Navigating the MDSAP during COVID-19

Dale Morgan

Medical Device manufacturers around the globe are uniquely affected in this time of the COVID-19 Pandemic. Medical device products and services continue to be in high demand, and essential for hospitals and patient care providers. Medical device manufacturers are facing new challenges with being able to manufacture, procure and/or distribute critical medical products and components during this unprecedented period.

For the medical device manufacturers to retain their compliance, and ensure the safety and effectiveness of their products, the certification schemes they adhere to also require ongoing maintenance, expansion and the acceptance of new products. For companies certified to ISO 13485 and MDSAP+13485, knowing the options to maintain audits and certification is key to a business continuity plan when the COVID-19 Pandemic diminishes and a new industry order for medical devices emerges.

The MDSAP Consortium has established some extraordinary temporary measures and directives for Auditing Organizations (AO), like SAI Global, to follow to permit ongoing auditing and assurance of the quality management systems.

Understanding the Audit Cycle During COVID-19

Existing Clients:

  • Surveillance Audits may be conducted using off-site remote techniques or a limited schedule extension.

  • Re-certification Audits may be conducted using off-site remote techniques. Certifications renewed with a remote audit will have a validity period not to exceed six (6) months and be subject to subsequent on-site verification before the expiry of the renewed certificate.

  • Initial Stage 2, special, and unannounced audits cannot be performed using off-site remote techniques under these measures.

  • Re-certification audits that are unable to be audited remotely may have Certification temporarily withdrawn. However, the MDSAP Regulators will endeavor to apply discretion, as warranted and within their respective jurisdictions, with respect to marketing authorizations supported by certification documents suspended or lapsed because of missed or delayed audits related to quarantine orders and travel restrictions issued in response to the spread of COVID-19.

New Clients:

  • Stage 1 Audits may be conducted using off-site remote techniques.
  • Certification Audits (stage 2) audits cannot be performed using off-site remote techniques under these measures. Every effort will be made to proceed with Stage 2 audits as the travel and other restrictions ease.

What are Remote Audits in the MDSAP?

These measures introduce a new feature to the MDSAP - remote audits. The ability to use Information Communication Technology (ICT) to audit with audio/video is not new for some programs however it is a new technology for MDSAP currently.

ICT is the use of technology for gathering, storing, retrieving, processing, analyzing and transmitting information. It includes software and hardware such as smartphones, handheld devices, laptop computers, desktop computers, drones, video cameras, wearable technology, artificial intelligence, and others. 

To determine if a remote audit is feasible, for either the Surveillance or Re-certification audit, a few steps are undertaken by the SAI Global Client Services and Technical Services Team:

  1. Assessment for alternate Audit measures
    1.  Review previous audits and the standing of the client’s quality management system
    2. Assess the risk of audit being conducted with ICT
    3. A decision is made on proceeding with the ICT.
  2. Preliminary Remote Audit Assessment
    1. Questionnaire
    2. ICT Feasibility – a selection of an ICT software that will work for both the client and SAIG security and systems (e.g. Microsoft Teams)
  3. Remote Audit Planning
    1. Audit Plan for processes covered by ICT
    2. Audit Plan for processes requiring an on-site visit
    3. Schedule confirmation, audit and proposal adjustments if required
    4. Verifying the selected ICT software works.

What to expect for an effective remote audit: 

  • The assessment should be facilitated in quiet environments whenever possible to avoid interference and background noise (i.e., speakerphones, earbuds, etc.).

  • Conduct a formal opening and closing meeting as you would for an on-site assessment
    Conduct a virtual tour of the facility using a mobile device video call app
    Cover the scope of the audit as a normal assessment.

  • Expect to interview the same range of staff (management, leadership and operational teams including production, manufacturing controls, warehousing staff, QC, Ops management, purchasing, finance, risk management teams, etc.)

  • Both the Audit Team and Auditee should make their best effort to confirm what was heard, stated, observed, read throughout the audit.

  • Enough communication between the Audit Team members and/or with the auditee should be made immediately in the case that change(s) and/or variations are made.

  • The time required for the remote audit is about the same as the scheduled/required time.

  • When a remote Audit is conducted, the content of the audit report (evidence reviewed, findings, etc.) is expected to be the same as when the Audit Team physically visits the site.

Learn more about the MDSAP and ISO 13485.
Or, contact us to find out more about MDSAP remote auditing.
Previous Article
Thriving in the New Normal with ISO-Based Management Systems
Thriving in the New Normal with ISO-Based Management Systems

During this webinar Carmine Liuzzi will discuss how to ensure your organization is prepared to service your...

Next Article
Take a second look. Building brand resilience with second-party audits.
Take a second look. Building brand resilience with second-party audits.

Download our complimentary whitepaper to explore the benefits of second-party audits and how they can help ...

Remote Audits Now Available!

Learn More