CLIA Vs. QSR: What You Don't Know Can Hurt You
This two-part series discusses the ramifications of the U.S. Food and Drug Administration’s (FDA) increased interest in laboratory developed tests (LDTs) in CLIA-certified laboratories. Until recently, CLIA-certified labs and the tests that they develop/offer remained largely untouched, though not unnoticed, by the FDA. But, draft guidance issued by FDA last October reaffirms the agency’s interest in these tests and its awareness of this segment of the industry.
By Paula Gray and Sharon Kvistad, Navigant Consulting
Many industries, from automotive manufacturers to IT developers, suggest or even require implementation of a quality management system (QMS) to ensure that products are manufactured to a high quality standard. For medical devices, a QMS ensures that products are high quality, perform as intended, and are safe for their intended use.
To ensure a similar standard for laboratory testing, Congress passed the Clinical Laboratory Improvement Amendments (CLIA) in 1988, establishing quality standards to ensure the accuracy, reliability, and timeliness of patient test results, regardless of where the test was performed. Lab testing regulations continued to emerge and, in February 1992, the Department of Health and Human Services (HHS) published laboratory standards regulations (57 FR 7002) implementing the Clinical Laboratory Improvement Amendments of 1988 (CLIA) (42 U.S.C. 263a). The Centers for Disease Control and Prevention (CDC) and the Centers for Medicare & Medicaid Services (CMS) published final CLIA regulations that became effective April 24, 2003.
The CLIA regulations promulgated quality standards based on test complexity and established quality requirements for laboratories, similar to the quality system requirements established by FDA for device manufacturers. The more complex the test systems, the more stringent the applicable standards, with tests being categorized as “waived,” “moderate,” or “high” complexity.
Since CLIA was established, clinical laboratories have developed tests in accordance with their own procedures, referred to as laboratory developed tests (LDTs). These LDTs typically are used by hospitals, academia, and clinical laboratories in response to unmet internal needs, and they are commonly used for early and precise diagnosis, monitoring, and guidance of patient treatment.
Innovation Muddies The Regulatory Waters
The beginning of the 21st century has seen an explosion of innovation in the personalized medicine movement, lending to the development of LDTs that work to identify or disqualify the use of specific drug products. These drug-specific LDTs are generally referred to as companion diagnostics (or CDx), in reference to their specific association to one drug. But, with the evolution of companion diagnostics has come increased regulatory scrutiny by the FDA.
Although few CDx devices have been developed and/or approved by the FDA, it is clear that the agency expects manufacturers of such CDx, even if they fall in the LDT bucket, to control such products under the guiding regulations for medical devices and/or drug products. Many laboratories that already have achieved CLIA-level compliance with their existing QMS may assume that their system is sufficient to comply with the FDA’s QMS regulations, as well, but they could be mistaken.
While a typical CLIA laboratory QMS builds a foundation that looks like the medical device industry’s quality system regulation (QSR), such CLIA QMS fall short of the FDA requirement in many ways. Furthermore, recent approval of CDx-type products indicates that the expectation for laboratories is to implement a QMS that fully complies with the medical device QSR.
Here, we will examine how these sets of QMS requirements are similar, yet distinctly different.
All Quality Management Systems Are Not Constructed The Same
In general, a QMS is a hierarchical series of responsibilities proceduralized to ensure processes and/or manufacturing are carried out in a consistent manner. This includes documentation of roles and responsibilities within the organization, how QMS processes are monitored and subsequently improved, and assurances that unacceptable products or outputs are identified, evaluated, and appropriately dispositioned. The key difference between a CLIA-compliant QMS and an FDA-compliant QMS lies in the specifics of the requirements.
Within the current version of CLIA (42 CFR 493), subpart K sets laboratory QMS expectations for any tests that are non-waived (i.e., either moderate or high complexity). These regulations focus on appropriate qualification of personnel, as well as the generation and control of patient results before, during, and after test generation — including control over the systems used to generate such patient results. For example, subpart K details appropriate corrective actions when the laboratory’s testing processes do not perform as expected, or when patient results are outside the anticipated values during analytical testing. Subpart K’s main focus, however, is on the end product: Identification and control of handling patient specimens, testing of such specimens, and final results reporting related to specific patient specimens.
On the other hand, the medical device QSR (21 CFR 820) focuses on how the device is designed, developed, manufactured, and distributed for use — including controls and actions taken when the device is deemed questionable or unsuitable for use. The QSR QMS’ focus is on not only on how the finished medical device performs, but also on how all of the processes perform — and that no unintended sequelae are experienced by the end user or recipient of the device. The QSR includes requirements for personnel, continuous improvement of the product and processes, and monitoring of the QMS at various stages to ensure proper control and function, as well as requirements for the device development processes, expectations for manufacturing controls, and how product/process nonconformances are identified, evaluated, and dispositioned.
The difference between CLIA and the QSR is that the QSR focuses on the results of the product and the processes within the QMS, not just on the product itself.
The differences in these system requirements stem from both the agencies that regulate them and the products/processes being regulated. CLIA regulations are put in place by the Centers for Medicare and Medicaid Services (CMS), while medical device QSRs are established by the FDA’s Centers for Devices and Radiological Health (CDRH). While both centers’ primary focus is patient safety (and, in many cases, the safety of product or test system users), the medical device QMS under CDRH regulations focuses on the product’s ability to function as intended. Efficacy can be proven through consistent performance each time a device is used or, if it is a single-use, disposable medical device, through each device performing the same as the last.
Why Your LDT Can Be Subject To Medical Device Regulation
When a CLIA laboratory takes an LDT and aligns its technology with a specific drug product/biologic or use of a medical device, it can change the regulatory classification of the product. While LDTs typically fall under what is referred to as “enforcement discretion” under CDRH regulations, recent promulgation of 21 CFR Part 4 on combination products specifically identifies LDTs aligned with a drug product, biologic, or medical device as CDx. This removes the LDT from enforcement discretion and places it under the pervue of FDA’s regulations.
Most typically, LDTs used with a drug/biologic/medical device are regulated as a type of medical device known as an in vitro diagnostic, or IVD. Such medical devices, as clarified in the FDA draft guidance “Framework for Regulatory Oversight of Laboratory Developed Tests (LDTs),” are expected to comply with the QSR QMS model. Laboratories originally thought this might consist of an abbreviated system aligning with most laboratory CLIA certifications, but recent experience by CLIA labs shows that such presumptions were incorrect. The guidance document describes a risk-based framework for addressing oversight of LDTs. Additionally, the guidance provides insight to those labs about how the FDA intends to apply enforcement relative to them as medical device manufacturers. While the guidance is not an all-inclusive, prescriptive structure, it does provide a good frame of reference from which to start.Again, because the focus of the quality systems is different, the CLIA QMS only covers a small portion of the activities that a lab will perform when developing and “manufacturing” an LDT for use as a CDx or IVD. Thus, CLIA focuses on the processes associated with how patient results are generated, versus the QSR, which focuses on the processes for design and manufacture of the test (i.e., the medical device).
The caveat here for CLIA labs lies in the fact that they are now held accountable for the work performed to “make” the LDT before it is used to test patient samples. For example, the manufacturing process for an LDT would include the collection of reagents and the assembly of materials used during the testing process — such as the creation of an enzyme-linked immunosorbent assay (ELISA) gel to run and read results.
The QSR intent of validation also has been confusing to CLIA laboratories, as many times the act of “validating” the laboratory test is closely aligned — or even performed — within the same process of running the laboratory test and generating the patient’s results. In these cases, the act of generating patient results immediately consumes what was manufactured, leaving nothing to “validate.”
However, in the FDA’s eyes, the process of developing reagents, assays, or control of equipment used to perform the tests on patients’ specimens constitutes “manufacturing” activities and, as such, must have documented procedures and processes. The tests must be designed, developed, and controlled to function in a predictable way, including actions taken when the processes do not perform as predicted.
Read part two, how to work with the FDA to establish a compliant QMS system, here.
About The Authors
Paula Gray is a senior consultant with Navigant with over 15 years of experience in regulatory compliance, quality systems, and auditing (internal and supplier) in the medical device and diagnostics spaces. She can be reached at 317-288-8725 or at paula.gray@navigant.com.
Sharon Kvistad is an associate director in Navigant's Healthcare and Life Sciences Disputes, Regulatory, Compliance, and Investigations practice, focusing on FDA regulatory matters. Kvistad has over 30 years of experience in U.S. and global regulatory affairs as they relate to medical devices, with domestic submission preparation experience including IDE, PMA, PMA/S, HUD/HDE, and 510(k). She can be reached at 317-228-8715 or at sharon.kvistad@navigant.com.