Featured Video
This Week in Quality Digest Live
FDA Compliance Features
Mike Richman
Overcoming stress at work, the benefits of AS9100, and meaningless food labels
Brandon McFadden
Consumers will become ever-more mystified about what’s on a label
The QA Pharm
The most important lessons I’ve learned in pharmaceutical quality assurance during the last 40 years
Dirk Dusharme @ Quality Digest
Cost-cutting at Ford, compassionate-use drugs, and innovation stagnation
Scott Gottlieb
FDA recognizes that time is critical for seriously ill patients who do not have alternative therapies

More Features

FDA Compliance News
Strategic investment positions EtQ to accelerate innovation efforts and growth strategy
The FDA’s RMAT designation goes live
Awards help states implement multiyear produce-safety systems
The future of medical product development?
Manage risk while meeting regulatory requirements and compliance
FDA believes you can use openFDA to create products that promote public health
Company headquarters and 30 jobs in Dayton, operations in Europe, stay in place

More News

Michael Causey

FDA Compliance

How Strong Is Your QMS Program?

New international Meddev rules challenge complacent organizations

Published: Monday, November 7, 2016 - 15:16

It’s time to get your compliance programs in order to meet some looming international regulatory compliance demands, experts including former Food and Drug Administration officials say. Having a firm grip on quality management processes—especially document management and change control—will be critical to comply with such a disparate group of regulations working with so many regulatory bodies. These new regulations and others already on the books reemphasize the importance of having an automated QMS with integrated quality processes tailored to the increasingly complex demands of medical-device regulatory compliance.

The first new international regulatory challenge, ISO 13485:2016 lays out the requirements of a quality management system (QMS) so an organization can provide medical devices and related services that consistently meet customer and applicable regulatory requirements.

What processes are affected by ISO 13485:2016?

Medical device companies can be involved in one or more stages of a product’s life cycle, including design and development, production, storage and distribution, installationor servicing of a medical device, and design and development or provision of associated activities (e.g., technical support). ISO 13485:2016 can also be used by suppliers or external parties that provide product, including quality management system-related services to these organizations. Requirements of ISO 13485:2016 are applicable to organizations regardless of their size and type except where explicitly stated, regulators point out. Wherever requirements are specified as applying to medical devices, the requirements apply equally to associated services as supplied by the company. ISO 13485:2016 requires that processes that are applicable to the organization, but are not performed by said organization, are still its responsibility and must be accounted for in the organization’s QMS by monitoring, maintaining, and controlling the processes.

Meeting a tough new regulatory requirement

“You might not want to do this project, but if you’re marketing pretty much anywhere in the major countries or jurisdictions of the world, [ISO] 13485 is—in some way, shape or form—a requirement, and we have to learn how to deal with it,” said Kim Trautman, the FDA’s former associate director for international affairs at the agency’s Center for Devices and Radiological Health (CDRH), at a recent RAPS conference. Translation: If you make or are otherwise active in the delivery of a medical device, you’re probably going to have to deal with this sooner rather than later. Trautman is just one of many offering this advice.

Meantime, Meddev regulatory teams have a second international challenge knocking on their door. The International Medical Device Regulators Forum’s single-audit program is expected to be fully implemented by 2019; however, companies should already be focusing on their internal auditing processes. The goal of the Medical Device Single Audit Program (MDSAP) is to allow a single regulatory audit of a medical device manufacturer’s QMS in order to satisfy the needs of the applicable regulatory agencies. The latest developments and insights into the program have made the rounds on social media as well, with top industry publications and stakeholders emphasizing the importance of hopping on board now:

The future is now for single-audit

The MDSAP pilot began in January 2014, and the transition to full implementation of the program is slated for next January, according to Fabio Pereira Quintino, chairperson of the MDSAP Regulatory Authority Council. It’s moved along smoothly and there’s no reason to think it won’t continue to hit its deadlines. Put bluntly, Meddev procrastinators shouldn’t count on deadlines being pushed back much, if at all. MDSAP enables medical device manufacturers to contract with an authorized third-party auditing organization to conduct a single audit of the medical device manufacturer that satisfies any regulatory authority for a market in which the manufacturer operates. It’s important to keep in mind that the FDA is taking MDSAP seriously. The agency “recognizes MDSAP audit reports as a substitute for FDA Establishment Inspection Reports,” FDA’s Carl Fischer said in a Sept. 29, 2016, announcement. Fischer is director of the Division of International Compliance Operations, Office of Compliance, CDRH. Other regulatory authorities participating in the program include those in Australia, Brazil, Canada, and Japan.

Finally, we can’t emphasize enough that this is not the time to get complacent. Although the FDA has a habit of letting some guidances and directives drag on an on—21 CFR Part 11 anyone?—it appears both of these international regulatory harmonization efforts are here to stay. The good news is that they offer real efficiencies for companies that learn how to navigate the regulatory process and comply with the standards. Companies with a clear regulatory strategy and strong document control are in the driver’s seat.

First published Oct. 14, 2016, on the AssurX blog.


About The Author

Michael Causey’s picture

Michael Causey

James Michael Causey’s been a journalist since he started his own neighborhood newspaper in the 1970s. In addition to quizzing FDA officials for the past 10+ years, he’s also interviewed political satirist Art Buchwald, FCC Chairman Reed Hundt, SEC Chairwoman Mary Schapiro, and is the past president of the Washington Independent Writers. Causey is the editor and publisher of eDataIntegrityReport.com and is a contributing writer on the AssurXblog.