MDCG, the Medical Device Coordination Group of EU, published a guidance document about the extended use of MDSAP audit reports, in August. This guidance document is targeted for notified bodies on use of MDASP audit reports in surveillance audit carried out under MDR/IVDR. The guidance notes “particular use when a manufacturer has undergone an MDSAP audit and wishes to present this audit report (including the associated attachments) in context of the regular surveillance audits performed in accordance to the MDR or IVDR.”.
MDSAP, Medical Device Single Audit Program, is developed by International Medical Device Regulators Forum (IMDRF) in 2012 allows manufacturers to meet the requirements of 5 different countries (Australia, Brazil, Canada(mandatory), Japan and the United States) with an audit.
In MDSAP system, Auditing Organizations (AO) perform quality management system audit and regulatory authorities evaluate product safety and performance. Unlikely, under MDR/IMDR, Notified body assess both quality management system and device’s safety and performance. An audit, including surveillance audit, at least on an annual basis and unannounced audit is carried out.
MDSAP audit reports are possible to be used when it covers similar or equivalent MDR/IVDR requirements. Complete form including attachments, and both positive and negative statements should be considered. Meanwhile, when using MDSAP audit reports, yearly basis audit is still required by MDR/IVDR but positive QMS conformity appraisal may lead to limitation of the focus aspect be covered. This is quoted as “For example, the positive quality management system conformity appraisal through MDSAP might lead to a reduction of the focus on aspects already covered by MDSAP audit reports.”.
Notified body may establish their own guidance for evaluating MDSAP audit reports. Non-exhaustive list of examples mentioned in the guidance are as followed:
- • clinical evaluation/performance evaluation process (including post-market clinical/performance follow-up);
- • EU authorised representative contractual provisions;
- • EU UDI assignments within the quality management system;
- • manufacturer financial coverage in respect of potential liability;
- • person responsible for regulatory compliance qualification and role;
- • records control;
- • system for risk management;
- • vigilance and post market surveillance activities, including the associated corrective actions and preventive actions.
- Unless requirements are not similar or equivalent between both program, there are some other exception.
- • The MDSAP audit reports are not applicable to initial quality management system audits for EU QMS certificated;
• MDR/IVDR unannounced audit;
• MDSAP unannounced audits or special audits reports.
MDCG 2020-14 Guidance for notified bodies on the use of MDSAP audit reports in the context of surveillance audits carried out under the Medical Devices Regulation (MDR)/In Vitro Diagnostic medical devices Regulation (IVDR)