annex VIII of the MDR (the provision does not explicitly state this by the way, but this is consistent with the way the corrigendum for the up-classified class I devices worked) and on the basis of a qualification question that will have pained many for requirements for Well Established Technology (WET) under article 18 (3) MDR (implant card), article 52 (4) (conformity assessment) and 61 (6) (b) MDR (clinical evaluation requirements): the sutures, staples, dental fillings, dental braces, tooth crowns, screws, wedges, plates, wires, pins, clips and connectors. The proposal’s explanatory text refers to them specifically as WET. This means that more complex devices with these names are likely not in scope of this defined group. In this regard the Team-NB Position Paper on a risk-based approach for medical devices exempted from an implant card and information to be supplied to the patient with an implanted device per Article 18.3 may also be relevant for qualification and for dental implants the Team NB position paper on Applicability of exemption rule to endosseous dental implants and dental implant abutments may be relevant.
See for triage logic the below summary flowchart. Note please that this flowchart does not describe the full process and all applicable conditions – it’s for triage only. And it is an improvement on the flowchart I initially shared via LinkedIn.
I posted a slightly different version of the flowchart in on LinkedIn initially that excluded sutures, staples, dental fillings, dental braces, tooth crowns, screws, wedges, plates, wires, pins, clips and connectors from the 2027 period altogether because of the use of the comma before the word ‘except’ in article 120 (3b) (a) (“31 December 2027, for class III devices and for class IIb implantable devices, except “sutures, staples, dental fillings, dental braces, tooth crowns, screws, wedges, plates, wires, pins, clips and connectors”) and the explanatory memorandum clarification
“The transition period is extended from 26 May 2024 until 31 December 2027 for higher risk devices (class III and class IIb implantable devices except certain devices for which the MDR provides exemptions, given that these devices are considered to be based on well established technologies) and until 31 December 2028 for medium and lower risk devices (other class IIb devices and class IIa, class Im, Is and Ir devices).”Explanatory memorandum proposal
Later we heard that the Commission had clarified in response to a question that qualifying sutures, staples, dental fillings, dental braces, tooth crowns, screws, wedges, plates, wires, pins, clips and connectors end up in the 2028 bucket. So I had to amend my initial flow chart to the above version. Don’t use the old one!
What I personally don’t find very logical is why the deadline logic departs from the 26 May deadlines as used everywhere else in the MDR and IVDR and instead uses 31 December 2027 and 2028. It’s nice that there is more time for transition of course, even if it is not logical. At least chances that people get in trouble with this are slim, because at worst a company finds out on 26 May that they had until 31 December.
Also here we have the discussion of what a “device intended to substitute that device” is (see above under article 120 (2) MDR).
120 (3c) – the up-classifieds had better hurry towards MDR
Article 120 (3c) deals with the class I up-classifieds, or in other words: the devices that do not need a notified body certificate under the MDD, but will need one under the MDR. These had gotten the corrigendum 2019 bonus of a declaration of conformity issued before 26 May 2021 that could be valid until end of the game period, provided that the article 120 (3) MDR requirements keep being met, such as no significant changes. This proved a lot more difficult than expected for especially software devices. These devices now get four and a half years extra time: until 31 December 2028! Whoohoo!
But this comes at a price: for these devices you do need to meet the requirements under article 120 (3d) MDR now, which still include no significant changes until that date and most importantly, some big things you need to do before 26 May 2024: have a full MDR QMS implemented (article 120 (3d)) and have a conformity assessment application underway at a notified body, with which you need a written agreement too by that date (article 120 (3d) MDR). That means that as manufacturer of an up-classified device you must have met these condition more than four (4!) years ahead of the end of your transition period. And if you don’t, you lose validity of your declaration of conformity by 26 May 2024 and you are done under the MDD and MDR.
So think about this a second (makes underwater scuba sign for “think about this/do not forget to”): you will likely not get to use up the full time until end of 2028 under the MDD (unless your conformity assent procedure takes four and half years, which is unlikely). So if you have a class I up-classified device you actually have no time to lose! You have less than one and half years (until 26 May 2024) to be ready for MDR conformity assessment – now that’s something else than sitting on your hands until 31 December 2028, right? Ergo, please do not make that mistake. Time is of the essence now.
120 (3d) – there is no such things as a free extension
There is no such thing as a free extension, and this one also comes with strings attached. These strings are set out in article 120 (3d) and – mind you – they also apply to class I up-classified devices as discussed above. Some of the requirements are already in the MDR (article 120 (3) MDR): the requirement of continued compliance with the (AI)MDD (article 120 (3d) (a) MDR) and no significant changes in design or intended purpose (article 120 (3d) (b) MDR, as clarified in MDCG 2020-3), which is no change from the current situation. The other three conditions in article 120 (3d), however, most certainly are because they are new (although you could debate this for article 120 (3d) (c), which is already part of the appropriate surveillance for the (AI)MDD certificate).
Let’s start with article 120 (3d) (c), which requires that your device does “not present an unacceptable risk to the health or safety of patients, users or other persons, or to other aspects of the protection of public health”. This is very much a market surveillance term (only found in the MDR in the market surveillance provisions article 93 to 97, meaning that the competent authorities do not want to get in trouble with the device concerned). But how are you going to determine that? It’s your device, (AI)MDD certificate valid, so how on earth could it pose an unacceptable risk? The whole idea about having a valid (AI)MDD certificate is that the devices presents acceptable risks only. According to the explanatory note:
“No systematic check of the device’s safety is required, as devices covered by a certificate issued under the Directives will be under ‘appropriate surveillance’ by the body that issued the certificate or a notified body designated under the MDR. Where, as part of their market surveillance activities, a competent authority finds that a device presents an unacceptable risk to the health or safety of patients, users or other persons, or to other aspects of the protection of public health, the transition period ceases to apply for that device.”
OK, so how will the notified body apply this then, because it is not a conformity standard subject to appropriate surveillance? It looks like this refers to the criterion in section 4.5 of MDCG 2022-4 Rev. 1 (“where the audit activities reveal a major non-conformity, which may present an unacceptable risk to the health or safety of patients, users or other persons”) but which still remains very unclear externally, but the notifying authorities will probably have instructed notified bodies on how to apply this. Would be nice if the rest of us would know too, right? Makes it so much easier to comply with requirements.
Article 120 (3d )(d) requires, according to the explanation to the proposal that
“no later than 26 May 2024, the manufacturer has put in place a quality management system (QMS) in accordance with Article 10(9) of the MDR. This condition aims to ensure that manufacturers gradually move towards full compliance with the MDR requirements. No specific attestation, i.e. no self-declaration nor verification of the appropriateness of the QMS by a notified body, is required at this stage. However, by submitting an application for conformity assessment to a notified body (see next condition), the manufacturer implicitly confirms that its QMS is in compliance with the MDR.”Explanatory memorandum proposal
This condition is intended to make all manufacturers of legacy devices march in line as regards QMS as of 26 May 2024, and a step up to the conditions that were already in article 120 (3) MDR, which required certain QMS parts to be implemented for legacy devices. This is now changed to the whole QMS enchillada.
So, wouldn’t the requirement to also have a conformity assessment application underway by that date make a non-requirement out of this provision? Why is this needed if the condition under 120 (3d) (e) of a conformity assessment application for MDR lodged is sufficient? Good question. Because the problem with legal requirements is that you have to meet them and that would be firmer than an implicit confirmation.
So what could be the consequence? This would – I think – only have consequences where the manufacturer fails the QMS audit under MDR (because then he did not have a compliant QMS in place) and the consequence of not meeting the requirement would be so-called ex tunc invalidity of the certificate, in which case it turns out that the manufacturer never met the requirement, was non compliant on 26 May 2024 or the date on which he submitted the conformity assessment application, meaning that the certificate was invalid and the manufacturer has been placing non-compliant devices on the market, which is a market surveillance no-no, subject to competent authority fines, imposed recalls and so on.
Finally, as last condition article 120 (3d) (e) requires that no later than 26 May 2024, the manufacturer, or an authorised representative, has lodged a formal application in accordance with Section 4.3, first subparagraph, of Annex VII for conformity assessment in respect of a device referred to in paragraphs 3b and 3c of this Article or in respect of a device intended to substitute that device, and no later than 26 September 2024 the notified body and the manufacturer have signed a written agreement in accordance with Section 4.3, second subparagraph, of Annex VII. Note that this need to concern the legacy device or the “device intended to substitute that device” (discussion above under article 120 (2) MDR). Also note that this condition contains an additional condition compared to article 120 (2) (a): not only is a written agreement needed, but the conformity assessment application must be have been lodged.
Effectively this means that the validity of certificate (dealt with under article 120 (2) (a) MDR) is treated differently than placing on the markt / putting into service under that valid certificate (which is dealt with under article 120 (3d): ‘devices may be placed on the market or put into service until the dates referred to in paragraphs 3b and 3c of this Article only if the following conditions are met’). I am not sure why this choice was made. It does allow for the option to have a valid certificate (may be useful for ex-Union trade) but not be able to place devices on the market in the Union. It also means however that a manufacturer must lodge an application for conformity assessment before 26 May 2024 to be able to keep placing devices on the market or put them into service. The question is also here what ‘lodged a formal application’ means: must the manufacturer have made an application or does the application also have to be validated and accepted by the notified body? That latter element does not follow from the text nor from the application, so this may mean that this will be tested in practice with a lot of applications being made shortly before 26 May 2024.
As long as the certificate or declaration of conformity is valid (which is until 26 May 2024 at the latest) you would expect not to be affected by the conditions for continued validity under article 120 (3b), (3c) and (3d) and could sit out your certificate quietly until the expiry date. But this is not how the proposal works as discussed above. Article 120 (2) as amended extends these certificates by operation of law immediately upon entry into force of the proposal to either 31 December 2027 or 2028 without giving you an option. Article 120 (3d) (e) provides that you must have lodged a conformity assessment application with a notified body and have signed an agreement with the notified body in order to for the certificate or DoC to remain valid. As stated above, this means that you cannot wait, but have to immediately start to prepare and submit the best conformity assessment application at a notified body that will accept it. Manufacturers may see that while they meet the 26 May 2024 deadline, the notified body then has a long time to complete the conformity assessment (but the manufacturer is rewarded with a certificate that remains valid until 31 December 2027 or 2028), hopefully giving the notified body enough time to complete the assessment before the legal expiry of the prolonged validity.
Also here it is relevant what happens when the application is rejected: was the placing on the market and putting into service until that time retroactively unlawful (ex tunc application) or will it only be unlawful for the future (ex nunc application)? The proposal is silent on this point
120 (3e) – the old conditions of article 120 (3) MDR remain in place
The old conditions of article 120 (3) remain in place for the legacy devices (MDR post-market surveillance, market surveillance, vigilance, registration of economic operators and of devices) but this is really only relevant until 26 May 2024, because after that date the manufacturer is running a full article 10 (9) MDR QMS.
120 (3f) – notified body shuffle
Article 120 (3f) deals with the logistics of which notified body is responsible for surveillance of the certificate when it remains valid past its expiry date (this does not need to be an MDR designated notified body), how it works when the legacy devices is substituted by another device. The MDR notified body with which the agreement is signed pursuant to article 120 (3d) (e) (the one that needs to be in place for the legacy device or the substitute device) takes over surveillance of the notified body that surveilled the legacy or substitute device certificate if this notified body was not designated under the MDR.
120 (g) – custom made devices have the least transition time
Class III custom made implants (which require notified body intervention under the MDR pursuant to article 52 (8) MDR, so it’s kind of logical that these are also covered in this proposal.
What I don’t understand it why their deadline is 26 May 2026 and not 31 December 2026, and why they did not go in the class III implants category of 31 December 2027. Maybe the Commission thinks that the custom made devices have an easier pathway or something? This is not necessarily the case.
The same conditions as under article 120 (3d) (e) apply: having an agreement signed with a notified body by 26 September 2024 and lodging an application by 26 May 2024.
Article 120 (4) changes: the sell-off period removed
The changes to article 120 (4) are to remove the sell-off period completely. This has been the result of a successful lobby effort demonstrating that the sell-off period was simply too short because most devices take a long time to move through the supply chain slower than the legislator initially assumed. Also, the devices stuck in the supply chain that the 27 May 2025 hard stop would be lost to the Union market, which would also be a bad idea. In the words of the proposal:
“To prevent unnecessary disposal of safe medical devices and in vitro diagnostic medical devices that are still in the supply chain, thus adding to the imminent risk of shortages of devices, such further making available of devices should be unlimited in time.”Recital 10 of the proposal
This means that there will be unlimited time for selling off of legacy devices that were placed on the market lawfully and that there will be a considerable period of time in which there will still be legacy devices on the market being sold off, and competing with MDR certified devices. Apart from the confusion that no doubt will ensue about the compliance status of legacy devices still being sold off to end users in 2030 (which is possible)m the question is how fair this is to the manufacturers that did invest in MDR transition and may face competition from these devices for a considerable time. And to patients, that may be treated with old legacy devices while more state of art ones are available as MDR CE marked devices. The whole idea behind the sell-off period was in itself not bad: that at a certain point in time there would only be devices on the market approved by MDR standards.
Housekeeping (article 122 and 123)
There is some technical housekeeping in article 1 (2) and (3) of the proposal, making changes to articles 122 (repeal of directives) and 123 (delayed entry into force of provisions) to account for the changes made to article 120 in the proposal.
IVDR changes: the sell-off period removed
For the IVDR the proposal contains a removal of the sell-off period. The background there is that the Commission has realized that the sell-off period is simply too short and will lead to devices being stuck in the supply chain at the end of the sell-off period. In the words of recital 10 of the proposal:
“To prevent unnecessary disposal of safe medical devices and in vitro diagnostic medical devices that are still in the supply chain, thus adding to the imminent risk of shortages of devices, such further making available of devices should be unlimited in time.”Recital 10 proposal
I must say that I had not expected this. This may have been done for the same reasons as for MDR medical devices, but it also invokes the same issues as with MDR medical devices: there will be legacy devices on the market having gained access under ‘old’ standards’ that will be competing with IVDR standards assessed devices for a potentially looong time (if the devices have long or no expiry dates).
Relation to MDCG 2022-18 (article 97 exemptions)
If the proposal is adopted, the extension by operation of law of legacy devices will massively decrease the potential burden on the competent authorities to solve things by means of recourse to article 97 MDR, for which MDCG 2022-18 provided the blueprint.
The competent authorities’ role will be limited to dealing with the exceptional cases that do not fit in the proposal logic for one or the other reason, just the way they like it and is their normal modus operandi.
Relation to MDCG 2022-14 position paper
No proposal is an island. As I have observed in an interview with RAPS, we will also need the MDCG and member states’ full and unwavering commitment to roll-out of MDCG 2022-14 measures to create enough room for the notified bodies to live up to the challenge. I have been somewhat critical about the MDCG’s capacity to deliver, but I would like to remain enthusiastic and hope that, in the spirit of the ‘can the maker repair what he makes’ the MDCG will surprise us all positively.
And manufacturers must step up too. At the risk of sounding like a broken record: this is no time to sit on your hands people. As explained above, the first deadline hurdles for MDR QMS and a lodged application for conformity assessment at a notified body that you may still need to find and willing to work for you and sign a conformity assessment agreement with by 26 May 2024 are closer than you think. If your management thinks that anything less than full throttle is a good idea in any way for MDR transition, they are not fit for purpose. The proposal makes MDR transition a Chefsache as they say in German (‘a matter for management’), more than ever.
The adoption process follows the same procedure as the rushed MDR date of application extension in 2020: the accelerated co-decision procedure, which at the time was formally completed at lightning speed in less than a month. This proposal is far more complicated, so I expect the institutional actors to take a bit more time (also some parliamentarians announced that they are not going to be rushed like the last time). It is possible that there are still amendments to the text.
So pretty please with sugar on top: not legally trained consultants, please don’t say that this proposal is it, that it’s official, that it has been published in the Official Journal (which will not be yet until adoption) – don’t jump your guns, leave law to the lawyers and wait until the legislative procedure has run its course. Only then we will know what the adopted law will be and what rules need to be observed.
There is a consultation about the proposal from 11 to 18 January, which initially and apparently mistaken was put up for the normal consultation period running well into March, which was hastily corrected by the Commission. You can still put in comments to the proposal but don’t expect too much of them actually changing the proposal as the Commission may (or not) pass some of the comments to the Council or Parliament. If you want to influence things, go directly via parliamentarians working on this dossier or the member states in the Council.
At this moment I myself expect the proposal to be adopted and enter into force (foregoing the normal 20 days waiting period after publication in the Official Journal because of the rush) in March, likely the second half of March.
Balancing the MDR and the IVDR grace periods
Interestingly, if the proposal is adopted the IVDR will have a much more lenient and simpler grace period regime than the MDR – is that useful, is it fair? Both have risk class stratified grace periods and came from a single grace period. The IVDR however has almost no conditions for use of the grace period, the MDR has a lot and frankly complex ones.
Will we see similar conditions under the IVDR as under 120 (3d) when the grace periods for the IVDR do not suffice? This may well be the case, because as we’ve seen the MDR and IVDR keep influencing each other in solutions adopted to make the transitional regime work. I would encourage the IVDR manufacturers to make the best possible use of the availability of notified body capacity at the moment to avoid having to deal with a panic fuelled similar regime change for the IVDR in the future.
Can the maker repair what he makes?
As explained above, the proposal leaves a lot of open ends, such as what a substitute device is. Open ends are exactly not what we need at this time, especially because they will require MDCG guidance to explain and MDCG guidance is never fast or on a reliable timetable. Where possible these points should be fixed in the legislative process because otherwise we will be dependent on MDCG guidance for clarification, which will simply take too long.
A thing that worries us lawyers are matters of ex tunc invalidity of certificates or ex nunc invalidity in case of not meeting conditions for extension. This is not a trivial technicality and should be addressed at least in a recital in the proposal.
The good part is that at least some of the (big) notified bodies think that the proposal gives them enough time. This is very positive indeed. The question is whether this is true for all notified bodies, and what member states will do to make sure to enable maximum use of the MDCG 2022-14 position paper measures for the notified bodies and oversee notified bodies’ serious engagement on these points. At this point I see some of the smaller MDR notified bodies in serious disarray at the moment, at the expense of their poor clients who are caught in the middle without proper legal recourse and captive by the mess the notified body is making of things.
The original grace period under article 120 (3) MDR was already difficult to explain to foreign authorities in jurisdictions that attach importance to the CE mark and often misunderstood far and wide, leading to situations where foreign authorities flat out refused to accept anything else than a shiny new MDR certificate because that made sense to them. The new grace period will be even harder to explain to foreign authorities and to member states’ authorities issuing free sales certificates. The Commission and member states must make work of explaining this internationally to avoid creating Confusion Everywhere. The EU medical devices regulatory system has already lost too much of its international reputation, we don’t need this to be exacerbated. Also, it remains to be seen how foreign authorities will deal with the removal of the sell-off period, because these forever legacy devices can be sold on the Union market lawfully, which means they can be covered by a free sales certificate. This means that we will be explaining to foreign authorities how this works for a potentially long time.
Like I’ve said above: crucial to the proposal succeeding is pro-active rollout of MDCG 2022-14 and a functional safety net from MDCG 2022-18. This is completely in the hands of the MDCG and the member states who have the opportunity now more than ever to show that medical devices policy is a serious matter and be as much part of the solution as they can be.
But first: let’s see how the legislative procedure unfolds, and what the proposal looks like when it is adopted.