You are a medical device manufacturer or service provider and you have just received a FDA Form 482 (Notice of Inspection) stating an inspection start date a week from today. What can you do to improve your odds of success?
Step 1. Determine the type of audit – pre-announced inspections (like this one) can be of two main types:
1. Routine Audits – these are audits conducted at random (periodically) to sample your state of compliance; most firms should expect a routine audit once every 2-6 years, depending upon its size and its potential impact on the public’s health & safety
2. For-Cause Audits – these are audits triggered by significant adverse events in the market: product recall(s), MDR(s), customer complaints to the FDA, etc. If this was the case, you would expect this audit since these events almost always trigger for-cause audits.
Step 2. Most auditors will request a copy of your firm’s Quality Policy and high level Procedures (including Management Review), Quality Manual, Quality Plan, or equivalent to better prepare for the audit. You are not required by law to provide the information prior to the audit, however:
- If your high level quality documents are solid, in the spirit of cooperation (and to start the audit off the right foot) you might consider sending them to the auditor as requested.
- If you suspect that there might be gaps in your top level quality documents, assert your right to not send the information ahead of the audit as you do not have to provide a reason. The downside is that you might raise suspicion and possibly even antagonize the auditor, so weigh this option carefully.
Step 3. The FDA’s Guide to Inspections of Quality Systems – Quality System Inspection Technique (QSIT) identifies the following 4 major areas of focus in an inspection:
1. Management Control
2. CAPA (includes MDR, Corrections & Removals, and Medical Device Tracking)
3. Design Controls
4. Production & Process Controls (includes Sterilization Process Controls)
Other areas of interest might include Facility & Equipment Control, Material Control, and Records / Documents / Change Control.
Conduct a thorough review of your Quality System (best with the help of an impartial external consultant) in all the areas listed above (as applicable to your business) and list all potential gaps at every level of your Quality System: Policy, Procedures, Work Instructions, Records.
As you will spend most of your time with records, prioritize -- the auditor is most likely to request samples related to the audit trigger (recalls / MDR / complaints to the FDA) in a for-cause audit, and the latest released products or services in a routine audit. They will also follow up on previous findings and promises to correct that you have made in previous responses to 483(s) and warning letters, so be prepared to have a solid story on those as well.
The method that works best to conduct this gap analysis is to use a visual mapping approach that matches the top-down and the bottom-up QSIT methodology that the auditor will use. Get all the interested parties in a conference room and map your Quality System elements hierarchically (top-down) on a whiteboard. Discuss and the procedural gaps will become evident.
For the “bottom-up” component, in a for-cause audit start with the “problem children” low level records that relate to the recall, MDR, or customer complaint which most likely will have triggered the audit and work your way up and across through your other components of your Quality System – was this complaint analyzed, was its root cause found, did it trigger a CAPA, do you have a CAPA plan, where is the CAPA now, did it trigger a correction or a removal, if so did you perform a Health Hazard assessment, did you send out a customer letter, did you inform the FDA if and when required, etc.
If this is a routine audit, follow the same steps above, starting with the most potentially impactful complaints, recalls, field defects, etc. related to the most likely targeted (newest on the market or linked to previous 483s or warning letters) products or services.
Make a list of gaps, prioritize based on severity and risk, assign a person responsible, and then have the team decide on a disposition: fix prior to the audit, put a plan in place (to be shared with the auditor only if the gap is found during the audit), or document the rationale for postponement (acceptable rationales are based on low impact probability and / or low risk to the public health)
Step 4. Rehearse the audit. This is best done with an external (impartial) consultant playing the role of the FDA auditor, and steering the lines of questioning across the most likely paths based on the type of the audit and the information that is believed to be known by the FDA externally. These lines should include a good mix of top-down and bottom-up threads, especially around the most important potential vulnerabilities as highlighted by the gap analysis.
As per the best practices for an FDA audit, set up a “front room” (where your regulatory affairs representative(s) will interface with the auditor and present copies of the requested documents) and a “back room” (where you would have your technical experts discuss the auditor’s questions and requests for document, and provide the appropriate information to your “front room” team).
Your “front room” team should include people with experience in interacting with regulatory agencies, skilled both from a legal standpoint and from a human interaction standpoint. They should be trained in answering the auditor’s questions promptly and sincerely, limiting the information provided to just the response to the direct question, never contradicting themselves or each other, and having a likeable personality to maintain a pleasant working atmosphere with the auditor at all times.
Step 5. Iterate and improve. Have the mock auditor take copious notes during each rehearsal. Examine and discuss the image presented to the auditor. Are you able to respond quickly and in a satisfactory manner? Are your answers and the information provided relevant and complete? Are you controlling the information flow to just the items related to the auditor’s requests? Unbeknownst to you, are you leading the auditor in other areas not related to his or her line of questioning? Are you courteous and polite? Would he or she have reasons to suspect insincerity or cover-ups? Repeat until you are happy with the results or until the audit starts (whichever occurs first). Unfortunately there is a hard deadline on this one.
Remember, you can’t fix all the gaps in the short time until the audit. Outside of the things you promised the FDA that you will do (and which you will still be held responsible for), if you know what the other gaps are and if you can show the FDA that you have reasonable remedial plans in place, then you should do reasonably well in the audit.
Each situation and each company is, of course, different. To address your specific situation, please visit ww.priusmedical.com for further details.
Each situation and each company is, of course, different. To address your specific situation, please visit ww.priusmedical.com for further details.
No comments:
Post a Comment