The Healthcare Hub

UDI: Lessons Learned on the Journey to Compliance

Tuesday, November 10, 2015

Two years ago, the U.S. Food and Drug Administration (FDA) issued its Unique Device Identification (UDI) final regulations. That’s the rule that requires manufacturers to assign and label their products with UDI-compliant codes and, significantly, to publish data attributes about those products to the Global Unique Device Identification Database (GUDID). The goal: to improve patient safety. The how: by reducing the incidents of injury and death that can result from the misidentification of medical devices. The when: to be fully implemented by September 2018. The reality: the journey is a winding road!

Last month, the healthcare industry crossed another UDI milestone: the deadline requiring all implantable, life-supporting and life-sustaining devices to be labeled with a UDI. This is the second official deadline associated with the UDI rule and it brings the industry close to having more than 50 percent of medical devices with a UDI assigned, incorporated into the product label and published to the GUDID.

What the industry has discovered these past two years while pursuing these milestones is that navigating the complexities of becoming UDI compliant takes diligent planning and preparation, especially if leveraging the rule that improves how manufacturers manage product data and integrate with customers. This is just the beginning of how UDI will transform the industry, both from a regulatory- and patient-focused perspective.

The FDA plans to make UDIs the key to its own master data management for medical devices, while other federal agencies have proposed requiring healthcare providers to capture UDIs for implantables in electronic health records (EHRs). UDI is here to stay, and there’s enormous value to be gained in sharing lessons learned to help realize value from the regulation. So, manufacturers and providers alike need to prioritize their UDI efforts, if they have not done so already.

To mark the healthcare industry’s impressive progress since implementing the UDI rule, here are five best practices and lessons learned from working with healthcare suppliers and providers over the past three years:

  1. Do not underestimate the technical challenges.
    It’s a mistake for an organization to believe the only technical components to complying with the UDI rule are to label products and enter product data into the FDA’s GUDID. Suppliers, third-party service providers and even the FDA have encountered unforeseen technical outages and delays that have impacted compliance efforts. Organizations need to anticipate these technology challenges and create contingency plans to ensure they do not impede compliance requirements. Lesson learned: recognize the impacted systems / databases early!

  2. Have a “single source of truth” for attributes.
    Nearly all suppliers have encountered challenges identifying and capturing the attributes necessary for GUDID submissions. Most suppliers expect that all data attributes will be in their ERP/PIM systems – only to find during compliance initiatives that multiple systems house information about different attributes. Taking a hard look at the organization’s data, ensuring that it’s clean, consistent and consistently updated will help prevent this issue. Lesson learned: the source of truth for attribute data may not be where you think it is.

  3. Think globally.
    Many U.S. based companies with international operations have encountered major compliance delays due to misaligned UDI efforts. Often, the U.S. teams independently initiate compliance projects and then have to pause – or completely start over – once foreign counterparts become involved. There are also other UDI-like regulations being created and implemented in various countries throughout the world. Companies need to educate their overseas operations on the urgency and complexity of UDI compliance, while keeping a close eye on the developing international regulations. Lesson learned: communicate with international entities early!

  4. Ensure proper UDI assignment to products.
    Some suppliers have realized late in their UDI compliance processes that previously assigned identifiers (e.g., GTINs, HIBCCs) are inconsistent with the packaging levels that need to be documented at the point of use. For example, some identifiers are at the sales unit of measure vs. the true point of use. Situations like this present major challenges if unexpected UDI re-assignments and re-labeling changes need to occur. Lesson learned: review all pre-existing product identifiers.

  5. UDI: it’s not just for manufacturers anymore.
    While the UDI rule primarily impacts suppliers, there is a requirement on the horizon that will greatly impact healthcare providers as well. When the final UDI rule was published, the FDA stated it planned to make amendments to some existing regulations to ensure UDI conformity. One of these changes includes Part 803.32, which requires hospitals and other user facilities to include the UDI when reporting adverse events involving serious injury or death. The Centers for Medicare and Medicaid Services (CMS) and the Office of the National Coordinator for Health IT (ONC) have published final rules that will require hospitals to create a list of patients’ implantable devices using UDIs in EHRs, parse the device identifier and production data from the UDI, and link to the GUDID to retrieve device information. Lesson learned: start reviewing associated technology and processes now!
Image Description

Michael Gillespie

Executive Director, North Americas Consulting