Medical Device Non Conformances
How to manage NCRs for EU MDR
Non-conformances (NCs) and non-conformance reports (NCRs) are important for medical device manufacturers to understand and manage correctly. They can endanger your CE marking status, lead to higher costs, penalties from authorities, and potential device recalls. Because non-conformances negatively impact your QMS, it can lead to patient safety concerns and impact on quality of care.
It is critical for manufacturers to understand how non-conformances can be identified and managed to prevent faulty devices. They should also view this as a continuous improvement initiative. Manufacturers can limit disruptions every time a problem is found, and leverage on insights to continuously improve by establishing procedures. This is why non-conformance handling and reporting is so important.
What are non conformances?
In the context of the EU MDR, a non-conformance refers to a situation where a medical device, process, or quality management system does not meet the requirements outlined in the regulation (ISO 13485) and the organisation’s aligned procedures. Non-conformances can occur during various stages of the medical device lifecycle, including design, manufacturing, post-market surveillance, or quality management.
Some examples of non-conformances related to EU MDR include:
Design Non-Conformance:
- The design of a medical device does not meet the specified requirements outlined in the EU MDR. Such as essential requirements for safety and performance.
Manufacturing Non-Conformance:
- Manufacturing processes, materials, or components deviate from the approved specifications or standards defined in the EU MDR.
Labelling and Packaging Non-Conformance:
- The labelling or packaging of a medical device does not comply with the labelling and packaging requirements as outlined in the EU MDR.
Post-Market Surveillance Non-Conformance:
- Failure to report adverse events, incidents, or safety issues to the appropriate authorities within the specified timeframe, as required by the EU MDR.
Documentation Non-Conformance:
- Inadequate or incomplete documentation related to the medical device. Such as technical documentation, clinical evaluation, risk management, or post-market surveillance reports.
Quality Management System (QMS) Non-Conformance:
- Deviations from the requirements of the QMS, such as ineffective CAPA processes, inadequate record-keeping, or lack of adherence to established procedures and policies.
When a non-conformance is identified, it’s important that appropriate corrective and preventive actions (CAPA) are taken. These must rectify the issue, prevent recurrence, and ensure compliance with EU MDR requirements. Addressing non-conformances promptly and effectively is crucial. This maintains product quality, ensures patient safety, and achieves regulatory compliance in the EU market.
What is CAPA?
CAPA stands for Corrective Action and Preventive Action. It’s a systematic approach that organizations use to identify, investigate, and address issues or non-conformities within their processes, products, or services. The goal of CAPA is to both correct problems and implement measures to prevent them from happening again in the future. CAPA is made up of two components:
Corrective Action (CA): Corrective Action addresses existing problems, non-conformities, or deviations identified. It involves immediate or short-term actions to rectify the issue, mitigate any negative impacts, and prevent recurrence.
Preventive Action (PA): Preventive Action aims to identify and eliminate potential causes of problems or non-conformities before they occur. It’s a proactive approach to prevent similar issues from arising in the future.
The CAPA process typically involves the following steps:
- Identification and Reporting: Identifying the problem, non-conformity, or deviation, and reporting it through appropriate channels.
- Investigation and Analysis: Conducting a thorough investigation to determine the root cause of the issue. Analysing the data to understand contributing factors.
- Action Plan Development: Developing a corrective action plan to address the immediate issue. Then a preventive action plan to mitigate future occurrences.
- Implementation: Implementing the corrective actions and preventive actions according to the action plans.
- Verification: Verifying that the actions taken have effectively addressed the issues and prevented recurrence.
- Monitoring and Review: Monitoring the implemented changes to ensure they are sustained. Reviewing the effectiveness of the corrective and preventive actions over time.
The CAPA process is used to ensure quality, compliance, and continuous improvement.
Identifying the root cause of a non-conformance is a crucial step in the corrective and preventive action (CAPA) process. Understanding the underlying factors that led to the non-conformance helps manufacturers implement effective corrective actions to address the immediate issue and preventive actions to prevent similar occurrences in the future.
What methodology can you use for non conformances?
Sigma methodology incorporates various tools and techniques to improve processes and identify root causes of issues effectively. This is a data-driven approach to process improvement and consists of the following steps (known as DMAIC):
- Define: Identify the problem and the goals of the improvement project.
- Measure: Gather data on the process to understand how it is currently performing.
- Analyse: Analyse the data to identify the root cause of the problem.
- Improve: Develop and implement solutions to address the root cause and improve the process.
- Control: Put measures in place to ensure the process remains improved over time.
For example, as part of the ‘analyse phase’ root cause analysis is used. Root cause analysis aims to dig deeper beyond the surface symptoms to find the fundamental reason for the non-conformance.
There are several techniques that can be used for root cause analysis, such as:
- 5 Whys: Ask “why” repeatedly. Drill down into the successive layers of cause and effect until reaching the fundamental reason.
- Fishbone Diagram (Ishikawa or Cause and Effect Diagram): Identify potential causes categorised into different factors. Such as people, process, equipment, materials, environment, and management.
- Fault Tree Analysis: Map out all possible events or conditions that could lead to non-conformance. Identify the combination of events that resulted in the issue.
- Failure Mode and Effects Analysis (FMEA): Evaluate potential failure modes and their causes, effects, and severity. Prioritise corrective and preventive actions.
By systematically identifying and addressing the root causes of non-conformances, manufacturers can enhance their processes, reduce risks, and improve quality and compliance.
Internal and External audits
Internal and external audits are important processes that manufacturers should undergo to assess and evaluate their operations, financial records, processes, and compliance with all applicable standards, laws, and regulations. These audits help ensure that activities are conducted efficiently, effectively, and in compliance with established guidelines and requirements.
Internal Audits:
- Purpose: The organisation itself conducts internal audits. The purpose is to assess the effectiveness of internal controls, risk management, and operational processes.
- Scope: Internal audits can cover a wide range of areas within the organisation. Including financial records, operational processes, compliance with policies and procedures, IT systems, and more.
- Frequency: Conducted regularly, often annually or quarterly, based on a predetermined audit plan.
- Conducting the Audit: a dedicated internal audit team usually conducts internal audits within the organisation. This team remains independent and impartial, reporting to senior management or the board of directors.
- Outcomes and Action Items: Internal audits produce findings, recommendations, and action items to improve processes and controls. Management typically addresses these findings to enhance the organisation’s efficiency and effectiveness.
External Audits:
- Purpose: Governmental organisations or independent audit firms conduct external audits. They assess the accuracy and reliability of an organisation’s financial statements and compliance with applicable laws and regulations.
- Scope: External audits primarily focus on financial records and statements to ensure they accurately reflect the organisation’s financial position and operations.
- Frequency: Conducted annually, as required by regulatory or statutory requirements.
- Conducting the Audit: Certified public accountants (CPAs) conduct external audits or audit firms external to the organisation. They examine the financial records and supporting documentation to express an opinion on the financial statements’ accuracy and compliance.
- Outcomes and Action Items: The external audit results in an audit opinion, which can be unqualified (clean opinion), qualified, adverse, or a disclaimer. The organisation must address any issues or discrepancies found during the audit. This often results in adjustments to financial statements or improvements in internal controls.
Both internal and external audits are critical for ensuring transparency, accuracy, and compliance within an organisation. Internal audits help the organisation improve its processes and controls. External audits provide assurance to stakeholders regarding the accuracy and reliability of financial statements and compliance with relevant regulations.C
Clin-r+ recommendations
The NCR process is a vital part of any Quality Management System. A robust system to control the non-conformity handling process will significantly benefit your management system and business. This should include setting up your Non-conformity Handling Procedure and other relevant SOPs.
Manufacturers need to consider factors such as:
- How to implement it in the entire process in the business
- How deeply employees are aware of it
- How the Correction Action and Preventive Action Procedure supports it
Set up your non-conformity procedure and process, which serves as a guide for your team to implement best practices for:
- Identification of non-conformities.
- Root cause analysis.
- Determination of appropriate changes whenever a non-conformity occurs.
- Ensuring effectiveness and improvement of your quality management systems.
- Compliance with various ISO standard’s non-conformity requirements.
- Ensuring that the processes are well documented.
Address any non-conformities arising from internal or external audits on applicable ISO standards. Use the lessons learned from addressing the non-conformance to continuously improve processes, procedures, and the overall quality management system. By following a systematic approach, organizations can effectively rectify non-conformances, minimize their impact, and work towards a culture of continuous improvement and compliance.
Should you need any assistance to conduct internal audits or help in closing NCRs from your Notified Body Audit needing professional assistance, CLIN-r+ has a wealth of experience to call upon. Get in touch!