- Guru Difference
- Customer Experience
There’s a phrase that the FDA states in their policies around CAPA, which elicits a few questions. That phrase is “quality data source.”If you’ve been through the CAPA process (and most medical device companies have), then you will have discovered how involved it is and how extensively you need to investigate and report on issues. Throw in the term “quality data source” and many people think they know what that means, but you may be surprised at the true answer.
Let’s explore. What is a “quality data source” and what should your company be doing in practice?
We know what it sounds like and this is where confusion often lies. If you’re thinking that “quality data source” must be a comment on the integrity of your data, then this is not what they’re getting at here.
It’s actually much simpler…
A quality data source describes any part of your overall quality system, where you gleaned your data. So, it’s about the data yielded by your quality system and its processes, not the quality of the data (although we hope it is good!).
So, for example, anything along the lines of non-conformances in the manufacturing process, audit issues, complaints or production inspection data can be quality data sources. FDA is referring to your quality controls.
That being said, you need to manage this quality data wisely, so let’s look at a few tips for preserving the integrity of your quality system data.
When we’re talking about the data that feeds into your documentation and decision-making, a holistic approach can save a lot of headaches and unnecessary doubling up on the paperwork.
Think of your quality system as a whole - it should be an integrated set of processes that work for the company, rather than serving as checkbox items on your list entitled “things we should do for audit.”
You have a number of processes that feed into this system and help to create the “big picture.” For example, you’ve got risk management, design controls, inspections and supplier management. Each has some sort of documentation or record that your company creates as a result of following the process. These documents become part of the overall quality records you maintain.
Of course, it can be challenging maintaining records for different processes and keeping good oversight. There are still a number of companies who use paper records or systems, such as Excel sheets, that require manual updating and careful monitoring to ensure they’re correct.
Choose a system that works for you. Sometimes, especially while a company is still young, those manual methods work just fine. Our overall recommendation is just to keep things as simple as you possibly can.
That might mean centralizing everything on an electronic QMS or simply having a very good system for ensuring that records are regularly updated. Gathering all of the data that you need to view can be a big deal, so use simple charts and procedures.
Unfortunately, medical device companies often do a poor job of monitoring those key events that pop up within your quality systems. There’s a requirement to complete a management review at least annually, but we’d go as far as to suggest this should be done twice each year to ensure all issues are kept in check. The management review is the process where all information from your QMS goes to the management team for review.
How are these reviews made up? You’ll hear them termed in a couple of different ways, perhaps a "management review board (MRB)" or "quality review board (QRB)". Our preference is that these boards (whatever you prefer to call them) are made up of a good cross-functional team, representing key aspects of your business. For example, you might have quality, regulatory, manufacturing and engineering included on the MRB team. This helps to provide a balanced view across the organization.
Your MRB team should meet regularly in between management reviews to go over any issues. The goal should be to demonstrate that your QMS is not just a “because we have to” checkbox item, but a way of life, “how we do things around here” for your company and that the way you are doing things is effective. The point is that your company should actually be using the QMS processes to make safer medical devices. That’s really the bottom line of why they exist in the first place.
You’ll find that by doing this, the announcement of an audit or inspection doesn’t have to bring about panic or dread. Your management reviews and internal audits should be evaluating your processes so that FDA audits or ISO inspections go smoothly. You should be recording these by keeping the records of the quality data reviewed and any decisions made to improve.
CAPA is to address big, systemic issues. If you’re monitoring all of these data sources, an event happening one time doesn’t mean that you have to go straight to CAPA, not unless it’s something big, such as having the potential to cause injury.
As part of your MRB meetings, it’s a good idea to decide upon and track KPIs (key performance indicators) for your data sources regularly. The KPIs should be in-line with your Quality Objectives which are in place to meet your quality policy. Put procedures in place with metrics for any non-conformances, perhaps including trigger points that set off a CAPA procedure.
This is about ensuring specifications are being met. Document observations and decide what your course of action is. You could manage an issue as a non-conformance; however, if it happens repeatedly, it may be an indication that something is out of whack with your process, leading to a CAPA investigation.
We regularly cover topics related to the various processes, systems and tips that medical device companies should know when it comes to quality management systems. Where are you getting your quality data from? Check out articles on these different topics:
So, having cleared that up, “quality data source” is just “the data from your quality system” rather than a statement about the integrity of the data you are using.
If you look at your quality management system, it is made up of several inter-connected processes, which contribute to the data that you need to make decisions. Companies often stumble and miss or mismanage issues when there isn’t a holistic view of the QMS.
We suggest that management reviews should occur more than once per year. Not only that, MRBs should meet regularly in between reviews in order to keep tabs on issues and monitor whether set processes are working as they should be.
Any issues that are detected do not necessarily need to be treated as a CAPA - that is reserved for systemic problems or issues that are severe. Document your evidence and decisions while managing issues appropriately for the situation - this will be your “proof” of following procedures for any inspections.
Still using a manual or paper-based approach to manage your quality processes, design controls or risk management? Click here to learn more about how Greenlight Guru's modern eQMS software platform exclusively for medical device companies is helping device makers all over the globe in more than 50 countries get safer products to market faster with less risk while ensuring regulatory compliance.
Jon is the founder of Greenlight Guru (the leading cloud-based platform purpose-built for MedTech companies) and a medical device guru with over 20 years of industry experience. Jon knows the best medical device companies in the world use quality as an accelerator. That's why he created Greenlight Guru to help...