Euro Roundup: MedTech Europe pushes for MDR, IVDR as ‘primary avenue’ for cybersecurity rules

Sector regulations, specifically the Medical Devices Regulation (MDR) and In Vitro Diagnostic Regulation (IVDR), should “remain the primary avenue to providing state of the art cybersecurity of digital medical technologies and services and the safety and security of patients and users,” according to a position paper published 23 May by MedTech Europe, a trade group representing medical device and diagnostic companies.

As the group sees the situation, MDR and IVDR “lay out comprehensive, essential requirements for digital medical technologies and services” and “wholly account for cybersecurity throughout a medical device’s lifecycle.” MedTech Europe also pointed to a Medical Device Coordination Group text on cybersecurity, noting that it provides the “necessary guidance” on complying with MDR, IVDR, the Network and Information Security Directive (NIS1) and the General Data Protection Regulation.
Earlier this year, the EU adopted a revised directive on measures for a high common level of cybersecurity, NIS2, marking the start of a 21-month countdown to the deadline for member states to incorporate the provisions into their national law. MedTech Europe welcomed NIS2 in its position paper.

“These provisions provide a basis for medical device manufacturers to comprehend and implement the range of cybersecurity and data protection requirements across the entirety of a medical device’s lifecycle. As such, the framework helps to ensure cybersecurity of a medical device from their inception, design and development to the end of life and decommissioning of the device,” the trade group wrote.

MedTech Europe voiced its support for NIS2 as part of a discussion about ransomware. The trade group said it “welcomes legislative interventions aimed at reinforcing existing cybersecurity responsibilities and curbing tactics employed by potential cyber-attackers and cyber-criminals” but made the case that the law “should be combined with tangible investments in organizations’ security postures, resilience of digital tools and processes, and the investment in people and the skills necessary to deliver on such legislation.” MedTech Europe supports a public-private partnership approach to cybersecurity skills.

Press Release, Position Paper

MHRA tells hospitals to remove Philips ventilators from use over electrical faults

The UK Medicines and Healthcare products Regulatory Agency (MHRA) has told hospitals to permanently remove Philips’ V60 and V60 Plus ventilators from service because of a risk of shutdown that can lead to the complete loss of ventilation.

Philips’ V60 mechanical ventilation devices were the subject of Class I recalls by the US Food and Drug Administration in August 2021 and March and April last year. MHRA issued its notice about the problems described in the April recall alert, which was triggered by the discovery that an internal power fluctuation may cause the ventilator to shut down unintentionally without sounding an alarm.

Last year, Philips proposed replacing a printed circuit board within the device to address the loss of alarm function. The latest MHRA alert states Philips’ action “will not address the potential for loss of ventilator function for which there is no permanent solution.”

MHRA assessed the risk as part of an in-depth review, which considered “additional safety evidence and recent regulatory issues in consultation with several external stakeholders.” The review led the UK regulatory agency to conclude that “the benefits of these devices no longer outweigh the potential risks.”

The benefit-risk profile contributed to MHRA’s decision to tell hospitals to retire all V60 ventilators by the end of September. MHRA also cited the “further significant risk” created by Philips’ decision to move the ventilators into their “end-of-life” phase as a factor in its action.

“The limited supply of replacement components could mean that users are suddenly unable to safely maintain these ventilators,” MHRA wrote. “Additionally, Phillips has canceled its contract with the notified body for these devices as part of the ‘end-of-life’ process. Therefore, any supplementary changes required to address safety concerns will not have been assessed by a notified body.”

MHRA Notice

EFPIA calls for updates to access and reimbursement policies to improve diabetes treatments

EFPIA is calling for European countries to update their diabetes drug access and reimbursement policies to support early therapy intensification and align their policies with current international guidelines.

The pharma trade group pushed for change in conjunction with the publication of a report outlining policy barriers that lead to suboptimal patient outcomes. The analysis, developed in conjunction with PwC, identified barriers such as reimbursement delays, restrictions, and bureaucratic pathways.

“Evidence shows that in some EU countries less than 10% of medical professionals initiate [people with diabetes] on insulin at the recommended time. That leads to worsening health outcomes and rising healthcare costs,” EFPIA wrote. “More can be done to improve outcomes and contribute to health systems and societal resilience and sustainability.”

EFPIA identified updates to access and reimbursement policies as one way to bring down barriers. The trade group also wants member states to review and optimize any complex processes that may impair doctors’ ability to prescribe the best therapy, regularly assess guideline updates and review the eligibility criteria for non-insulin antidiabetics.

EFPIA Notice, Joint Report

MHRA takes over COVID test approval filings from UK Health Security Agency

MHRA has managed the COVID-19 diagnostic application process, replacing the UK Health Security Agency (UKHSA) as the designated regulatory body.

Set up in April 2021, UKHSA is responsible for public health protection and infectious disease capability in England, activities that Public Health England previously handled. Before this week, developers of COVID-19 diagnostics that wanted to sell their products on the UK market submitted a Coronavirus Test Device Approval (CTDA) application to UKHSA.

Responsibility for processing CTDA filings transferred to MHRA on 24 May, continuing the transition from emergency to the routine handling of COVID-19 activities in the UK and other countries in recent months. Applications submitted up to 21 May will stay with the UKHSA team. MHRA will handle applications sent on or after 24 May, and any questions should be addressed to its team.

MHRA Notice

EMA starts review of hydroxyprogesterone amid concerns about cancer risk, lack of efficacy

The European Medicines Agency (EMA) has started a review of hydroxyprogesterone medicines. EMA’s Pharmacovigilance Risk Assessment Committee (PRAC) began the review in light of two studies that raise doubts about the safety and effectiveness of therapies that contain the hormone.

Hydroxyprogesterone is used in the EU to prevent pregnancy loss or premature birth. It is also used in some countries to treat gynecological disorders. Responding to recent studies, the French medicines agency asked PRAC to review the risks and benefits of the medicines and recommend whether their marketing authorizations should be maintained, varied, suspended or withdrawn.

One of the studies analyzed data on more than 18,000 mothers and children who received prenatal care from 1959 to 1966. Through 2019, 1,008 of the offspring were diagnosed with cancer. Exposure to hydroxyprogesterone in the first trimester was associated with an increased cancer risk.

EMA Notice

Euro Roundup: MedTech Europe pushes for MDR, IVDR as ‘primary avenue’ for cybersecurity rules

Related topics

Recommended content

Welcome to the new RAPS Digital Experience