Due to changes in technical and regulatory requirements the Medical Device industry has recently experienced, many manufactures have struggled to keep up and comply with their requirements.
The Medical Device Single Audit Program (MDSAP), has streamlined these requirements by combining both compliance and regulatory requirements for the five participating countries. This shorter path to the paperwork combined with a single auditor and platform to work with, means manufacturers are able to keep up with regulatory changes, while reducing overhead in terms of audit preparation and being compliant in multiple countries.
Manufacturers who have successfully been certified to the MDSAP, experience a more robust quality management systems that produces reliable and consistent outcomes. Compliant quality management systems must have a vigorous CAPA systems that allows for fast identification and containment of issues, to prevent them from impacting the end-user, or customer.
According to Dale Morgan, Global Scheme Owner for Medical Devices, the MDSAP ultimately creates trust between the manufacturer and the healthcare professionals, as the regulators are able to check on the health of each certified organisation to ensure what is being produced is both safe and effective.
“What may not be known to all manufacturers is that there’s a database we populate with audit reports. This is really for the regulator to check up on the health of those companies… gives the regulators, not a real-time view, but a periodic-interval view of how Company A, B or C are doing”
Dale Morgan, Global Scheme Owner for Medical Devices
As with any newly introduced program, manufacturers seeking certification have experienced challenges in understanding their new requirements. Dale mentioned three key challenges that manufacturers need to consider during this transition period.
- Non-Conformances. The way the MDSAP considers non-conformances is vastly different to what was once used in Standards like ISO 13485. Where “minor” or “major” non-conformance classifications were used, the MDSAP uses a grading score using points from one to five. These points are allocated based off the impact to the design and manufacturing controls, and whether these non-conformities have been repeatedly occurred. An additional point is added if there is no documented process or if a non-conforming device has been released. “any non-conformances that are a grade four or five are considered very serious. And there’s actually a special process that Auditing Organizations like us need to follow in order to follow-up and quickly close the loop on those kinds of non-conformances.”
- Risk Management Requirements. While the concept of risk management was introduced in ISO 13485:2016, the MDSAP puts a greater emphasis on risk management. Manufacturers are challenged to transform their quality management systems to consider risk management throughout all of their procedures and processes, and demonstrate this to an auditor. Dale suggests organizations think of risk management as a technology incorporated into day-to-day activity, rather than something conducted at periodic intervals. “This is one area where we still find manufacturers struggling a bit is to demonstrate how do they link their interrelated processes because what you do in manufacturing, is only a function of what's already happened in design transfer which was affected by the design and so on. “
- Knowledge of the Product. Understanding your product, and its intended use is now rightfully important under the MDSAP. Medical device manufacturers need to work with their Auditing Organization to ensure the scope of their audit is relevant to their product classification. Being transparent and forthcoming with information is necessary for your Auditing Organization to provide you with the right auditor for your business. All auditors are benchmarked to key competency codes that allow them to provide an accurate report of your business’s processes and deliverables. “A key success factor is that the auditor understands the nuances of your business and your product in order to help identify whether your processes are delivering what the customer needs.”