medical device single audit program (mdsap) suzan s. davis president & ceo global regulatory...
TRANSCRIPT
1
Medical Device Single Audit Program(MDSAP)
Suzan S. Davis President & CEO
Global Regulatory Partners-LLC
2
Agenda What is IDMRF
What is MDSAP
MDSAP Benefits
Regulatory Authorities Usage of MDSAP
How MDSAP Works?
Medical Device Manufacturers Audit Criteria and Cycle under MDSAP
Medical Device Manufacturers Audit Sequence and Process under MDSAP
Medical Device Manufacturers Audit Outcome
Auditing Organization Assessment & Recognition under MDSAP
Auditing Organization Assessment Criteria and Cycle under MDSAP
Auditing Organizations Assessment Process under MDSAP
Auditing Organization Assessment Outcome
Conclusion
3
What is IDMRF? (International Medical Device Regulators Forum)
IMDRF is a voluntary group of medical device regulators from around the world that was created in 2011:
to replace the Global Harmonization Task Force on Medical Devices (GHTF) and
build on its strong foundations and previous work.
to accelerate international medical device regulatory harmonization and
convergence.
The IMDRF Management Committee comprises regulatory authority representatives
from Australia, Brazil, Canada, China, Europe, Japan, Russia and United States of
America.
The roles of IMDRF Chair and Secretariat rotate annually.
4
What is IDMRF ?
The IMDRF Management Committee :
Provides guidance on strategies, policies, directions, membership and activities of the Forum.
Oversees Working Groups formed with experts from various stakeholder such as industry, academia, healthcare professionals, consumer and patient groups.
IMDRF Official Observers : The World Health Organization (WHO) and the APEC LSIF Regulatory Harmonization Steering Committee
IDMRF Affiliate Organizations : The Asian Harmonization Working Party (AHWP) and the Pan American Health Organization (PAHO).
5
What is IDMRF ?
IMDRF Working Groups Responsible for developing technical documents, Involve the participation of stakeholders that have significant
involvement in the development, manufacture or use of medical devices including, but not limited to, regulated industry, international entities and associations, academia, patient and consumer groups, medical professionals, and other regulatory authorities.
Currently 4 Working Groups : - Medical Device Single Audit Program (MDSAP),- Software as a Medical Device (SaMD), - Regulated Product Submission, - A review of the NCAR system.
6
What is MDSAP ?(Medical Device Single Audit Program)
MDSAP is a program that allows a single regulatory audit of a medical
device manufacturer’s quality management system to satisfy the needs of
participating regulatory authorities. The single audit is performed by
authorized third party organizations.
The single audit of a medical device manufacturer’s quality management system will
include the assessment of the quality management system processes including
management responsibility, resource management, product realization, measurement,
analysis and improvement, and adverse event reporting; as well as compliance with
Good Manufacturing Practices (GMPs) or other applicable requirements specific to a
participating regulatory authority.
7
What is MDSAP?
The participating medical device regulatory authorities in the pilot program :
Therapeutics Goods Administration (TGA) of Australia, Brazil’s Agência Nacional de Vigilância Sanitária (ANVISA), Health Canada, U.S. Food and Drug Administration
MDSAP Pilot phase started in January 2014 and runs until the end of 2016
The final MDSAP will be implemented in 2017
8
MDSAP Benefits
Single Audit used instead of multiple separate audits/ inspections by participating regulatory authorities:
Reduction of Number of audits/ inspections Optimization of time and resources spent/used in audits activities. Reduction of audit costs
Example: Currently, manufacturers might have a CMDCAS audit every year, an FDA inspection every other year and still waiting for an ANVISA inspection, so they can launch a product in Brazil. Instead of 3 audits/inspections in one year, the mdsap program will enable companies to schedule a single audit to address each major market at one time. When Japanese and Europeans will adopt mdsap as well, then companies will realize an even greater overall reduction in the number of audit days each year.
9
MDSAP Benefits
Flexibility : Medical device manufacturers are free to choose among all authorized auditing organizations to perform the audits. Routine audits are announced and planned with the manufacturer. Audits performed by auditors who know the company already (notified bodies)
Improved predictability of audits’ outcomes : Auditing organizations monitored by the participating Regulatory Authorities, Usage of a standard MDSAP audit model, Usage of same grading process of nonconformities Usage of standard report template to report audits’ outcomes
Commitment to quality and compliance : enrolling in the MDSAP is considered as an evidence of a medical device manufacturers’ commitment to product quality and regulatory compliance.
10
Regulatory Authorities Usage of MDSAP
United States : FDA will accept MDSAP audit reports as substitutes for the agency’s own routine 21 CFR Part 820 quality system inspections. Inspections conducted “For Cause” or “Compliance Follow-up” by FDA will
not be affected by this program.
MDSAP program would not apply to any necessary pre-approval or post approval inspections for Premarket Approval (PMA) applications
Australia: the TGA will use MDSAP audit reports to help determine compliance with Australian medical device registration requirements
11
Regulatory Authorities Usage of MDSAP
Brazil: ANVISA will use MDSAP audit reports and other components of the program in its pre- and post-market medical device evaluations.
Canada: HC will use a MDSAP audit as part of their Canadian Medical Device Conformity Assessment System (CMDCAS) certification program.
Upon the successful conclusion of the pilot, Health Canada's intent to
implement the MDSAP as the mechanism to achieve regulatory compliance for quality management system requirements in Canada.
12
How MDSAP Works ?
MDSAP uses approved third party auditing organization only in addition to regulatory authority inspectorates Greater coverage in auditing manufacturers around the globe.
Government resources can focus on high risk and problematic medical devices, manufacturers that are not in compliance with regulations, and oversight of third party auditing organizations
A manufacturer may exclude the requirements of a jurisdiction if not intend to supply medical devices to it.
13
How MDSAP Works?
The MDSAP program will not replace ISO certification programs or standards; the program will not be an accredited program as the regulators do not recognize IAF (International Accreditation Forum) principles, policies or requirements.
It is expected that the MDSAP program will eventually replace Health Canada’s CMDCAS program and the US FDA’s Accredited Persons Inspection program.
14
Medical Device Manufacturers Audit Criteria
ISO 13485:2003 + Specific Requirements of: (TGA, ANVISA,HC, FDA)
= One Comprehensive Audit Model
Longer audits : 35-100% longer in duration. The typical ISO 13485 audit might be two days. MDSAP audit can last four days .
15
Medical Device Manufacturer Audit Cycle
The Medical Device Single Audit Program is based on 3 year audit cycle.
The Initial Audit called also the “Initial Certification Audit” : a complete audit of a medical device manufacturer’s quality management system (QMS) consisting of a Stage 1 Audit and a Stage 2 Audit. Stage 1 – Documentation review, evaluation of preparedness for Stage 2 audit. Stage 2 – Evaluation of QMS Implementation and Effectiveness.
The initial Audit is followed by a partial Surveillance Audit in each of the following 2 years and a complete Re-audit (“Recertification Audit”) in 3rd year.
Special audits and unannounced audits are conducted by Regulatory Authorities that may occur at any time within the audit cycle in case of noncompliance.
16
Medical Device Manufacturers Audit Sequence Audit Sequence
Risk Management
Management
Measurement/Analysis, and Improvement
Design and Development
Production and Service Controls
Purchasing
D ev ice M arke tin g A u th o riza tio n a nd
Fa c ility R e g is tra tio n
M ed ica l D e v ice A dverse E ve n ts
an d Ad viso ry N o tice R ep orting
D ev ice M arke tin g A u th o riza tio n a nd
Fa c ility R e g is tra tio n
17
Medical Device Manufacturers Audit Process
MDSAP audits are process based audits and follow the 7 processes here below : Management. Measurement, analysis and improvement. Design and development. Production and service controls; and supporting process. Purchasing. Device Marketing Authorization and Facility Registration Medical Device Adverse Events and Advisory Notices Reporting.
The audit sequence was designed and developed to allow for the audit to be conducted in a logical, focused, and efficient manner.
18
Medical Device Manufacturers Audit Outcome
The Auditing Organization writes an audit report for each audited site, using a standard template specifically designed for medical device regulatory audits.
Auditing Organizations share the audit outcomes with the participating Regulatory Authorities to support their pre-market or post market or routine compliance.
Upon successful certification or recertification audits, Auditing Organizations issue MDSAP specific certification documents stating compliance to MDSAP audit criteria (See MDSAP AU P0026).
Nonconformities identified during an audit are graded on a scale from 1 (least critical) to 5 (most critical), according to explicit criteria as defined in GHTF/SG3/N19.
19
Medical Device Manufacturers Audit Outcome
Nonconformities are graded based on their degree of impact on the QMS and the frequency of their recurrence.
In some cases, high grade nonconformities may trigger the performance of an unannounced audit;
The manufacturer provides – and the Auditing Organization reviews – remediation plans and evidence of implementation of these plans according to a specified timeline (see MDSAP
AU P0027).
20
Auditing Organization Assessment & Recognition
During the Pilot, the only Auditing Organizations that will be allowed to apply to the MDSAP program for recognition will be the accredited organizations/registrars currently utilized in the Health Canada CMDCAS Program.
Many of CMDCAS registrars are also designated as Notified Bodies under the European regulatory scheme.
The list of Registrars Recognized by Health Canada can be found at: http://www.hc-sc.gc.ca/dhp-mps/md-im/qualsys/list_liste_regist-eng.php
After Pilot period (end of 2016) additional Auditing Organizations may be eligible to apply to the MDSAP
21
Auditing Organization Assessment Criteria
MDSAP assessment criteria:
IMDRF MDSAP WG N3 – “Requirements for Medical Device Auditing Organizations for Regulatory Authority Recognition”
IMDRF MDSAP WG N4 – “Competency and Training Requirements for Auditing Organizations”
Particular regulatory requirements published by the recognizing Regulatory Authority : audit model or technique, audit duration calculations, sampling of product technical documentation, audit planning to include determination of sites to be audited, audit report requirements.
22
Year 1 Year 2
Surveillance Assessment #1
Surveillance Assessment #2
Year 0
Initial Assessment
Year 4 Year 3
Re-Recognition Assessment
Surveillance Assessment #3
Auditing Organization Assessment Cycle
23
Auditing Organization Assessment Process
Assessment Program
Initial Assessment Surveillance Assessment Re-Recognition Assessment
Application Review
Stage 1 Assessment Including Documentation
Review
Stage 1 Assessment including Documentation Review for
Changes
Stage 2 On-Site Assessment (Head Office)
Surveillance On-Site Assessment
(Head Office)
Re-Recognition On-Site Assessment
(Head Office)
Witnessed Audits Witnessed Audits Witnessed Audits
On-Site Assessment of On-Site Assessment of- On-Site Assessment of Critical Locations (as necessary) Critical Locattions (as necessary) Critical Locations (as necessary)
Surveillance On SiteAssessment
(Head Office)
Witnessesd Audits
Asse
ssm
ent
Acti
vitie
s
24
Auditing Organization Assessment Outcome
Grade 1 nonconformity : is a nonconformity that is unlikely to have a direct impact
on the Auditing Organization’s ability to routinely operate an effective, ethical, impartial
and competent organization that produces acceptable audit conclusions, audit reports, and
certification documents.
Grade 2 nonconformity : is a nonconformity that is likely to have a direct impact on
the Auditing Organization’s ability to routinely operate an effective, ethical, impartial and
competent organization that produces acceptable audit conclusions, audit reports, and
certification documents; and is unlikely to allow deficiencies in the manufacturer’s
quality management system, or its implementation, to have a direct impact on the safety
and performance of the medical device. It’s a recurrence of a Grade 1 nonconformity.
25
Auditing Organization Assessment Outcome
Grade 3 nonconformity: is a nonconformity that is likely to have a direct impact on the Auditing Organization’s ability to routinely operate an effective, ethical, impartial and competent organization that produces acceptable audit conclusions, audit reports, and certification documents; and is likely to allow deficiencies in the manufacturer’s quality management system, or its implementation, to have a direct impact on the
safety and performance of the medical device. It’s a recurrence of a Grade 2 nonconformity.
Grade 4 nonconformity – Involves fraud, misrepresentation or falsification of evidence of conformity per IMDRF/MDSAP WG/N3 Final:2013 clause 5.1.
It’s a recurrence of a Grade 3 nonconformity.
26
MDSAP eliminates the need of four separate regulatory audits : Better use of human and financial resources Reduced time required for regulatory audits
MDSAP allows the usage of authorized third parties: More flexibility and better planning for the audits Build relationship with auditing organizations.
MDSAP uses One Audit Model Uniformity of the requirements Better predictability of the audits’ outcome.
Conclusion
27
Recommendations To Medical Device Manufacturers
Be part of the process during the pilot to help shape the policies and procedures for the operational program scheduled to begin in 2017.
Contact the Auditing Organization of their choice to determine if they are – or when they expect to be – authorized to perform MDSAP Pilot audits.
Perform a gap analysis between what you have now and the MDSAP audit criteria requirements and set up the appropriate strategy and action plan for compliance.
28
Source of Information
International Medical Device Regulators Forum (IMDRF): http://www.imdrf.org
FDA website : http://www.fda.gov/downloads/MedicalDevices/InternationalPrograms/MDSAPPilot/UCM372066.pdf
Health Canada Website : http://www.hc-sc.gc.ca/dhp-mps/md im/activit/int/mdsap_pilot_notice_avis-eng.php
29
Source of Information IMDRF MDSAP WG N3 -“Requirements for Medical Device Auditing
Organizations for Regulatory Authority Recognition”
IMDRF MDSAP WG N4 -“Competency and Training Requirements for Auditing Organizations”
IMDRF MDSAP WG N5 -“Regulatory Authority Assessment Strategy for the Recognition and Monitoring of Medical Device Auditing Organizations”
IMDRF MDSAP WG N6 - “Regulatory Authority Assessor Competency and Training Requirements”
IMDRF MDSAP WG N11 - document that “grades” nonconformities resulting from a Regulatory Authority assessment of an Auditing Organization and document the decision process for recognizing an Auditing Organization or revoking recognition
30
Questions ?
For any questions please send an email to [email protected]
Or contact Global Regulatory Partners-LLC via www.globalregulatorypartners.com
31
Thank Youfrom
Global Regulatory Partners-LLC