Corrective and Preventive Action (CAPA) routinely tops the list of most-cited inspectional observations year after year, making it a clear target for investigators. When problems are found in your CAPA program, it can open your broader QMS up to intense scrutiny.

Continue Reading

In FDA-regulated manufacturing, genuine human errors do occur but they’re cited far more frequently than they probably should be.

In truth, most problems that appear to be caused by human error — especially those that occur multiple times — are actually rooted in processes or systems that when left unchanged, will keep producing the problem despite the convenient band-aids often placed over them.

When human error is identified more frequently than it should be expected to happen, it signals to investigators that problems aren’t being internally investigated thoroughly enough. This can quickly shift the investigator into problem-hunting mode and open your quality management system up to even greater scrutiny.

Continue Reading

Given the numerous inspectional observations citing insufficient established CAPA procedures, it’s worth revisiting what regulators expect to see from your CAPA process.

In a 2014 presentation, FDA’s Joseph Tartal described the basics of effective corrective and preventive action—a resource every company should use to evaluate against their own processes. Among many important points, one stands out as particularly useful when for ensuring FDA CAPA compliance:

“Manufacturers should consider that their corrective action and preventive action documentation can demonstrate to FDA that the manufacturer’s quality system is effective and enables the manufacturer to identify problems quickly and implement effective corrective and preventive actions (or not).”

Continue Reading

To improve medical device safety, the HHS Office of the Inspector General (OIG) is recommending that the FDA better integrate cybersecurity criteria into its premarket review process for medical devices.

In its September, 10th report, OIG advised the FDA make three specific improvements related to cybersecurity, all of which the agency says it is currently working to adopt:

  1. Include cybersecurity documentation as a criterion in its Refuse-to-Accept (RTA) checklist.

  2. Use presubmission meetings with manufacturers to address cybersecurity-related questions.

  3. Add cybersecurity questions to its 'Smart' template, which guides FDA's review of medical device submissions.

We've summarized the details of each of these changes to the premarket review process along with general preparation advice for affected device manufacturers.

Continue Reading

The Eight Disciplines (8D) model is a problem-solving methodology used primarily within the automotive industry to identify root causes, correct them in the short term and prevent them in the long term.

Given its reputation for reliability in the automotive space, it's no surprise the method has been embraced by engineers in other industries tasked with solving similar types of problems. Drug and device manufacturing is one such space where 8D seems like a fit, particularly within corrective and preventive action (CAPA) programs.

But despite its success, the 8D model presents a serious compliance problem under both FDA and global ISO regulations––one that regulators are seizing on as evident by the top-cited inspectional observation within the device space since 2010: "Procedures for corrective and preventive action have not been [adequately] established."

Continue Reading