Over the past several months, we’ve been discussing at a high level, the upcoming changes for manufacturers considering the introduction of the Medical Device Regulations (MDR), along with the implementation of the ISO 13485:2016 and MDSAP. In this article, we’ll discuss more specifically section 8.2.2 Complaint Handling requirements under the 2016 revision of the standard which has a 3 year transition.
For manufacturers who are supplying to the US market under the FDA, there will already be some level of recognition with these requirements, which exist under Section 820.198 Complaint files. For manufacturers who are yet to supply to the global market and are looking to introduce their company to the new standard, the updates are more specific than has been seen in the past (at least until the introduction of the MDR).
Under the 2016 revision of 13485, the requirements stipulate that the manufacturer shall have at a minimum, documented procedures for the timely handling of complaints.
The procedures shall include:
- Receiving and recording of complaints;
- Evaluating the information to determine if the information constitutes a complaint;
- Investigation of the complaint;
- Determine the reportability to the appropriate authorities;
- Handling the associated device/s;
- Determine the need to initiate corrections or corrective actions.
In addition to the above, for any complaints not being investigated, the justification for not investigating shall be documented. Furthermore, correction or corrective action resulting from the complaint shall be documented.
Finally, if the organisation determines that the complaint resulted from actions outside of the control of the organisation, relevant information shall be exchanged.
What does this mean for a manufacturer?
Putting this into context, for every piece of feedback received from a customer (or the like), the manufacturer will need to review the information and determine whether or not this constitutes a complaint. Further to this, the complaint will then need to be investigated and determined whether or not this would need to be reported to the associated regulator. This may result in the need to report to more than 1 regulator, if you consider the location of the complainant and the location of the manufacturer. We also need to consider the locations of distribution as there are some regulators with requirements to report any adverse event for a product supplied to their market regardless of whether the complaint initiated in their country or not. Even now, there are manufacturers using distributors that are not across this requirement.
We’ll also need to look into various handling requirements for the associated product/device. What does this mean? The company will need to determine how to have the devices returned without further damage to ensure an appropriate investigation is conducted. If the manufacturer determines that there is no investigation required, an auditor may need to see your justification for not conducting an investigation (which would most likely need to be concluded by a robust risk management process ie 14971). You may also need to determine how the customer has managed the faulty products ie disposal. Could this mean additional information being included in your Instructions for Use in the future? This all comes down to the auditors own interpretation of the requirements.
All of the above will need to be managed via a strong Document Control Process, which is imperative to any Quality System. On too many occasions we’ve seen companies that have inadvertently skipped over this requirement only to find that at the time of an adverse event or other post market issue, where a regulator asks for more information, only to find that the necessary records cannot be located.
As regulators become more focused on post market requirements for medical device and diagnostic manufacturers, it is becoming difficult for manufacturers to keep up with the resourcing needs and expertise within their own organisations. Not managing any of the above topics right, can you leave you in very difficult conversations with not only 1 regulator, but with many. Regulators talk to each other and are sharing more information around post market activities than ever before!
The biggest changes in both ISO 13485 and the EC Regulation are all about active vigilance. It’s no longer enough to just keep a weather eye on customer complaints. In this new world manufacturers are expected to actively monitor their devices in the market place – including specific expectations for periodic reviews of clinical evidence and active postmarket clinical follow up for higher risk devices.
Like to learn more? Click here to our watch our webinar – “Don’t Close your Eyes: Postmarket Compliance in the world of ISO 13485:2016 and the new European Devices Regulations” as we look at how to stay constantly alert – without losing too much sleep.