MDSAP-What Manufacturers Need to Know

MDSAP-What Manufacturers Need to Know

In 2014, the International Medical Device Regulators Forum (IMDRF) launched the Medical Device Single Audit Program (MDSAP) pilot. As of 2017, the MDSAP is in full force and fully operational. This poses the question, what do manufacturers need to know?

The Structure

The first part to know is the structure of the MDSAP. Auditors will follow a structured and logical process approach when auditing. The program essentially uses the ISO 13485:2003 as a framework, however, with the introduction of ISO 13485:2016, the MDSAP will likely support the new standard. This model includes seven processes as followed:

Primary processes:

1. Management
2. Measurement, Analysis, and Improvement
3. Design and Development
4. Production and Service Controls

Supporting processes:

1. Purchasing
2. Device Marketing Authorization and Facility Registration
3. Medical Device Events and Advisory Notices Reporting

The audits will be conducted annually, encompassing a three-year certification cycle by approved auditing organizations. Audit time will be based on tasks and not employee count; all MDSAP audit reports must be submitted to all regulators. There will be a database set up for the reports that any participating country can review the reports that are associated with a particular organization or medical device manufacturer.

According to the Massachusetts Medical Device Industry Council, each participating nation’s regulatory agency has a plan for adoption:

• FDA will accept MDSAP in lieu of routine inspections, but not for initial visits or “for cause inspections.”
• Health Canada will use MDSAP to satisfy CMDCAS, and is planning to replace CMDCAS with MDSAP in January 2019. Therefore, medical device manufacturers currently selling in Canada will have to obtain MDSAP certification.
• ANVISA will accept MDSAP for initial audits. This will help with the country’s current backlog of inspections, but the agency will still require its auditors to conduct ANVISA audits for higher-risk devices.
• TGA will use MDSAP to satisfy TGA requirements, considering MDSAP certificates as equivalent CE certificates.
• MHLW will accept MDSAP in lieu of an on-site Japanese Quality Management System (J-QMS) audit.
• Europe (EU) has only been participating in the MDSAP pilot as an observer, as there are concerns that it would be difficult to obtain agreement among all member states. However, the participation of European notified bodies in the program shows a strong link between EU and MDSAP. There is optimism the EU will join the program, though, as MDSAP’s aim to harmonize quality system compliance (ultimately increasing the safety and efficacy of medical devices) should serve as a way for EU to increase consistency across its member states.

Though the regulatory requirements aren’t new, this structured and integrated audit approach will require organizations to look in-depth at all the other participating countries’ requirements. Some of the goals with the implementation of the MDSAP are creating a single auditing program, more effective use of regulatory resources, better global alignment, and much more.

Let EMMA International perform pre-audit review of your quality system to prepare you for the official MDSAP audit. Contact us today and let our consultants assess your organization and develop a workable plan that meets your goals.