The short answer is NO. MDSAP is not going to replace ISO 13485 and it is not time to give up your ISO 13485 certification. ISO 13485 MDSAP are two different programs with similar requirements but they do not duplicate each other. MDSAP has the more stringent requirements of the two and companies that are already certified to ISO 13485 will see an increase in the number of audit days once they seek certification to MDSAP.
What is MDSAP? It stands for Medical Device Single Audit Program and current the following countries are part of the program: USA, Canada, Japan, Brazil and Australia. This means that a accredited body that certifies an organization will assess them against the regulatory requirements of all the different countries aforementioned. While the audit may be long it does mean that doing one audit will qualify the product for all the different markets without having to go through other audits.
What is ISO 13485? The standard is developed by ISO and is based on the process-based approach for management systems. Until recently it aligned with the ISO 9001 and was built upon the same framework with clauses aligning. However, when ISO 9001 was revised in 2015, it changed to align to the new high-level structure. However, ISO 13485 did not follow suit and chose to retina its old structure as also some of the requirements that ISO 9001 did away with. ISO 13485 has more prescriptive requirements than ISO 9001 and now in its new 2016 avatar has given more importance to risks. Companies getting certified to ISO 13485 may use ISO 14971 to address the risk requirements within the medical device industry.
ISO 13485 MDSAP are standards that look to ensure that medical devices are manufactured to strict quality requirements. These are important given that the devices are used in the healthcare industry and pharma industry with the end users being humans. ISO 13485 MDSAP will still require organizations to implement ISO 1385 as the underlying quality management system. We must note that MDSAP is only an audit approach and not a system in itself. However, to gain the benefits of ISO 13485 MDSAP companies will need to get audited to both requirements and receive a certificate of conformity to both the ISO 13485 and regulatory requirements under the MDSAP program.
Organizations need to keep in mind that should they seek to do business in Europe it will require certification to EU requirements as MDSAP does not yet cover the EU requirements such as MDR. Those organizations looking to prepare for ISO 13485 or for an MDSAP audit may consider QMII’s service offerings that are tailored to meet the varying needs of the organization.

Recommended Posts