Medical Device Compliance & Regulatory Newsletter February 2026

Key Highlights of TR 007:2026(E)

1. Scope and Definitions

• SiMD: Software integrated into medical device hardware (e.g., ECG or glucose meter software).
• SaMD: Standalone software with medical functions, independent of hardware (e.g., diagnostic imaging apps).
• Cybersecurity: Focuses on maintaining confidentiality, integrity, and availability of information and systems.

2. Classification

• Software medical devices are classified as active devices under MDACS.
• SiMD: Generally registered with its hardware unless independently justified.
• SaMD: Independently registered and classified by risk using TR 003 and TR 006.

3. Documentation Requirements

• Quality Management System (ISO 13485 or equivalent).
• Safety and Performance Principles (TR 004).
• Labeling requirements (including electronic labels for SaMD).
• Risk management (ISO 14971).
• Clinical evaluation (ISO 14155).
• Recognized marketing approvals under MDACS.

4. Software-Specific Standards

• Verification & Validation: Ensures safety and performance.
• Versioning & Traceability: Clear software version identification for post-market surveillance.
• Cybersecurity Management: Lifecycle risk identification and mitigation implemented to address cybersecurity threats throughout the product lifecycle, supported by secure system architecture and robust security controls. These measures align with recognized international standards, including ISO/IEC 27001 and ISO/IEC 27032.

5. Post-Market Management

• Cybersecurity incidents and adverse events must be reported by the Local Responsible Person (LRP) under Guidance Notes GN 03.
• Change management procedures (GN 10) apply to software updates affecting safety and performance.

Industry Implications

• Cybersecurity Requirements: Manufacturers must integrate cybersecurity from design to post-market stages.
• Lifecycle Oversight: Compliance evaluated across the Total Product Life Cycle (TPLC).
• Global Alignment: Adoption of international standards enables multi-market compliance.

Conclusion

Hong Kong’s TR 007:2026(E) emphasizes that software itself can be a medical device, and cybersecurity is vital for patient safety. By establishing clear guidelines for SiMD, SaMD, and cybersecurity, MDACS positions Hong Kong as a leader in digital health regulation.

To read more visit: https://lnkd.in/gGwpbpcB

Importance of the Update

Previously, South Korea's GMP framework was localized, requiring separate adaptation from international systems. The 2026 update harmonizes requirements, reduces duplication, and introduces specialized standards for digital health, AI-driven devices, and in vitro diagnostics.

Key Highlights

The updated framework includes four distinct GMP standards:

Part 1: Enforcement Rule of the Medical Devices Act (Effective Oct 31, 2025)

• Details procedures and requirements mandated by the Medical Devices Act.
• Devices classified into Classes I–IV based on risk, with specific application procedures.
• Includes Quality Manager duties, technical documentation review, and training requirements.
• Outlines surveillance, change management, and renewal processes.
• Compliance rules for manufacturers and other parties, including the Unique Device Identification (UDI) system.

Part 2: Standards of Good Manufacturing Practice for Medical Devices (Effective Dec 9, 2025)

• Certifies manufacturing site compliance with GMP using a risk-based approach.
• Mandates a documented QMS covering design, risk management, and traceability.
• Establishes standards for third-party audit organizations conducting GMP assessments.

Part 3: Standards of Good Manufacturing Practice for In Vitro Diagnostic Medical Devices (Effective Aug 12, 2025)

• Applies to IVD manufacturers and importers, covering clinical performance studies and commercial sales.
• Defines IVD-specific product groups and tailored assessment criteria focusing on reagent stability and performance evaluation.

Part 4: Standards of Good Manufacturing Practice for Digital Medical Devices (Effective Apr 21, 2025)

• Separates digital devices into standalone software, embedded software, and medical device hardware.
• Conformity assessments based on device composition and product group.
• Includes AI control measures, governance structures, and ongoing AI model monitoring (Annex 4).
• Allows remote inspections and alternative assessments using existing GMP certificates.

Manufacturer Action Points

Manufacturers should:

• Conduct a gap analysis against the new GMP standards.
• Update supplier qualification and monitoring procedures.
• Integrate cybersecurity and AI validation into the QMS.
• Train staff on MFDS-specific clarifications and inspection readiness.

Conclusion

This 2026 update highlights South Korea's commitment to a robust and modern regulatory framework. It strengthens foundational requirements for all medical devices while introducing dedicated and detailed provisions for rapidly advancing fields such as in vitro diagnostics and AI-powered digital medical devices.

To read more visit: https://lnkd.in/dttUb6V6

This document marks a crucial step toward achieving consistent, precise, and globally harmonized reporting of adverse events for medical devices.

Importance

Adverse event reporting is crucial for post-market surveillance. Without standardized terminology, regulators and manufacturers may struggle to detect signals, validate risks, and respond quickly to protect public health. IMDRF’s harmonized coding system builds on previous GHTF work and offers a structured, universally applicable framework.

“Widespread use of a single, appropriate adverse event terminology and coding system is expected to improve signal detection and validation by adverse event management systems, enabling a faster response by both industry and regulatory authorities for public health safety.” (IMDRF/AET WG/N86 FINAL:2026)

Coding Framework

The IMDRF terminology is divided into seven groups across four code sets:

These codes collectively provide a complete picture of the event — from device malfunction to patient impact, and the manufacturer’s root cause analysis.

Key Coding Principles

• Select the most detailed term available (e.g., “False Positive Result” instead of “Incorrect Result”).
• Include at least one code from each group in every report, even with limited information (using “Insufficient Information” codes where necessary).
• Update codes as investigations progress, ensuring reports evolve with new findings.
• Establish internal quality assurance procedures to ensure consistent coding practices.

The Bigger Picture

By aligning terminology across jurisdictions, IMDRF enables:

• Faster detection of global safety signals.
• Easier aggregation of data across manufacturers and regulators.
• Improved transparency for healthcare providers and patients.

This guidance is not just technical — it is strategic and compliance-driven. It empowers regulators and industry stakeholders to communicate effectively when patient safety is at stake.

On February 8, 2026, the Egyptian Drug Authority (EDA) released a draft guideline (EDREX.GL.Bioinn.004, Version 5/2026) for public consultation. This document outlines the structure and content requirements for the registration and re-registration of biological products, aligning Egypt's regulatory practices with international standards such as the ICH Common Technical Document (CTD).

Key Highlights

Scope & Definitions

• Applicable to biological products produced locally or imported.
• Defines biosimilars, reference products, and pharmacovigilance requirements.
• Clarifies the role of the Certificate of Pharmaceutical Product (CPP) and reference countries.

Documentation Requirements

• Module 1: Administrative and regulatory information for new and re-registration dossiers.
• Annexes I and II documentation requirements for each pathway.

Packaging

• Requires outer and inner labeling texts and package leaflets.
• Labels must include trade name, active ingredients, dosage form, inactive ingredients, route of administration, manufacturer/importer details, batch number, expiry date, storage conditions, barcode (per Decree 29/2016), and product license number.
• Encourages multilingual labeling (Arabic and English).
• Requires color differentiation for different concentrations to reduce medication errors.

Labelling

• Avoids poor design that obscures critical safety information.
• Prevents look-alike packaging across strengths or products.
• Ensures legibility through adequate font size, color contrast, and white space.
• Prohibits dangerous abbreviations (e.g., µg vs. mg, IU vs. IV).
• Encourages distinct carton designs and color coding for clarity.

Patient Information Leaflet (PIL)

• Requires separate PILs for different strengths or dosage forms unless justified.
• Must follow a clear structure:
  • What the product is and its use.
  • Precautions before use.
  • How to use the product.
  • Possible side effects.
  • Storage instructions.
  • Pack contents and other information.
• Language must be patient-friendly, avoiding technical jargon.

Summary of Product Characteristics (SmPC)

The SmPC must align with regulatory requirements and provide comprehensive scientific information supporting safe and effective product use.

Industry Impact

• Aligns with the ICH CTD structure for global harmonization.
• Strengthens patient safety through improved labeling and PIL requirements.
• Enhances risk management by minimizing medication errors.
• Offers predictability and transparency for Marketing Authorization Holders (MAHs) preparing dossiers.

Conclusion

The EDA’s draft guideline for biological product registration and re-registration highlights Egypt’s commitment to international alignment, patient safety, and regulatory strengthening. Public consultation is now open, allowing stakeholders to contribute to the final version before adoption.

The Central Drugs Standard Control Organization (CDSCO) has issued a Draft Guidance Document in January 2026 for the import of In Vitro Diagnostic (IVD) medical devices into India. This document, now open for public feedback, aims to simplify the licensing process, clarify regulations, and ensure adherence to the Medical Devices Rules, 2017 (MDR 2017).

Purpose of the Guidance

The draft outlines a step by step process for importers to submit product licence applications via the CDSCO online portal and the National Single Window System (NSWS).

Key Highlights

1. Licensing Authority

The Central Licensing Authority (CLA) under CDSCO will issue import licences for all IVD classes (Class A–D).

2. Classification of IVDs

Devices are categorized by risk:

• Class A – Low risk
• Class B – Low moderate risk
• Class C – Moderate high risk
• Class D – High risk

3. Types of Import Applications

• Test Licence (MD 16/MD 17): For limited imports used in testing, evaluation, and training.
• Fresh Licence (MD 14/MD 15): Initial import approval.
• Endorsement: Adding new products to an existing licence.
• Retention: Renewal of existing licences.
• Subsequent Importer: Import by an agent for already licensed products.

4. Regulatory Pathways

Defined pathways for test licences, clinical evaluations, fresh imports, endorsements, and renewals.
Integration with NSWS portal for test licences and CDSCO online portal for commercial imports.

5. Checklist and documents

Detailed checklists for MD 16 (test licence) and MD 14 (import licence) applications. Required documents include:

• Cover letter, legal forms, and undertakings.
• Power of Attorney (authenticated/apostilled).
• Free Sale Certificates (FSC) from origin or reference countries (US, EU, Japan, Canada, Australia).
• ISO 13485 QMS certificates.
• Device Master File (DMF) and Plant Master File (PMF).
• Performance Evaluation Reports, stability studies, batch test reports, labels, IFUs.

6. Stakeholder Roles

• Foreign Manufacturer must ensure product quality, safety, and provides regulatory documents.
• Authorized Indian Agent will act as legal representative, submits applications, ensures compliance, and links between the manufacturer and CDSCO.

7. Timelines & Non Compliance

• Guidance specifies expected timelines for licence processing.
• It lists non compliances to help importers avoid delays.

Conclusion

This draft guidance represents a significant move toward clarity, efficiency, and harmonization in regulating IVD imports in India. Stakeholders are advised to review the draft and submit comments within the 15 day.