*This post was updated in April 2020 to reflect the postponement of the EU MDR deadline.
The EU MDR deadline has been extended to May 26, 2021, but you’ve probably been working overtime to make sure your medical device meets the new compliance standards. But what happens if you don’t meet the requirements? It’s something we don’t want to think about, but it could be the reality if you don’t take the proper steps to ensure your product is MDR-compliant.
This week, we spoke with an MDR notified body (NB) auditor to find out what exactly happens if you fail an audit.
What Does the Notified Body Workflow Look Like?
According to the notified body auditor we spoke to, NBs are required to follow ISO 17021 standard for MDR, and they will all create a quality management system (QMS) that follows this specific standard. However, the tools they use and how they go about performing the audit are completely up to them. All NBs have their own processes and systems that differ depending on factors such as the class and specific product they are reviewing. This is not a new revelation, as NBs are required to meet other ISO standards. However, the way they implement the standards for their organization is at their discretion.
For example, take a look at one NBs procedure for MDR: Tüv Süd’s MDR Conformity Assessment Procedure.
We recommend communicating with your NB to make sure you know the process and what to expect in your unique situation.
Why Do Audits Fail?
An MDR audit is usually part of a bigger process known as a “Conformity Assessment”. This is the process that manufacturers go through to receive their CE certificate. For EU MDR, one of the most significant things auditors are looking for is transparency in the clinical evaluation report (CER). Some of the biggest reasons why CER audits fail are related to literature review, such as:
- Incomplete search strategy
- Incomplete audit trail
- Ad hoc processes
- Data integrity
Manufacturers must develop their own QMS process to ensure these standards are met since notified bodies are required to perform “unannounced” audits, they could happen at any time.
What are the Consequences of Failing an Audit?
According to the notified body we spoke to, the consequences for failing an audit can range depending on the product itself and the severity of noncompliance. However, some of the consequences could include fines, or, in the worst case, the removal of your CE certificate, which would result in the product’s removal from the market. However, the auditor informed us that in most cases, they would go back two or three times before making a final decision on not certifying or canceling a certification.
Food for thought: Notified bodies are paid to perform evaluations. If the audit goes well with a positive outcome, a certificate will be issued. However, if the outcome is failure and no certificate is issued, the notified body has still fulfilled their requirements to the manufacturer.
How to Handle a Failed Audit
A failed audit may feel like a catastrophe, but you can make it right. According to one NB auditor, the only way to rectify a failed audit is to start the process over again from scratch. However, you must reassess your processes and do your homework before you reapply; otherwise you can expect similar results.
How Systematic Literature Review Software Can Help Get You Back on Track
The main case for using specialized literature review software for your MDR CER submission is the transparency and traceability that software offers. Unlike using a spreadsheet for your review, software enables collaboration with version control and a full audit trail. Additionally, systematic review software will help automate some manual processes, ensuring your CER literature review is completed with efficiency--a critical feature as we approach May 2021.
Systematic literature review software is an essential tool for medical device manufacturers going into the EU MDR.