Yes, we all know those third parties (Government Regulators, Notified Bodies, Registrar’s) require you to conduct internal audits of your QMS each year. They also strongly encourage you to use supplier audits to assure your critical supplier’s quality. However, how a company “embraces” these requirements often get relegated to a “necessary activity” that needs a checkmark in a checkbox to say “we did it” to the auditor. The implementation and ongoing support of a effective Quality Management System (QMS) is crucial for ensuring compliance to the regulations applicable to the country/region you are targeting, maintaining product quality (identify and fix errors that could lead to malfunctions, misdiagnoses and other problems), and gaining/maintaining market access. Each region has specific regulations and standards medical device manufacturers, pharmaceutical companies, and other regulated industries must adhere to.
Efficient/effective product development process
Taking a product idea to the commercialization stage requires an understanding of customer needs, translating them into design specifications, verifying/validating the design to both your and the regulator’s satisfaction and then establishing the manufacturing processes to consistently produce that product is
Compliance
Ensures Medical Devices comply with the proper regulatory agency (e.g., FDA, Health Canada, UK, and EU) requirements.
- Support certification
- Help prepare for regulatory body inspections/audits
- Are usually mandatory per the QMS standard/regulation being implemented
Patient safety
Ensures that medical devices are safe for patients when used as intended.
Risk mitigation
Identify and fix errors that could lead to misdiagnoses and other problems.
Continuous Improvement
Identifies opportunities to optimize processes and reduce risks.
Awareness (within the Company)
A QMS impacts practically all company functions. All employees are trained to one or more aspects of the QMS (at minimum the Quality Policy).
Auditing clarifies the responsibilities to the various organizational functions regarding their obligations to the processes and procedures that govern their work and identify gaps/discrepancies between the common practices and the requirements.
The audit results provide management an opportunity to review and evaluate the performance of their organization, after all, the quality standards and regulations provide tools and guidance for the basic processes any R&D and manufacturing organization should have.
Consider a non-regulated product, what systems/processes would you implement to ensure customer satisfaction and safety?
Each region has unique requirements, but ISO 13485:2016 and MDSAP (MDSAP is recognized by 5 countries: USA, Canada, Brazil, Japan, and Australia) provide a globally recognized framework for compliance. Companies operating in multiple markets must tailor their QMS audits to meet specific regulatory expectations while maintaining a streamlined, efficient system.
Regulatory Authority |
Key Regulation |
QMS Standard |
Audit Requirements |
Market Access Certification |
Post-Market Surveillance |
FDA (Food and Drug Administration) |
21 CFR Part 820 (Quality System Regulation) |
ISO 13485 (optional but recommended) |
FDA inspections (routine, pre-approval, for-cause) |
FDA clearance (510(k), PMA, De Novo) |
Required, with adverse event reporting |
European Union (via Notified Bodies) |
MDR 2017/745 & IVDR 2017/746 |
ISO 13485 (highly recommended) |
Notified Body audits (CE Marking approval & surveillance) |
CE Marking |
Mandatory, strict reporting under MDR/IVDR |
MHRA (Medicines and Healthcare products Regulatory Agency) |
UK MDR 2002 (as amended) |
ISO 13485 (highly recommended) |
UK Approved Body audits (for UKCA marking) |
UKCA marking |
Required under UK MDR |
Health Canada |
Medical Devices Regulations (SOR/98-282) |
ISO 13485 (mandatory under MDSAP) |
MDSAP audits (mandatory for Medical Device License) |
Medical Device License (MDL) |
Mandatory with stringent vigilance requirements |