COLUMBUS, OHIO – The US Food and Drug Administration (FDA) is reminding medical device manufacturers that accountability for regulatory submissions cannot be outsourced, even as reliance on third-party testing continues to grow.
Josh Nipper, Director of Pre-market Operations in the Office of Product Evaluation and Quality (OPEQ), within the FDA’s Center for Devices and Radiological Health (CDRH), stressed that companies – not their testing partners – bear full responsibility for the integrity and accuracy of the data they submit to the agency for review.
“First and foremost, … everyone is responsible for what they’re submitting to FDA,” Nipper said, adding that this is something he believes “always bears repeating.” His remarks at an April 23 MedCon 2026 session on “Managing Data Integrity Across the Total Product Lifecycle” come amid growing concern within the MedTech sector over submission quality and the downstream consequences of flawed or unreliable testing data.
“I’ve seen multiple – I can’t tell you how many – files that get derailed at the end because the data that was generated was bad.” – Josh Nipper
Nipper has seen several submissions to the FDA that included problematic data from third parties; nevertheless, sponsors have pushed back, arguing that because they didn’t perform the testing, the agency shouldn’t have issued a negative decision. (Related Story: “‘Tip of the Iceberg’: Data Integrity a Front-and-Center Concern for FDA, QHub Expert Says,” QualityHub, May 1, 2025.)
But, Nipper said, the FDA’s response has been consistent. “While we could clearly see that the company … didn’t actually do the testing, [they] are ultimately responsible,” he reiterated.
The FDA does not select or approve testing laboratories for sponsors, leaving companies to weigh factors such as cost, turnaround time, and technical capability. Nipper stressed, however, that poor choices in lab selection can thwart an otherwise viable device late in the review process.
“Selection of third-party test labs is critical. [The agency] cannot make that decision for you,” he said, noting the consequences of getting it wrong can be severe. “I’ve seen multiple – I can’t tell you how many – files that get derailed at the end because the data that was generated was bad.”
Eriah Group CEO Donna Haire joined Nipper for the MedCon session, which was moderated by QualityHub Corporate VP Sean Boyd.
FDA’s Zero Tolerance for Data Integrity Issues
The FDA’s Nipper outlined a key distinction in how the FDA handles deficiencies. For standard performance failures or clarifications, the agency typically issues an Additional Information (AI) request, also known as a “hold letter,” that allows sponsors to address gaps or refine their submission.
“For something where we have a bench test that just failed, … we will send an Additional Information letter,” he explained, referencing the FDA’s normal review processes. But that flexibility disappears when data credibility is in question.
“If we question the data … and we have enough credibility that we think there’s a data integrity issue, we will issue a negative decision,” Nipper said. He emphasized that such determinations follow “a fairly rigorous internal process” before being finalized.
“This isn’t a situation where … we ask for clarifications or modifications,” he added. “Once we see that signal, the outcome is different.”
Costly Consequences Across Regulatory Pathways
According to Nipper, the FDA has seen data integrity concerns disrupt submissions across multiple product review pathways, including 510(k)s, Premarket Approval (PMA) applications, and de novo classifications.
“That’s been many, many 510(k)s,” he said. “I’ve seen it in PMAs. I’ve seen de novos derailed because we found bad data in the de novo.”
The financial implications can be substantial, particularly when issues are identified late in the process. “I can tell you that is a very expensive mistake,” Nipper said, pointing out that manufacturers are often surprised by the outcome. “We have seen many companies … very unhappy because they’re like, ‘Well, I thought my data was good.’”
Nipper’s remarks underscore a tightening regulatory environment in which data credibility is becoming a central pillar of device approval and not just a supporting element. As medical devices become even more sophisticated, particularly with the rise of software-driven devices and AI-enabled systems, the FDA is placing greater weight on how data is generated, verified, and documented.
For manufacturers, this shifts the focus from simply completing required testing to actively governing the quality of that testing end-to-end. The broader implication is a change in risk calculus: cutting corners on testing oversight may save time upfront, but it significantly raises the likelihood of costly regulatory setbacks later.
