NMPA Center for Food and Drug Inspection released the “Key Points for the Inspection of Real-World Studies on Medical Devices (Draft)” for feedback on December 27, 2024. Feedback needs to be submitted by January 10, 2025. It comes as that the use of real-world data and evidence to support the market approval of medical devices has significantly increased in China, and conducting real-world studies has become a critical approach for medical device registration and evaluation.
The guideline applies to on-site inspections of retrospective real-world studies conducted by the NMPA Center for Food and Drug Inspection, as part of medical device registration applications. For on-site inspections of prospective real-world studies, please refer to Key Points and Judgment Principles for Medical Device Clinical Trial Inspections.
For our recorded webinar on Hainan RWD program, please click HERE
For the “Guideline on Medical Device Real-world Study Design and Statistical Analysis”, click HERE
For the RWD application in Greater Bay Area, please click HERE
Inspection Focus Areas
The guideline aims to ensure the integrity, accuracy, and traceability of real-world studies while upholding strict compliance with regulatory requirements:
Data Compliance
- Research protocols, including data sources, collection methods, and usage approaches, must be approved by an ethics committee.
- Systems for data privacy protection, along with standard operating procedures (SOPs), should be established. All involved personnel must adhere strictly to these standards.
- Sensitive personal information must be anonymized to prevent re-identification.
- If real-world data (RWD) is owned or controlled by entities other than the sponsor, agreements must ensure regulatory access to original records.
- For studies using multiple data sources, appropriate measures must be pre-defined in the protocol to ensure accurate individual data matching and reliable study results.
Data Security
- Establish systems for data security management, risk assessment, and emergency response procedures.
- Implement security measures and validation for electronic systems, networks, and cloud platforms used to handle RWD.
- Electronic systems must support audit trails, security management, access control, and data backup, with validated functionalities including electronic signatures.
- Authorization controls must be in place for login, use, and data modifications, with unique access permissions assigned to individuals.
- Ensure secure data handling across collection, extraction, transmission, storage, exchange, and destruction processes. Generate audit trails with relevant details like authorization information and timestamps, stored securely with controlled access.
Data Governance
1. Data Governance Plan
- A data governance plan must be formulated and approved by the ethics committee before initiating the study. Adjustments to the plan require re-approval.
- The governance process must align with the plan, ensuring reproducibility and traceability of key variables.
2. Data Extraction
- Data extraction methods should be validated to ensure alignment with study protocols.
- Extracted data must meet inclusion/exclusion criteria and maintain consistency with source data, managed using timestamps.
3. Data Cleaning
- Cleaning methods must be validated, addressing issues like extreme values, missing data, and logical inconsistencies. Modifications must be justified, signed off by responsible parties, and documented.
4. Data Transformation
- Data transformation must be validated, ensuring accuracy and traceability. Derived variables require explicit documentation of calculations and timestamps.
5. Data Transmission and Storage
- Data transmission must follow protocol-specified timelines and be subject to audit plans and SOPs.
- Ensure secure data storage, including backups in remote, off-site, or offline environments.
Quality Management and Control
- Establish a comprehensive quality management system covering the entire lifecycle of RWD.
- Personnel involved in data collection, governance, and analysis should receive adequate training, with their roles and permissions clearly defined.
- Implement risk management processes across all stages from data collection to submission.
- Maintain standardized information and document management practices to ensure transparency and accuracy.
- Develop both system-based and manual quality control plans, focusing on comprehensive checks of key variables and source document verification.
Data Traceability
- Ensure alignment between database entries (e.g., patient demographics, diagnoses, treatments) and source data from hospital systems or patient records.
- Laboratory, imaging, and other diagnostic data should match the original records from hospital or electronic databases.
- Adverse events and device defects should be traceable to their source.
- Efficacy and safety data must trace back to the evaluator, evaluation time, and original results.
- Participant-reported outcomes should link back to original signed records, such as diaries or self-assessment reports.