By the end of this year, US medical device manufacturers will have to adhere to new and significantly different regulations. This is when the new Medical Device Single Audit Program (MDSAP) will be fully in place.
Also, in April this year, the FDA’s Quality System Regulation (QSR) was replaced with ISO 13485. This is an internationally recognized standard that sets out quality management system (QMS) requirements for the medical devices industry.
What is MDSAP?
The MDSAP program allows for a single comprehensive audit of a medical device manufacturer’s QMS.
The program is designed to satisfy the requirements of multiple regulatory jurisdictions in one audit. The audits are conducted by an auditing organization that, under MDSAP requirements, has been authorized by participating regulatory authorities.
What an MDSAP audit includes
MDSAP audits cover the new ISO 13485 standards, as well as the following international QMS standards:
- Brazilian Good Manufacturing Practices (ANVISA RDC 16)
- Japanese requirements (MHLW MO 169)
- FDA’s Quality System Regulation (21 CFR Part 820)
- country-specific registration and licensing requirements
- country-specific adverse event reporting requirements
- other country-specific requirements beyond QMS.
An MDSAP audit reviews a manufacturer’s standard operating procedures and then covers a series of step-by-step questions, covering the following processes:
- measurement, analysis, and improvement
- design and development
- production and service controls
- device marketing authorization and facility registration
- medical device events and advisory notices reporting.
Under MDSAP, a new grading system has been introduced for identifying the severity of issues uncovered during auditing.
A grade of 1 to 3 indicates a minor non-conformity. Grades of 4 and 5 are for more serious compliance issues.
The grading system is designed to be simpler and clearer in meaning than previously used terminology, such as “major finding” or “opportunity for improvement”.
MDSAP pros and cons
As with any new regulatory system, MDSAP has advantages and disadvantages.
A key advantage is that a single audit means fewer disruptions. A single audit also costs less than multiple audits – and findings from a single audit are easier to deal with.
There’s no need to separate auditing of compliance with ISO 13485, which MDSAP incorporates.
MDSAP allows for more regular audit scheduling and improved industry transparency. It may also make it easier for manufacturers to enter overseas markets, due to alignment of MDSAP with international standards.
Potential disadvantages of MDSAP
Medical device manufacturers may have to change processes in order to comply with MDSAP requirements. They may also need to replace or update their current QMS systems.
Preparing for an MDSAP audit
The sooner medical device manufacturers prepare for MDSAP the better. This applies especially to those intending to export products to other countries.
To sell medical devices to Canada, for example, you’ll need an MDSAP certificate or proof that you’re in the process of being MDSAP certified. This has been the case since the end of 2018.
Manufacturers can prepare for their first MDSAP audit and certification by doing the following:
1 | Learn about MDSAP
Find out what the MDSAP requirements are and other general information from the FDA website.
2 | Assess your readiness
Do an internal audit of manufacturing processes and procedures to identify areas where they are not compliant.
3 | Develop an action plan
Develop a plan to address these shortcomings within a reasonable amount of time but before the first audit and certification.
4 | Update your QMS
A quality management system (QMS) that meets the requirements outlined in ISO 13485 is a necessity for MDSAP certification.
5| Find a QMS software partner
A QMS software vendor will be able to advise on a system that is compliant, solutions-based and follows best practices for compliance and quality.
Audit management software from isoTracker
isoTracker offers cloud-based audit management software that simplifies the process of running audits, achieving certification, and ensuring on-going regulatory compliance. The software also facilitates corrective action through built-in CAPA features.