The new European Medical Device Regulation (MDR), like MDSAP, requires adherence to ISO 13485:2016. However, it too adds its own declarations, including a call for announced and unannounced inspections of suppliers and/or subcontractors and their facilities.
The Medical Device Single Audit Program (MDSAP) requires adherence to ISO 13485:2016. At a high level, Chapter 7 of MDSAP requires that the purchasing process covers the regulatory needs for supplier management for all the participating countries (USA, Canada, Brazil, Japan, and Australia), and therefore, covers the evaluation, selection, and re-evaluation of suppliers, outsourcers, and service suppliers.
ISO 13485:2016 has been updated extensively for Supplier Oversight, defining the requirements for purchasing controls applicable to manufacturers of medical devices that are selling into the European Union (EU) and most other countries around the globe.
21 CFR Part 820.50 states that each manufacturer shall ensure that all purchased or other received product and services conform to specified requirements, and the suppliers of those products or services should be reviewed at intervals consistent with the significance of the product or services provided.
One of the largest sources of organizational risk is dependence on third-party suppliers. Today’s global economy has added complexity to supply chains, and longer supply chains are making it increasingly difficult to manage our suppliers, and in many cases our suppliers’ suppliers, thereby increasing overall risk. The plethora of regulatory requirements placed in Medical Device organizations, including FDA mandates and the updates to ISO 13485:2016, reflect this new reality.
Ask any corporate executive to list the top objectives of their organization’s Quality department and they’ll include the need for predictive and proactive risk management strategies. The Medical Device industry is no exception to this reality; if the industry wants to improve patient outcomes, then it has to manage risk.
Kari Miller, Regulatory and Product Management Leader, Pilgrim Quality Solutions, an IQVIA company
For organizations that directly impact patient outcomes, continuous improvement should be a continuous consideration every step of the way. It is important to continually review and strengthen relationships with suppliers as a means of identifying risks throughout the product and supplier lifecycle. Regulatory auditors expect organizations to be able to demonstrate that they manage their supply chains effectively, and risk management provides the means to do so.