Essential Steps for Bulletproof Supplier Controls
Who’s in the driver’s seat of your medical device supply chain? You? The FDA? Other regulatory authorities? Industry executives are bending over backwards to meet strict regulatory, safety, and quality system requirements, to navigate ever changing submissions processes and to avoid landing a warning letter from the FDA or handed critical observations from other Regulators. But smart companies understand that compliance runs
parallel to their own strategies—socially and financially.
First, better patient outcomes are mission critical. Healthcare is a business of discovery and advancement—with responsible oversight, it can only move forward.
Second, producing safe and effective medical devices also makes good business sense. When your products perform well, you can avoid expensive recalls and redesigns, while growing credibility in the marketplace.
So here are five essential steps to achieving better supplier controls—for the mutual benefit of patients, practitioners, and everyone you employ:
1. Establish supplier controls during design by creating product and service quality requirements. Did you know that federal code 21 CFR Part 820.30 includes 10 subsections on medical device design controls? It’s important to define quality right from the outset.
Establish clear and unambiguous specifications for the product. Evaluate risks and identify any outsourced services that will be needed. Technically qualify any potential tier 1 suppliers during design verification and/or design validation.
Any supplier that supplies a product or service that can directly affect product quality in a way that would render the medical device inoperable or cause it to malfunction in the field should be part of this "tier 1" group of suppliers.
Additionally, high risk suppliers (single source suppliers, financially volital suppliers, etc.) should also be included in this tier.
2. Outline consistent procedures for supplier controls such as qualifying, monitoring, maintaining, and disengaging with suppliers. Managing suppliers of purchased or otherwise received products and services will require varying SOPs for partners with different levels of responsibility.
Track them all by using a tier system. Clearly define “tiers” of suppliers, with the top tier being those suppliers considered “highest risk” suppliers. Be sure to include consultants and contractors as a specifically defined tier.
Define specific qualification and re-qualification criteria for each supplier tier defined above. Be cautious of solely using a paper review process for the upper tiers of suppliers. Onsite audits are often necessary regardless of what other registrations or credentials the supplier may have. Define standardized monitoring metrics and mechanisms that will be used to inspect, test or otherwise collect the metrics.
Don’t forget to define who, what, when, and where these metrics will be regularly reviewed. Establish action limits around the metrics and set specific actions based on the results. This is where the procedure should connect to the other appropriate parts of the quality system.
Establish criteria for disengaging with suppliers and define a process to be followed when switching suppliers.
3. Establish an approved annual supplier audit schedule.
According to current good manufacturing practice (CGMP), “quality audit” means a systematic, independent examination of a manufacturer’s quality system that is performed at defined intervals and at sufficient frequency.
The schedule should include audit slots for the qualification of new suppliers and re-qualification and monitoring of existing suppliers. Ensure that supplier audits are conducted according to the established schedule. Any changes to the schedule should contain a rationale for changing the schedule and should be re-approved.
4. Implement internal supplier controls for each supplier based on your supplier tier structure and the actual results for that supplier’s qualification process.
Post-qualification, be prepared to closely monitor each supplier’s performance over time and to take swift action when their performance is marginal or unsatisfactory.
Evaluate the ability of chosen suppliers to successfully fulfill established product and/or service requirements.
Establish clear and unambiguous receiving inspection criteria based on the results of the supplier qualification process.
Establish goals for the supplier according to the established metrics that will be collected.
Collect, document, and act on the ongoing performance of the supplier according to the controls established.
5. Feed supplier control data and rolled-up metrics to other sub-systems within the quality system for continuous improvement.
Inadequate CAPA procedures are responsible for a significant percentage of FDA warning letters and citations. Be ready to implement supplier corrective and preventative actions when necessary.
Feed individual supplier performance data requiring corrective actions into the overall CAPA system or a feeder CAPA process, according to your company’s procedures.
Feed rolled-up metrics into management review for overall performance of suppliers.
Even with a five-step plan, the regulatory maze can seem overwhelming. If you have questions about audits and assessments, design control deliverables, or other compliance challenges, let MBCA help you find answers.
Contact us for a free consultation today.