Get our free email newsletter

Are You Ready for the MDSAP?

Five Success Factors for Preparation

Currently, global medical device manufacturers must undergo audits of their quality management systems by regulators in the countries in which they sell their products – this means manufacturers are subject to multiple audits by numerous agencies each with their own scientific principles, jurisdictional requirements and processes. Regulatory inspections are rigorous, requiring the time and labor of many individuals within a company, prior to, during and for any follow up actions required by the regulatory agency. These audits are a burden on regulatory agencies as well, requiring extensive time and labor on behalf of inspection bodies to review quality operations across a firm’s different manufacturing locations.

To streamline the oversight of manufacturers’ quality systems, and encourage improved product safety on a global scale, the International Medical Device Regulators Forum (IMDRF) has developed the Medical Device Single Audit Program (MDSAP) whereby recognized Auditing Organizations (AOs) conduct a single audit of a medical device manufacturer that satisfies the relevant requirements of various regulatory agencies.

While the MDSAP has the potential to save medical device manufacturers time, labor and money, these audits will be rigorous, covering quality management system requirements found in ISO 13485:2003; Brazilian Good Manufacturing Practices; the FDA’s Quality System Regulation (21 CFR Part 820); and additional requirements from all regulatory agencies participating in the program, including product design, registration, licensing and adverse event reporting.

- Partner Content -

Shielding Effectiveness Test Guide

Just as interference testing requires RF enclosures, isolation systems in turn need their own testing. This document reviews some of the issues and considerations in testing RF enclosures.

In this article, we present an overview of the MDSAP, the factors driving this program, the impact on medical device manufacturers, and what manufacturers should do now to prepare for an MDSAP audit.

Medical Device Single Audit Program

The medical device market has become increasingly global, with device companies manufacturing and selling their products in multiple countries. As a result, manufacturers must comply with the diverse guidelines, rules, procedures and deadlines of various regulatory jurisdictions governing the markets in which they operate.

The IMDRF was established in 2011 as a forum to discuss future directions in medical device regulatory harmonization. Comprised of medical device regulators from around the world, the IMDRF’s aim is to accelerate international medical device regulatory harmonization and convergence.

One of the areas where the IMDRF sees value in global harmonization of diverse regulations is in the auditing and assessment of medical device manufacturing quality systems. The organization believes a unified approach to such audits may improve device safety and oversight on an international scale. With this in mind, the IMDRF established an MDSAP workgroup to develop a standard set of requirements for auditing the quality systems of medical device manufacturers’ that satisfies the requirements of multiple regulatory jurisdictions.

- From Our Sponsors -

IMDRF Regulatory Authority Participants in the MDSAP

  • Australia—Therapeutic Goods Administration (TGA)
  • Brazil—National Health Surveillance Agency (ANVISA)
  • Canada—Health Canada
  • Japan—Pharmaceuticals and Medical Devices Agency (MHLW) and the Ministry of Health, Labour and Welfare
  • U.S.—Food and Drug Administration (FDA)

While not a formal participant in the IMDRF’s MDSAP, the World Health Organization (WHO) Prequalification of In Vitro Diagnostics (IVDs) Programme and the European Union (EU) have has been designated as Official Observers to IMDRF management committee deliberations regarding the MDSAP.


MDSAP Mission/Goals

As stated in the MDSAP Frequently Asked Questions document:

“…the MDSAP is a way that medical device manufacturers can be audited once for compliance with the standard and regulatory requirements of up to five different medical device markets: Australia, Brazil, Canada, Japan and the United States. The program’s main mission is to jointly leverage regulatory resources to manage an efficient, effective, and sustainable single audit program focused on the oversight of medical device manufacturers.”

Aligned with the mission of the IMDRF, the MDSAP:

“…has the potential to accelerate international medical device regulatory convergence, promote an efficient and effective device regulatory model, respond to emerging challenges in the medical device sector (e.g., rapid technical advances), and protect and maximize public health and safety.”


MDSAP Objectives

  1. Enable appropriate regulatory oversight of medical device manufacturers’ quality management systems while minimizing industry regulatory burden;
  2. Promote more efficient and flexible use of regulatory resources through work- sharing and mutual acceptance among regulators while respecting the sovereignty of each authority;
  3. Support globally, in the longer term, greater alignment of regulatory approaches and technical requirements based on international standards and best practices;
  4. Endorse consistency, predictability and transparency of regulatory programs by standardizing the practices and procedures of participating regulators for the oversight of third-party auditing organizations; and the practices and procedures of participating third-party auditing organizations; and leverage, where appropriate, existing requirements and procedures for conformity assessment.


MDSAP Auditing Organizations (AOs) and Audit Process

AOs are fully responsible for deciding whether a manufacturer is in compliance with the requirements as well as issuing MDSAP certification documents under the program. Each regulatory authority participating in the MDSAP can use the AOs’ reports to support regulatory decisions in their jurisdiction. If a regulatory authority deems a manufacturer is not in compliance based on an AO’s report, it “may engage in enforcement activities according to their policies, taking into account, if possible, the follow-up activities conducted by the Auditing Organization.”


Auditing Organizations Currently Approved (as of December 2016) to Conduct MDSAP Audits

  • BSI Group America
  • Dekra Certification B.V.
  • DQS MED
  • Intertek Testing Services NA, Inc.
  • LNE/GMED (Laboratorie National
    de metrologie et d’Essais (LNE)
  • Lloyd’s Register Quality Assurance
  • National Standards Authority of Ireland
  • NSF Health Science Certification LLC
  • SAI Global
  • SGS United Kingdom
  • TUV Rheinland of North America
  • TUV SuD America
  • TUV USA
  • UL Medical and Regulatory Services

The MDSAP features a level of transparency that allows participating regulatory authorities to oversee AOs’ compliance with the program’s requirements. This includes assessments of the AOs’ head offices and critical locations, as well as witnessing the performance of AO audits (“witnessed” audits). The AOs are assessed based on factors such as code of conduct, impartiality and special/unannounced audits, auditor competency, and training requirements.


Impact on Medical Device Manufacturers

By consolidating multiple regulatory audits into one, MDSAP has the potential to save global medical device manufacturers time, labor and money. Instead of having to prepare for and undergo audits by five separate regulatory agencies in a calendar year, a medical device manufacturer may potentially undergo just one audit that satisfies multiple regulators’ requirements.

Furthermore, rather than having to comply with diverse follow-up activities from individual regulatory audits, including corrective and preventive actions (CAPAs), a manufacturer has one set of actions to take. The resources a manufacturer saves in non-value-added audit activities may be re-allocated to more strategic activities aimed at improving device performance and quality, fueling additional growth.


Why Prepare Now for MDSAP?

While MDSAP streamlines the auditing process by combining multiple regulators’ audits into one, the audits are challenging from an operational standpoint. They cover not only quality management system requirements found in ISO 13485:2003; the Brazilian Good Manufacturing Practices; and the FDA’s Quality System Regulation (21 CFR Part 820), but also additional requirements of all regulatory agencies taking part in the program, including registration, licensing and adverse event reporting. As a result, an MDSAP audit is likely to be longer than a typical audit conducted by an individual regulator, with auditors being on-site for a week or more instead of the usual two-to-three days.

The AOs conducting the MDSAP audits are under close scrutiny by the participating regulatory authorities, as are the manufacturers they are auditing. An MDSAP audit is an entirely new breed of inspection, one that requires a medical device manufacturer to present an unprecedented level of transparency into its operations, quick and in-depth access to information, and evidence that it is committed to continuous quality improvement.3

The advantages of a successful MDSAP program for manufacturers can include their responsibility to product quality and compliance to each country’s local structure, giving them a competitive advantage in the market. 


Five Success Factors for a MDSAP Audit

While your company might not be participating in the MDSAP audit program currently, it is likely you will be in the future. Here are five success factors to help you prepare now for this fundamental change in global regulatory compliance.

1. Transparency

There has been a major worldwide push toward transparency of information within the medical device industry. Regulators have offered to be more forthcoming with information to help industry comply with regulations (e.g., FDA Transparency Initiative) but in return they expect manufacturers to be more open as well.

Medical device manufacturers must adopt a paradigm of quality management system transparency where they provide regulators with detailed information on how they design, develop and manufacturer their devices. There is increasing pressure from not only regulators, but also clinicians and patients demanding device manufacturers publicly share information that regulators can use to make better informed decisions on device selection and use (e.g., post-market research).

The MDSAP reflects this shift toward greater transparency in operations and MDSAP auditors will require your organization to be forthcoming with your information. To help prepare for this:

  • Apply more security to your company’s internal audit of records requirements;
  • Increase the sample size and frequency of
    records’ audits;
  • Involve management in the review, not only of reports of records audits, but the records themselves;
  • Allow management a first-hand experience reviewing sampled records; and
  • Challenge your company’s ability to produce requested records in a timely manner—use a stop watch to measure how long it takes to produce evidence in your QMS.

2. Access to Information

Medical device manufacturers must have required information readily available and well- organized to satisfy auditors’ requests – whether they are participating in an individual regulatory authority’s audit or one under the MDSAP. While to date the MDSAP pilots have been paper-based, IDMRF is developing an electronic Quality Management System (eQMS) to facilitate automation of the MDSAP process requirements. Be prepared by making the transition to electronic management of your quality processes and data.

3. Subject Matter Experts

MDSAP AOs are being held to a tight timeline in which to conduct audits designed to satisfy the regulatory requirements of multiple countries – there will be a huge workload and demands made on these organizations. Auditors will require access to subject matter experts from your organization who are knowledgeable and forthright with their answers.

Be prepared by allocating the proper resources for these inspections. Identify and involve department managers and subject matter experts from across your organization, including representatives from areas such as design/development; procurement; supplier management; manufacturing; complaint management; and perhaps legal (contract review). Resist the temptation to put the entire workload on the backs of the quality department. This is about the quality of the management system – not just the management of the quality system. Prepare these individuals so that they can provide answers concisely and quickly with information readily available to meet the AO’s demands.

4. Communication

If the MDSAP audits will cover multiple sites throughout your organization, ensure you have a communication network in place to share key learnings from one site to another. Put in place technology and processes to record what auditors are requesting in terms of information, questions they are asking and the resources you need to fulfill these requests – and communicate this information out to your other sites. This will help your other locations prepare for the demands of the audit process.

5. Continuous Improvement

A focus on quality improvement does not begin and end with an MDSAP audit in today’s regulatory environment. Regulators are looking for evidence that a company is committed to continuous quality improvement in its operations. An example of this is the FDA’s Case for Quality, which is now part of the Center for Devices and Radiological Health’s (CDRH) 2017-2018 strategic priorities to promote a culture of quality and organizational excellence.

During the auditing process, FDA and other regulators are looking for evidence that your company is maturing in the effectiveness of its quality management systems. When preparing for a MDSAP audit, find ways to demonstrate to the auditors that you are doing more than just satisfying today’s requirements – but that you have made quality and continuous improvement part of your company’s culture and have placed them at the forefront of your day-to-day operations.

Does your company have a strategic quality plan for the organization/enterprise? While a larger organization is more likely than a smaller, mid-market organization to have this in place, even small-to-mid sized companies should begin developing strategic plans given the FDA’s shift in focus beyond compliance to one of medical device quality.


Conclusion

The medical device world is becoming increasingly global, but at the same time international regulators have recognized the patient safety and operational benefits of international medical device regulatory harmonization and convergence. While the MDSAP has the potential to streamline the quality management auditing process for manufacturers, it brings with it a new level of requirements and considerations aligned with the movement toward quality as an enterprise-wide culture rather than a department. Medical device manufacturers that prepare today for MDSAP audits not only position their companies for compliance with this new regulatory program but also position themselves for success in meeting broader changes in the global regulatory landscape.


Endnotes

  1. Note that Health Canada has announced that effective in January 2019, the Canadian Medical Device Conformity Assessment System, (CMDCAS) will be discontinued and replaced with the MDSAP program.  This means that firms marketing medical devices in Canada must be certified to MDSAP requirements.  While there remains some debate regarding the viability of this decision in time for the January 2019 deadline, Canada remains firmly committed to this intent.
  2. “Medical Device Single Audit Program: Frequently Asked Questions,” posted to the website of the U.S. Food and Drug Administration. Available at https://www.fda.gov/downloads/MedicalDevices/InternationalPrograms/MDSAPPilot/UCM430563.pdf (as of 10 April 2018)

Tom Middleton is an ISO/cGMP auditing and compliance subject matter expert and eQMS solutions architect at Sparta Systems.  He can be reached at tom.middleton@spartasystems.com.

Related Articles

Digital Sponsors

Become a Sponsor

Discover new products, review technical whitepapers, read the latest compliance news, and check out trending engineering news.

Get our email updates

What's New

- From Our Sponsors -

Sign up for the In Compliance Email Newsletter

Discover new products, review technical whitepapers, read the latest compliance news, and trending engineering news.