By Shawn M. Schmitt
Let’s be blunt: Device makers aren’t particularly happy when the U.S. Food and Drug Administration (FDA) knocks on their door to conduct a facility inspection.
From audits that can sometimes drag on for weeks—with agency investigators traipsing in and out of plants—to nightmarish inspections well-documented by industry experts, there’s no shortage of tales of investigators that were difficult to handle.
But now, with the FDA in the middle of a harmonization effort to merge its 23-year-old Quality System Regulation (QSR) with international standard ISO 13485, one industry expert says that work will likely make the agency take a more wide-eyed look at how it operates its inspections and oversees its inspectorate.
The FDA’s QSR has been the bedrock rule for manufacturing safe and effective medical devices to be sold in the United States since 1996. Meanwhile, ISO 13485:2016 is used by device firms to ensure quality systems compliance with regulators in a variety of countries, including Canada, Japan, Australia, and the 28 member states of the EU. Much of the QSR already aligns with ISO 13485.
“With the advent of MDSAP … and FDA’s ISO 13485 harmonization work, I have to believe that internally at the agency there must be some discussion of, ‘Hey, do you know how we look to the public when we inspect?’” says Brian Ludovico, executive director of MDSAP regulatory certification for NSF International.
MDSAP, the Medical Device Single Audit Program, created by the International Medical Device Regulators Forum (IMDRF), allows firms to undergo one audit by an accredited third party to satisfy quality regulations for the United States, Canada, Brazil, Japan, and Australia. MDSAP maps to ISO 13485.
Auditing organizations like NSF are used to conduct MDSAP audits, and auditors traditionally tend to be more collaborative than FDA investigators. But that’s because the FDA is ultimately an enforcement agency, as Ludovico said on Oct. 24 at FDAnews’ 14th Annual FDA inspections Summit in Bethesda, MD.
“If you let companies run wild, they’ll run wild, so there has to be that enforcement hammer in the form of the FDA,” he said. “But with this upcoming harmonization of the QSR with ISO 13485, you’re probably going to see within the agency some sort of understanding of, ‘Look, this is how they do [audits] throughout the rest of the world.’”
Ludovico went on: “MDSAP is a compliance-based, proactive, innocent-until-proven-guilty system—not a seemingly guilty-until-proven-innocent system” like the FDA has.
For example, when an agency investigator collects data during an inspection, “The attitude is, ‘I’m going to dig and dig and dig and dig, and when I feel like I finally can’t find something, then I’ll release you from questioning’—vs. an MDSAP audit, where the auditor will say, ‘I’ve checked a sample size and it doesn’t fit within that population. Mathematically and statistically, we’re OK here. The onus is back on you that you don’t do something nefarious, so to speak,’” he said.
“So, I think the harmonization efforts will soften FDA’s inspectorate—but there isn’t something yet that’s outward that we can see,” Ludovico said.
To its credit, the agency has been more open lately to learning from other regulators.
More notably, Jeff Shuren, director of the FDA’s Center for Devices and Radiological Health (CDRH), said in September that he wants the agency to move away from using the phrase “gold standard” when referring to their device regulations.
“I would not view us as the gold standard; we’re merely a standard out there,” Shuren said at the 2019 MedTech Conference in Boston, MA.
But when it comes to inspections, there may be some resistance by investigators to change in the wake of a retooled QSR.
That’s according to Kristen Grumet, a former FDA investigator who is now senior VP of regulatory compliance with consulting firm Greenleaf Health.
“It’s hard to change the mentality,” she said at the FDAnews Inspections Summit. “If the agency brings in new people to be investigators and trains them with that new QSR/ISO 13485 mentality, then maybe it can happen. But it’s more difficult for an investigator who’s been doing the job for 20 years to change how they do things. So, it might take a while.”
A change for QSIT post-harmonization?
Both Grumet and Ludovico say that after the new Quality System Regulation—or whatever it is ultimately named—goes into effect, agency investigators may operate under a hybrid FDA/auditing organization approach.
That would call for an update to the FDA’s Quality System Inspection Technique, Grumet says. QSIT is designed currently to make sure that investigators look at the most important compliance issues and ask pertinent questions linked to four major quality system subsystems: management controls, corrective and preventive action (CAPA), design controls, and production and process controls.
“For QSIT post-harmonization, the language may change, the terminology may change, the flow may change,” she said. The agency “will probably add additional questions and other things [to QSIT] to make sure that things are looked at appropriately.
“But I don’t think it will have to change much. It just needs to be massaged.”
About the author
Shawn M. Schmitt is the executive editor for Medtech Insight.
This article originally appeared on the Medtech Insight blog and is published here with permission.