Medical device manufacturers have high expectations of Regulatory Information Management Systems (RIMS). The costs and efforts involved are immense and usually much higher than expected. The benefits, on the other hand, are not clear.
This article will give you some hints,
A Regulatory Information Management System (RIMS) is a software system that helps pharmaceutical and medical device manufacturers manage regulatory information and comply with regulations. It is a centralized platform that enables the collection, management, and delivery of regulatory data and documents.
Source: Johner Institute
Pharmaceutical and medical device manufacturers expect several advantages from the use of a Regulatory Information Management System:
Development must know from the beginning what is required from a regulatory point of view. Regulatory Affairs must know from the outset what is to be developed in order to help with the regulatory strategy. Otherwise, there is a risk that products will not be launched, will not be launched with the planned "features,” or will not be launched in the planned time.
To achieve these goals just mentioned, RIMS offer numerous functions.
RIMS support the handling of regulatory requirements:
In order to allow the most consistent flow of information possible, regulatory management systems must work together with other information systems.
There are other systems, such as CAD systems and product information management (PIM) systems. The latter manage product information such as instructions for use, markings, and other labeling. These documents are also part of the technical documentation and must therefore be managed by the RIMS.
The RIMS thus form the interface to the internal and external systems, for example, at authorities and notified bodies (see Fig. 1).
Typically, companies use feature lists to compare vendors and select the appropriate product. However, such catalogs of criteria are unsuitable for
--- to find out whether a RIMS is the right system at all,
--- assess whether the RIMS is fit for the future, and
--- assess the likelihood that the implementation will be successful.
Therefore, also read the section "Tips for selecting and implementing a RIMS"!
The first impulse is to check how completely the system offers the functions mentioned in chapter 2.
This completeness concerns the processes such as:
The completeness also concerns the markets and their regulatory requirements. A US system that does not recognize the concept of Notified Bodies is of limited use to a manufacturer who wants to market products in the EU.
The system should also support processes specific to its own products. This is because systems that are agnostic (such as a DMS in extreme cases) cannot check product-specific content automatically. This work is then left to regulatory affairs and quality managers.
A system can only verify that all essential performance characteristics of a product have been considered in the "60601-1 tests" if it knows the concept of essential performance.
A system can only check whether all safety-related use scenarios are present in the risk management file if it has modeled these entities and can access them. This is not the case for systems that only manage PDFs and their metadata.
A RIMS should take a data-driven rather than document-driven approach. This is because the algorithms need this data to achieve the hoped-for benefits:
A RIMS that "only" enables workflow, management, and versioning of documents is not "fit for the future.”
Chapter 3 shows how many systems a RIMS must work with. Therefore, interoperability with these systems is a basic requirement. Otherwise, another data silo is created.
Such data silos do not only mean higher effort. They result in redundancies and, thus, usually inconsistencies. As a result, such systems increase regulatory risks instead of reducing them.
The ideal system is one that supports the process as "end-to-end" as possible, minimizing the number of interfaces and thus the problems with interoperability (see Fig. 3).
A usable product must first serve the achievement of objectives (effectiveness), then the efficiency of this achievement, and only in the third step the satisfaction of the users (see Fig. 2). Users who do not achieve their goals or do not achieve them efficiently will not be satisfied in the long run.
Many (potential) users confuse "sexy design" with usability. A modern-looking user interface (UI) equipped with "fancy" dashboards is no substitute for a UI that allows users to complete their tasks quickly and correctly without unnecessary detours (see Fig. 2).
Therefore, the actual future main users should have worked with the system before making a final purchase decision and should be significantly involved in the decision.
The (other) non-functional requirements include:
Browser-based systems also require connectors to the manufacturer's systems.
The costs are mostly composed of:
Even if a RIMS meets all the checkboxes, it still should not be implemented if the provider does not meet the requirements.
Providers need to have a clear vision of where regulatory systems, medical devices, technologies, and its RIMS are headed.
The provider should have formulated this vision very precisely. It should be congruent with the provider's own vision.
The supplier should clearly outline how long it will continue to consider the submission of technical documentation as (PDF) documents to be timely and at what point it will support document-free submission.
The providers have to manage a balancing act: On the one hand, they should respond to customer wishes as individually as possible. On the other hand, they must ensure the conceptual integrity of their products and represent their economic interests.
Therefore, medical device manufacturers should only select vendors where they are a typical customer. This is because similar customers (other medical device manufacturers) will place similar requirements on the supplier, which the supplier can then meet more easily.
Many RIMS providers have their roots and largest customer base in the pharmaceutical sector. Therefore, the influence of medical device manufacturers on product design is mostly limited - even if claimed otherwise during the evaluation phase.
Regulatory Information Management Systems are complex software applications. Therefore, users and people responsible for installation, configuration, and operation need competent and available support.
It is not enough for support to know how their own product works. They must understand regulatory requirements and be able to explain how they can be met with their system.
Manufacturers should specify,
Rapid technological advancements, particularly in artificial intelligence and hyper-scaling, are having a significant impact on providers:
Subject matter expertise is also necessary to understand the intricacies of ever-changing regulation and map them into algorithms. Because without an algorithm that automates the review of regulatory requirements, RIMS remain limited to specialized document and task management systems.
This will not enable manufacturers to get their products approved in the shortest possible time or even to move into continuous compliance assessment, as will be necessary for software in the future.
A RIMS can solve as many problems as it can create many new problems. Therefore, manufacturers should answer two questions for themselves:
The efficiency and effectiveness of regulatory processes can only be optimized "end-to-end.” Local optimization (e.g., at manufacturers) is of limited help. Therefore, an end-to-end platform is needed (see Fig. 3).
This platform should support all regulatory processes, not just submission. This, in turn, requires that the platform not only integrates the internal systems, but also the external ones (see Fig. 4).
Many RIMS do not support this comprehensive integration. This causes unnecessary interfaces and thus expenses as well as regulatory risks.
RIMS providers want to impress with an extensive list of features. For example, many providers are currently advertising the artificial intelligence of their products and praising this as proof of the future viability of these systems.
However, artificial intelligence should only be used where it meets actual stakeholder requirements that cannot be met at least equivalently by conventional logic.
One RIMS provider advertises that technical documentation could be created faster with AI (especially Large Language Models). Yet document-based, mostly PDF-based, submission is a concept of the last millennium.
It would be more helpful if the system used conventional logic to check the conformance of the contents of this documentation for completeness, consistency, and correctness, and used AI to transform external unstructured data (e.g., clinical literature) into internal structured data.
The vendors' feature lists are mostly aimed at the decision-making level of the manufacturer. That is understandable. But the decision-makers are usually not the people who will later have to use and operate the system.
Include all stakeholders in the selection process. This also includes your own IT, which will have to operate the systems later.
Ask other customers of the provider (reference customers) about their personal experiences. Ask specific questions about the duration of the project, what worked and what didn't during implementation. Talk to the real users and ask how the data gets into the RIMS and what post-processing is necessary to submit the data.
The data is distributed across many systems (see above) and files at the manufacturers. For example, they can be found in ALM systems, in Word and Excel files, in e-mails, and user manuals. And some data is missing altogether.
The introduction of a RIMS does not change this yet. But it does force manufacturers to "clean up" this data:
For this to succeed, manufacturers need
Johner Institute assists manufacturers in this task, which is the mandatory prerequisite for the implementation and success of any RIMS or other system.
Many RIMS vendors expect data migration. Vendors should be aware that data migration - as the name implies - means migrating the data from the previous sources into the RIMS. Such a migration poses dangers:
Therefore, manufacturers should
Only a trial run shows,
A product demo is only enough to narrow down the list of vendors. But not to answer the above questions.
The manufacturer should also plan for trial operation. These include:
Even with a successful trial, big-bang rollouts are not a recommendation. The organizational and technical changes are too extensive for the organization to digest. The overall project can be broken down according to various aspects:
It sounds banal, but nevertheless often comes up short due to time and cost pressures:
Careful planning and communication are critical to ensure that all affected employees understand and accept the implementation of the RIMS. Training and education materials should be provided to familiarize users with the new software.
Every new system attracts the interest of auditors. They ask not only about the competencies and training certificates but also about the revised instructions (SOPs, work instructions, and their approvals) and the validation of the system.
This article on Computer Systems Validation shows how to validate software such as a RIMS and which standards help.
The effort and timing for validation must be included in the project plan.
The likelihood is high that the initial enthusiasm will evaporate when the first bugs and the whole effort for the project become visible.
Therefore, it is useful if internal employees can act as competent evangelists to
According to Standish Group, most IT projects fail to meet goals on time and within budget, or they fail altogether. Therefore, it is part of risk management to plan for this failure:
No manufacturer needs a RIMS. But every manufacturer needs effective and efficient regulatory processes to
Regulatory Information Management Systems (RIMS) can be a solution to this, but they are not always.
A RIMS can even create new problems:
Many RIMS providers "only" want to sell software. However, digital transformation does not succeed through software implementation alone.
In this article on digital transformation, you will learn what needs to be transformed and how this transformation is most likely to succeed.
This digital transformation will only succeed through
In particular, RIMS providers that have a focus on the pharmaceutical environment often do not have this deep expertise that medical device manufacturers need.
The Johner Institute has a precise target picture and helps companies with the digital transformation with consulting and software solutions.
Schedule a free consultation to avoid unnecessary risks when implementing systems and ensure compliance with transparent, streamlined, and automated regulatory processes to bring your own products to market quickly and safely.