The latest Platomics seminar on December 3: Proaktives Risikomanagement (in German) Register here
Who’s who in the IVDR?
What labs need to know about the roles of the EU, national competent authorities, accreditation bodies and MDCG
Big news last week was agreement in the EU on the cornerstones of an AI Act. While not the first such proposed legislation in the world, it is by far the most comprehensive yet.
When the AI Act is finally passed, it will likely have implications for some labs using AI in their diagnostics—more on this another time. Until then, the take-home message here is that the EU goes further than most in protecting its citizens, whether it’s the GDPR, IVDR or the recent Digital Services Act.
Today we’ll take a look at the various institutional roles relevant to the IVDR that labs should understand in order to stay on top of things.
IVDD vs IVDR
Before the In Vitro Diagnostic Regulation, there was the In Vitro Diagnostic Directive. But what is the difference between an EU regulation and an EU directive?
An EU directive such as the old IVDD requires all member states to achieve a certain minimum result, but leaves it up to the national authorities regarding how to achieve it by creating corresponding national laws.
An EU regulation such as the IVDR, on the other hand, is a legal act that applies automatically and uniformly to all EU countries as soon as it enters into force, without needing to be transposed into national law.
National competetent authorities
EU regulations are binding in their entirety in all EU member states and it is the role of the national competent authorities—or NCAs –—to ensure they are correctly applied and enforced.
Under a regulation, national laws may in some instances supplement the regulations with additional requirements but not contradict them. For example, the NCAs will uphold national language requirements for IVDR documentation, or for example a national requirement to attain ISO 15189 accreditation (i.e. a higher bar than the IVDR, which says they must only follow this standard).
Additionally, the NCAs are responsible for carrying out audits and defining penalties for clinical labs, as well as keeping an eye on clinical use data that labs must soon start collecting on their in-house tests.
In most countries one body serves as NCA. Germany is the exception, where each of its federal states has its own competent authority. In Austria BASG takes on this role, and Switzerland—which is not an EU member but created legislation modelled closely on IVDR—has the equivalent in its Swissmedic.
If you are unsure which organization serves as your national competent authority, try the Strategy Wizard on our website Resources page to find out.
Accreditation bodies
When it comes to the IVDR lab requirement to follow ISO 15189, labs should consider that since they will in any case need to document that they understand and follow this standard, it may be well worth their time to receive accreditation. It is yet unclear if some NCAs will begin requiring this.
Each EU country has one accreditation body that has the authority to confirm that a given organization—your lab, for example—has the knowledge, competence and a corresponding QMS to execute their work at a high quality level.
Labs do not require a yearly certification process such as that required of IVD manufacturers. Accreditation is done once and then periodically monitored by the national accreditation body. In Germany the DAkkS (Deutsche Akkreditierungsstelle) is responsible, in Austria it is Akkreditierung Österreich, and in Switzerland the SAS (Swiss Accreditation Service).
Medical Device Coordination Group
In the context of the IVDR, the EU established the Medical Device Coordination Group to advise and offer guidance in all matters related to implementation and possible further amendment. The MDCG offers opinions and recommendations in particular on how to apply the General Safety and Performance Requirements, including vigilance.
While the MDCG mostly addresses manufacturers and notified bodies, labs may want to have a look at MDCG 2023-1 which deals with issues particular to lab compliance.
Putting it all together
The division of roles between the EU, MDCG, NCAs and national accreditation bodies is designed to ensure a balance between centralized regulation and local implementation. These entities also play a role in the other major aspect of IVDR—keeping an eye on IVD manufacturers, their products, and the notified bodies that certify them.
But what all this means for labs is that you need to ensure not only compliance with IVDR but also with any additional requirements established by your national competent authority. Your NCA will monitor fulfillment of the combined requirements and also perform future clinical use surveillance on your in-house tests.
And if you go the route of ISO 15189 accreditation, the accreditation body will actively check your compliance to this and other standards. For example, if your QMS is certified to a management standard such as 9001, they will also be coming by. In other words: get used to having them around.
Maybe think of it like this: Similar to that pleasant but somewhat homely aunt who visits occasionally, when they stop by be sure to serve them their favorite cake. The good news is, they will not care if it tastes good as long as you followed the right recipe.
*Disclaimer: We have compiled the above information to the best of our knowledge, yet our blog entries do not constitute expert advice and cannot substitute your own examination of the legal situation applicable to you and your organization.