Canada ends transition period to the Medical Device Single Audit Program (MDSAP)

Updates on the programme provided at Stakeholder Day

The Medical Device Single Audit Program (MDSAP) was developed by the International Medical Device Regulators Forum (IMDRF) to conduct regulatory audits of quality management systems (QMS).  The MDSAP audit is based on 13485:2016 with the applicable regulatory requirements of the participating jurisdictions – Australia, Canada, Japan, Brazil, USA – included as areas of focus. The decision of Health Canada to replace the existing Canadian Medical Devices Conformity Assessment System (CMDCAS) and require an MDSAP audit to maintain Canadian Device Licenses after 31 December 2018 led to a rapid increase in use of the programme. At the end of 2018, over 2,700 manufacturing sites had been audited. 

Health Canada provided an update on progress with the transition at the MDSAP Forum Stakeholder Day held on 5 December 2018. They reported that around 75% of manufacturers have transitioned. In addition, manufacturers were continuing to submit transition information. The actions to be taken were summarised as:

• Manufacturers completing the transition to MDSAP in 2018 submit -
  • a copy of an MDSAP certificate.
• Manufacturers completing the transition to MDSAP in 2019 submit -
  • a CMDCAS certificate valid until 31 December 2018,
  • an ISO 13485 certificate (non-CMDCAS) issued by an MDSAP Auditing Organisation (AO) valid after 1 January 2019,
  • documented evidence of firm arrangements to undergo an initial or recertification MDSAP audit in 2019.
• Manufacturers transitioning to MDSAP during a surveillance audit in 2018 or 2019 submit -
  • a CMDCAS certificate valid until 31 December 2018,
  • an ISO 13485 certificate (non-CMDCAS) issued by an MDSAP AO valid after 1 January 2019,
  • either an MDSAP Surveillance Audit Confirmation Notification completed by an AO or documented evidence that you have made firm arrangements to undergo an MDSAP surveillance audit in 2019.

The Forum provided updates on the development of the programme including the status of AOs under the programme. AOs can be designated as authorized or recognized. Both designated and authorized AOs have undergone their on-site assessment, have corrected any deficiencies, can conduct MDSAP audits and can issue certificates. Authorized AOs may still need to undergo witnessed audits before recognition. Recognized AOs will undergo periodical surveillance witnessed audits.

All the presentations from the forum are available.

Audits conducted to MDSAP use a process approach, based on a foundation of risk management, to move through management controls, measurement, analysis and improvement, design and development control and production control. Audits follow this closely prescribed process of defined tasks that the auditors have to perform. The audit includes the application of purchasing control in each of these elements. Understanding this process and sequence that will be followed is important in being able to prepare for your audit effectively. There is additional material on the BSI website that can help you implement your transition to MDSAP.