Remote Regulatory Assessments for FDA-Regulated Products and Establishments (DRAFT)
This guidance outlines FDA's approach to conducting Remote Regulatory Assessments (RRAs) for FDA-regulated products and establishments. RRAs are remote examinations to evaluate compliance with FDA requirements, conducted either mandatorily under specific legal authorities or voluntarily. The guidance covers the fundamentals, expectations, records/information requirements, and completion process for RRAs.
This is a draft guidance. Not for implementation.
Recommended Actions
- Establish internal procedures for responding to RRA requests (both mandatory and voluntary)
- Ensure technological capabilities are in place to support remote assessments including:
- Video streaming capabilities
- Secure file sharing systems
- Screen sharing capabilities
- Adequate internet connectivity
- Prepare documentation systems to enable quick response to records requests:
- Implement searchable electronic documentation when possible
- Establish process for scanning paper records
- Maintain translation capabilities if needed
- Train relevant personnel on:
- RRA response procedures
- Technology tools used for remote assessments
- Documentation requirements
- Communication protocols with FDA during RRAs
- Establish process for:
- Reviewing RRA observations
- Developing responses within 15-day timeframe
- Implementing and documenting corrective actions
- Create contingency plans for:
- Technology failures during remote assessments
- Handling confidential information
- Managing resource constraints during RRAs
Key Considerations
Clinical testing
- Records or data related to the reporting or conduct of FDA-regulated research may be requested for establishments subject to BIMO inspection
Software
- Electronic systems may be reviewed through screen sharing and livestream/video
- Read-only access to electronic databases may be requested
- Establishments should identify any limitations on external access and ensure encrypted/password-protected files can be accessed by FDA
Cybersecurity
- Quality of remote connection should be adequate for FDA review
- FDA will provide secure means to send requested records
- Technologies should have appropriate security and privacy controls
Other considerations
- Records should be submitted in electronic format when possible
- Paper records should be scanned as searchable PDFs when possible
- Records may need to be provided in English or with English translation
- FDA may request records within reasonable timeframes based on establishment size, complexity of records, and urgency
- Establishments should respond to observations within 15 U.S. business days
- RRAs do not replace FDA inspections but can complement them
Relevant Guidances
- Content of Premarket Submissions for Device Software Functions
- Cybersecurity in Medical Devices: Design, Implementation, and Premarket Submissions
- Off-The-Shelf Software in Medical Devices: Documentation Requirements for Premarket Submissions
- Electronic Records and Electronic Signatures - Scope and Application
Original guidance
- Remote Regulatory Assessments for FDA-Regulated Products and Establishments
- HTML / PDF
- Issue date: 2024-02-02
- Last changed date: 2024-11-05
- Status: DRAFT
- Official FDA topics: Tobacco, Inspection, Medical Devices, Food & Beverages, Dietary Supplements, Investigation & Enforcement, Regulation, Electronic Submissions, Drugs, Import, Animal & Veterinary, Compliance, Biologics, Records, Cosmetics, Administration
- ReguVirta summary file ID: e7b0e5c924ac353b676f53364d7d3200
This post is licensed under CC BY 4.0 by the author.