Let’s be very clear, when talking about MDSAP, we are talking about a very small number of CABs, who are both operating as European Notified Bodies, and CMDCAS registrars.
However, that doesn’t qualify them to issue ISO 13485 certificates that comply with the European Law on Accreditation. MDSAP does not cover CE marking, but you can get all these things combined CE +MDSAP because these are super-CABs doing super-scoped audits. But still the ISO 13485 cert won’t be recognized in Europe, MDSAP violates the European Regulation on Accreditation, and CE marking itself, doesn’t follow international norms for accreditation either.
CE certification is actually a product certification that relies on a Notifying Authority (a regulatory authority designated by the European Commission). No Regulatory Authority can provide accreditation. With the exception of SWEDAC in Sweden, which is both an Accreditation Body and also the Notifying Authority for all three European Medical Device Directives?
International Accreditation requires full use of the ISO 17011 by Accreditation Bodies that apply the IAF Mandatory Documents for operating Accreditation activities (accrediting testing labs to ISO 17025, accrediting CABs to ISO 17021 and accrediting organizations that certify personnel ISO 17024). Now that the IAF is adding special “subscopes” for Medical Device QMS ISO 13485, Food Safety QMS ISO 22000 and Information Security ISO 27001, IAF has added special IAF Mandatory Documents (e.g. IAF MD8, MD9) etc to detail the additional requirements for ABs and CABs to support these certifications.
I think it’s important to state that Protection of the Public, whether from medical devices, unsafe food, or patient information (information security) the IAF is the only organization with the capacity to manage accredited certificates to the full extent we need them. They manage more than 1.6 million accredited certificates worldwide. In fact, whether or not MDSAP ever becomes a legal requirement somewhere, ISO 13485 and ISO 9001 underpin everyone’s certs.
Benefits of MDSAP
The manufacturers that would truly benefit from MDSAP, will be those trying to avoid the frequent visits by the FDA (which are typically multinational) and/or those that are making Brazilian Risk Class 3 medical devices, who are hampered by BGMP inspections that are so backlogged, it is causing millions in lost sales (again, something I hear from multinationals that want MDSAP). Even those people however, are uncomfortable with the sharing of their audit information with the IMDRF members and other regulators. So if you gain Brazil, but fail the FDA QSR significantly, well… you get the idea. There are some very strong supporters from industry for MDSAP, but I have never seen one from a small or medium size company.
I already explained why my own logic questions why smaller companies would sign up, since its voluntary. I learned of a US Company that just dumped Canada. Yes, they were small, likely never see FDA inspectors, but also likely sell relatively low risk devices. Small companies are fickle, but they make up the majority, everywhere, except at the discussion tables (can’t afford the plane ticket, and they don’t react to anything that doesn’t hit them first). This is the reality that we have to contend with.
And just to let you know, those small manufacturers overseas, they don't want any third party program, at all. They operate a lot more loosely, under local regulators that react to problems, and have few resources to keep up with GMP inspections. So the regulators all want help, but they all need to make sure that devices are available to support the healthcare system. Many have IAF member accreditation bodies, and wouldn't know how, or have any experience accrediting a CABs to do ISO 13485 audits. This was found to be a very big problem in Europe. Regulators are generally not very good as accreditation assessors and they are inconsistent since the regulators are not governed by anything like an ISO 17011 standard, which would help, if they had the resources to implement that kind of structure.
