You are on page 1of 16

Biomedical

Auditing
The Biomedical Auditor works with medical devices, including in vitro
diagnostics and biologics that are regulated as medical devices. The
biomedical auditor's principal function is to accurately and objectively report
to management on the effectiveness of business processes to achieve
business objectives, including compliance with regulatory requirements.

As an auditor in an industry
regulated by FDA, you have a
very important responsibility
for the overall quality of the
goods your company produces!

That’s some pretty big shoes to fill!


21 CFR 820 Quality System Regulation
(Current Good Manufacturing Practice)

Sec. 820.22 Quality audit


“Each manufacturer shall establish procedures for quality audits and conduct such
audits to assure that the quality system is in compliance with the established quality
system requirements and to determine the effectiveness of the quality system.”

Failure of firms to comply with cGMP


Regulations can result in very serious
consequences including warning letters (483s ), recall, seizure,
fines, and jail time!
Some of the Regulations Governing the
Medical Device Industry

-Quality System Inspection Techniques (QSIT)


-ISO 13485:2003
-Global Harmonization Task Force (GHTF)
-Canadian Medical Device regulations
-Medical Device Directive (MDD) (93/42/EEC)
-Medical Device Reporting (MDR) (21CFR803)
-MDUFMA
-Misbranding (352)
-Labeling (201 & 801)
-Vigilance (MEDDEV 2.12)
-Risk Management (ISO 14971:2007)
-Packaging (ISO 11607)
-Environmental (ISO 19011)
-Sterilization Methods (AAMI)
-Internal SOP’s
With so many regulations out there…… where do you start?
An audit consists of three basic,
distinct, sequential steps:

 Pre-Audit Preparation and Planning


 Conducting the Audit
 Creating the Audit Report/Closure
Pre-Audit Preparation and Planning
*Define the purpose of the audit …….Why you are conducting this audit?

*Define the scope of the audit …… What exactly will you be looking at?

*Inform the auditee of the impending audit as well as the areas that you will be
covering and items you will need to see.

*Assemble the audit team utilizing qualified and trained personnel.


( Subject Matter Experts are always a good addition to the team but must not
have responsibility for the area to be audited.)

*Identify and review all applicable regulations, ISO, QSR, AAMI, etc., Internal
Standard Operating Procedures, and any other documents used in the operation.

*Create an audit checklist

*Conduct an opening meeting with individuals responsible for the area , and
anyone else you feel could be affected by this audit.
You need to reference which standards and internal
documents apply to the audit………
Regulations and Standards
*21 CFR Part 11 Electronic Records/ Signatures
*21 CFR Part 50 Protection of Human Subjects
*21 CFR Part 54 Financial Disclosure by Clinical Investigators
*21 CFR Part 56 Institutional Review Boards
*21 CFR Part 58 Good Laboratory Practice for Non Clinical Studies (See appendix A)
*21 CFR Part 812 Investigational Device Exemptions
*21 CFR Part 820- Quality System Regulation
*ISO 14971 Medical Devices, Risk Management System
*ISO 13485:2003 Medical Devices - Quality Management Systems
*ISO 14155-1:2003 Clinical Investigation of medical devices for human subjects General Requirements
*ISO 14155-2:2003 Clinical Investigation of medical devices for human subjects Clinical Investigation Plans
*Guideline for Good Clinical Practice – ICH
*Declaration of Helsinki
*HIPAA

Internal Documents
7000-XXX Rev 00 QUALITY SYSTEM MANUAL
7000-XXX Rev 00 REQUIREMENTS FOR XXXXXXX SPONSORED CLINICAL TRIALS
7000-XXX Rev 00 MEDICAL SERVICES DEPARTMENT
7000-XXX Rev 00 SITE INITIATION VISITS
7000-XXX Rev 00 STUDY SITE CLOSE-OUT VISITS
7000-XXX Rev 00 FINANCIAL DISCLOSURES
7000-XXX Rev 00 SPONSOR STUDY FILES CONTENTS
7000-XXX Rev 00 DEVICE ACCOUNTABILITY
7000-XXX Rev 00 PATIENT INFORMED CONSENT FORMS
7000-XXX Rev 00 STUDY SITE MONITORING VISIT
7000-XXX Rev 00 QUALIFICATIONS OF INVESTIGATORS AND SITES TO CONDUCT RESEARCH
7000-XXX Rev 00 SAS SOFTWARE USE, MAINTENANCE, AND VALIDATION
Put your list of questions together….
ISO 14155-1:2003 (5.3), (6.7.3f) /21 CFR Part (50.25) / ICH (4.8.10) / 7000-XXXX
1.How do you ensure patients are duly informed of risks, benefits, etc. of trial
participation?

ISO 14155-1:2003(6.5) / ICH (2.11) / HIPAA


2.How do you prevent unauthorized access to confidential patient data?

ISO 14155-1:2003(6.1) (8.2) (10.2)/ 21 CFR (812.43(a) ,(820.50(a) / SOP 7000-XXXX/ SOP D00XXX
3.How do you ensure investigators, research personnel, and sites have the
necessary qualifications to conduct research?

Etc….Etc…..

Be sure to reference the standards that led you to ask the


question!
Conducting the Audit…….
*Rule #1 : Always be courteous and professional!

*In addition to using your checklist, take DETAILED notes! There WILL be things
that you won’t remember as vividly as you think!

*Let the auditee know that note taking helps you do your job and doesn’t automatically
mean there is a problem. Explain that the audit is a way to help them work out any issues
or problems in their area.

* Notified bodies (FDA ,TUV,etc.) are not allowed to review the results of internal audits,
only proof that audits are being conducted.

*Ask for several examples of relevant documents…..verify and make copies if possible!
Never take anyone's “word for it”………..You must collect OBJECTIVE EVIDENCE!

*Use your checklist as a guide , and be sure to follow audit trails when needed.
Creating the Audit Report:
*Remember : Auditors are looking for both compliant and non compliant
activities!

*Auditors should always include positive things in their report, such as


“Operators were very knowledgeable”……. “area was well organized”…… “procedures
were all up to date”

Major Finding: A significant observation of a condition or issue that could indirectly


have an impact on the quality of the product or be cited on a list of findings during a
FDA inspection.

Minor Finding: An observation of a failure to follow cGMPs that has no potential,


direct, or indirect impact to the product.

Observation: An issue that does not rise to the level of a major or minor finding as
described above. Usually observations are made for issues that are not clearly GMP
deviations, to recommend a better way to accomplish a task, or simply a statement of
findings.
Conduct the Closing Meeting……

Invite managers of each area that was audited, as well as all


parties that will be responsible for closing any findings.

Review all findings and observations.


Biomedical Auditing is not….
• To place blame or point
fingers!

• To get people in trouble.

• Used as a basis for


performance reviews!

• A “Catch all” to ensure


compliance.
And although its not quite THIS exciting….

Auditing can be very rewarding and always proves to be a great learning


experience.
To learn more about
Biomedical Auditing visit

www.asq.org