Methodology

Source → record → tier.

Every MedevIQ record passes through the same five stages: ingest from an authoritative regulator, normalize to the canonical schema, reconcile against other regulators, assign a trust tier, and publish to the API. This page documents each stage, the conflict-resolution rules, the tier qualifying criteria, and our auditability commitments.

The pipeline

Ingest

Pull from authoritative regulators at their published cadence (CDSCO weekly, FDA weekly, EUDAMED monthly, MAUDE monthly, Health Canada monthly). Raw payload archived with timestamp and hash for audit replay.

Normalize

Map each regulator's native schema to the MedevIQ canonical schema. Resolve entity to canonical device + manufacturer ID via deterministic match (UDI / 510(k) number / CDSCO licence) with AI-assisted fallback for ambiguous cases.

Reconcile

Merge incoming source against existing record using precedence rules (below). Flag conflicts for review. Where regulators disagree on a fact, both values retained with source attribution; canonical value selected per precedence.

Tier

Assign A1, A2, or A3 based on the qualifying criteria (below). Tier may move up (more regulators confirm, expert review completes) or down (regulator action, conflict detected). Every tier change is logged.

Publish

Updated record available via API, web, and exports. Tier badge and source attribution travel with the record everywhere it is rendered or returned.

Conflict resolution precedence

Identity / manufacturer conflict

CDSCO licence record is canonical for Indian-marketed identity. Global cross-reference (FDA, EUDAMED, Health Canada) shown alongside when available; never overrides CDSCO. The manufacturer-canonical bridge resolves company name variants across jurisdictions.

Classification conflict

GMDN/UMDNS canonical class > FDA product code > CDSCO class > EU MDR/IVDR class. Where regulators disagree on risk class, the highest-risk classification across jurisdictions is shown to the buyer with the conflict surfaced.

Safety signal

Never overridden. All adverse-event signals (MAUDE, EUDAMED FSCA, Health Canada incidents) shown with source, signal score, and report volume. Aggregation is additive, not selective.

Recall status

Most recent recall notification per regulator shown. Closed recalls remain in the record history; only an explicit regulator update can remove an active recall flag.

How a record earns its tier

All A2 criteria met, plus: a regulatory-affairs expert has reviewed and signed off on the record within the last 90 days. Expert review covers identity, classification, regulatory status, safety signals, and source attribution.

All A3 criteria met, plus: at least one additional authoritative regulator confirms the canonical facts (identity, classification, regulatory status). AI consistency check passes across all sources. No unresolved conflicts.

At least one authoritative regulator. Record normalized to canonical schema. AI consistency check passes within the single source. No conflicting data from any other regulator examined.

Schema versioning

MedevIQ canonical schema follows semver.

Minor and patch releases are additive and non-breaking. Major releases (breaking changes) are announced 90 days ahead with migration guidance. Full schema changelog public.

Auditability

Every record change traceable to a source.

Raw regulator payloads archived with timestamp and hash. Tier changes logged. Audit log queryable via API or exported to your SIEM at the Enterprise tier.

Source → record → tier.

MedevIQ is in private preview.