New FDA Notice Provides Details on IMDRF's Medical Device Single Audit Program

Posted 07 August 2013 | By Alexander Gaffney, RAC 

With the demise of the Global Harmonization Task Force-a regulatory harmonization body focused on medical devices-in 2012, much attention has been paid to its successor, the regulators-only International Medical Device Regulatory Forum (IMDRF), and its major planned projects. Now one of IMDRF's member regulators, the US Food and Drug Administration (FDA), has announced it is looking to potentially contract out part of one project it is current spearheading known as the Medical Device Single Audit Program (MDSAP).


The MDSAP program is, at its core, a program meant to facilitate third-party auditing in a manner consistent throughout all member states.

The development of the MDSAP program is being coordinated by Kimberly Trautman, associate director of international affairs at FDA. Trautman has previously explained that auditing standards for organizations will "complement" the ISO 13485 standard, which deals with the quality regulations medical device manufacturers must follow.

"IMDRF seeks modifications to achieve a harmonized standard amongst its members," Trautman explained at a regulatory meeting in 2012 held by the Regulatory Affairs Professionals Society (RAPS). Other regulators, including Health Canada's Mike Ward, called the MDSAP the "future of regulation," noting that it will allow third parties to step in and help meet the needs of regulatory authorities.

In the meantime, IMDRF has been working through a number of thorny issues, among them how to ensure audit consistency among parties, which standards will complement the ISO 13485 standards, and how to best oversee auditing organizations.

IMDRF has since released several draft guidance documents related to the program, including two in April 2013 establishing recognition, monitoring and training requirements for industry, and two more in July 2013 establishing similar standards for regulators.

New Information

But while IMDRF has seen fit to release plenty of conceptual guidance, details about how the system might work in practice have been somewhat scarce-until now, that is.

In a "Sources Sought" notice posted on the US Federal Business Opportunities (FBO) website on 5 August 2013, FDA announced it is looking for information to help it plan an "audit and inspection data system" related to the MDSAP program.

Noting the involvement of regulators from the US, Canada, Brazil and Australia, FDA explains in the notice that the intent of the MDSAP program is to "[pool] technology, resources and services to improve the safety and oversight of medical devices on an international scale."

"This international coalition would rely on a MDSAP to review the Quality Management Systems (QMS) of device manufacturers to ensure they adhere to quality standards as defined by recognized regulatory bodies," FDA continued. "Development of the MDSAP includes use of third party auditors, much like the current Canadian audit program. Use of third party auditors allows greater coverage in auditing manufacturers as opposed to relying solely on the government resources of individual countries. By pooling resources into a common program, less developed countries without the means to oversee device manufacturing facilities within their jurisdiction, would be able to participate in the program or take advantage of the information and data collected by the other regulators."

The MDSAP Portal

But because the MDSAP program would involve regulators and third-parties from multiple countries, FDA said it has identified the potential need to implement a so-called "MDSAP Portal," a web-based collaborative tool accessible to parties involved in the MDSAP program on both traditional and mobile computing devices. The portal would need to be secure, have the ability to upload audit reports directly, and support multiple languages.

In addition, FDA said it envisions the MDSAP portal serving "as an information dashboard for government agencies to collect and share information regarding medical device recalls, adverse events, product modifications, registration and listing, international shipping and inspections data."

And, as a result of collecting that information, FDA said the MDSAP Portal will also need to be able to work with various other existing regulatory databases maintained by FDA, Health Canada, Australia's Therapeutics Goods Administration (TGA) and Brazil's Anvisa.

Various other requirements related to document management, collection of training records, workflow management, inspection notification, additional future capacity and system requirements are also explained in the notice.

Companies have until 5 September 2013 to respond to the notice.

FDA Solicitation for MDSAP System

Regulatory Focus newsletters

All the biggest regulatory news and happenings.


Most Viewed Articles