New Approach for Health Canada

new approach for Health Canada for medical device approvals

Health Canada has recently provided a new approach for device approval as outlined in their “Action Plan on Medical Devices: Continuously Improving Safety, Effectiveness and Quality.” Canada classifies medical devices based on their potential risk, with Class I devices being lowest-risk and Class IV devices presenting the highest risk. The collaborative new approach aims to improve the safety and effectiveness of medical devices (beyond Canada’s already stringent requirements) via a three-part strategy described below.

1. Improve how devices get on the market
With this new approach, Health Canada aims to increase medical research, thereby increasing patient protection, beginning in early 2019. The document mentions investigational testing of medical devices, which currently may only be done by manufacturers (not independent researchers or healthcare professionals). The proposed change would allow others to apply to conduct investigational tests. Additionally, Health Canada will form a new expert advisory committee on women’s health issues for drugs and medical devices (in addition to the two existing medical device advisory committees on digital health and cardiovascular devices). Health Canada’s new division to review medical devices that involve digital health technologies will “focus on addressing safety issues related to digital health technologies such as securing private health information and preventing hacking and cyber security threats.”

2. Strengthen monitoring and follow-up of devices once they are being used by Canadians
Due to concerns of under-reporting, seven hundred and seventy-six Canadian hospitals will be required to report medical device incidents pursuant to Vanessa’s Law (beginning in February 2019). The goal of this law is to increase capabilities for surveillance and signal detection. Health Canada seeks to improve reporting from other healthcare facilities as well, and will continue to support medical device incident reports made through the Canadian Medical Devices Sentinel Network (CMDSNet). Furthermore, Vanessa’s Law allows Health Canada to compel manufacturers to conduct assessments, tests, and studies; or, the Department may require manufacturers to reassess their product after a study or a warning from another agency, and then report back to Health Canada.
Health Canada is moving towards a framework which allows for the use of real-world evidence regarding the safety and effectiveness of a product. In this new approach for Health Canada regarding inspection and enforcement, they have signaled that they have more inspectors ready to conduct onsite foreign investigations and other compliance investigations. Manufacturers can expect and increase in the frequency of inspections and compliance verifications.

3. Provide more information to Canadians about the medical devices they use
The Department aims to improve access to medical device clinical data (making it available for independent analysis) – possibly by no longer requiring an Access to Information request. The Department will launch an accessible database with medical device incident reports in a searchable format, and will also provide detailed information on inspections and regulatory actions. Plus, Health Canada will now publish summaries of license application decisions for all new Class IV and Class III medical devices, increasing the number of released summaries from 100 to 1,000+ per year.


Health Canada’s Action Plan shows an overall commitment to improving the safety of medical devices and openness regarding the regulatory process.  We recently posted news on Health Canada Cybersecurity Draft Guidance

About the author

Amy enjoys researching and writing about developments in medical technology and how that intersects with US law. She received her J.D. from the University of Florida Levin College of Law in 2020 and now works as a Regulatory Associate for SoftwareCPR®, a general-purpose regulatory consulting firm that is recognized globally for their expertise with standards and national regulations pertaining to medical device, mobile medical app, and HealthIT software.

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:




Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: TBD



Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
Partners located in the US (CA, FL, MA, MN, TX) and Canada.