By Jennifer Lopez
Globalization of the medical device market as well as its supporting supply chains continues to increase year after year. This has forced regulatory bodies to grapple with finding a way to narrow the gap between international and domestic regulation. In spring 2018 the United States Food and Drug Administration (FDA) announced its intention to adopt the internationally recognized quality management standard ISO 13485:2016 for medical devices. According to the FDA, the revisions are intended to modernize and reduce compliance and record-keeping burdens on device manufacturers by harmonizing current domestic and international requirements.
For FDA-regulated manufacturers, the required actions to close the gap between the FDA’s existing Quality System Regulation (QSR) 21 CFR part 820 and ISO 13485:2016 should not increase manufacturers’ regulatory administration significantly. However, it is important that manufacturers are aware of and prepared for these changes, and they understand what the changes will mean for their businesses. They can do this by seeking industry insight on best practices.
Setting the regulatory scene
QSR 21 CFR part 820 outlines current good manufacturing practice (CGMPs) regulations for medical devices to help manufacturers ensure that their products consistently meet applicable requirements and specifications so that devices they release to market are both safe and effective. To ensure compliance with the QSR, medical device manufacturers must be inspected by the FDA. However, given that 21 CFR 820 was first issued in 1978 and the latest revision was published in June 1997, it is quite apparent that change is required to ensure modernization.
ISO 13485:2016, on the other hand, is an internationally recognized standard that lists the requirements of a quality management system (QMS) for the design and manufacture of medical devices and related services globally. It was originally published in 1996 and has undergone multiple revisions since; the most recent version was published in 2016.
The key changes that manufacturers must be prepared for are the changing and/or additional requirements for the quality manual and management reviews; the definition of “training”; requirements for corrective and preventive action (CAPA); and purchasing controls and supply-chain management.
Like other ISO standards, ISO 13485:2016 is not mandatory for manufacturers to achieve certification. However, if they are looking to do business in most major global markets, they can reap a plethora of benefits from being ISO 13485:2016-certified. Particularly, by being certified they can expand the number of markets in which they can distribute, resulting in a potential increase in profits.
The meaning of this change for manufacturers
Because the FDA has announced that it is going to be harmonizing the QSR with ISO 13485:2016, it is important to look at what this means for the industry. ISO 13485:2016 has gained significant recognition across the globe outside of the United States. The FDA’s adoption of this ISO standard will result in a global move to regulatory harmonization.
The Medical Device Single Audit Program (MDSAP) has also been rolled out recently with the aim of minimizing audits and inspections for medical device manufacturers. It is a program that allows a single regulatory audit of a medical device manufacturer’s QMS to satisfy multiple jurisdictions’ regulatory requirements (currently the United States, Canada, Japan, Brazil, and Australia). Being ISO 13485:2016-certified will aid manufacturers on the route to MDSAP compliance. Also given the close relation between the ISO standard and the European Union’s Medical Device Regulation (MDR), those doing business in the European Union will see the benefits that come with this synergy.
A common theme that runs through the ISO standard is risk, and it is important that manufacturers understand why and what they can do to prepare. As the FDA looks to implement this new standard, it is clear the agency is adopting a more risk-based approach in its processes to ensure close alignment with the standard. What will this look like? Risk will become a deciding factor for how and where the FDA targets its audits. If a manufacturer has not been audited recently, the agency could view it as a higher risk, thus warranting a potential visit from FDA auditors.
In the past many small to midsize manufacturers have fallen off the FDA’s radar, but with this heightened risk-focused approach coming with the ISO 13485:2016 standard, these manufacturers should expect that they could be scheduled for an inspection. MDSAP in fact adds to this issue. Now that Notified Bodies can conduct MDSAP audits, the FDA will accept those reports as a substitute for routine inspection, relieving it of this pressure and consequently granting them time to focus its efforts on “For Cause” and “Compliance Follow-Up.”
How to prepare
The best advice to manufacturers is to not let complacency rule. With the global regulatory shifts that are happening in the medical device industry, the time is now for manufacturers to ensure their compliance processes will be ready for the transition. If a manufacturer has previously sold devices only in the United States, it would have been optional to conform to ISO 13485:2016. However, with the FDA moving toward adoption, there will be new elements in this standard that differ from 21 CFR part 820. Therefore, knowing the changes are coming, manufacturers should understand the requirements to conform and the effort needed to be compliant. These are the key to success.
ISO 13485:2016 has some overlap with the FDA QSR; however, manufacturers cannot afford to ignore the inevitable gaps in their QMS that will arise from this globally harmonized transition. It is crucial that they meet all appropriate regulatory requirements. For some this may seem an overwhelming task, and third-party help may be an appropriate course of action. In any case, based on the risk approach evident in ISO 13485:2016, as well as the time and resources involved to make the transition, medical device companies cannot afford to delay further.
About the author
Jennifer Lopez is a Director of Maetrics Solutions Delivery with experience in Pharmaceutical and Medical Device Industries. Prior to coming to Maetrics, Lopez spent 17 years with a leading global pharmaceutical company. With more than 15 years in Quality and Regulatory Compliance roles with some of the leading Pharma and Medical Device companies, Lopez serves Maetrics as the Audit Practice Leader and has experience leading large audit teams on global projects for some of our largest clients as well as proven skills in global remediation, CAPA, manufacturing startup, quality assurance and regulatory compliance.
This article first appeared on the Quality Digest website and is published here with permission. Please visit Quality Digest for more information.