Hi Dan,
I agree that the new standard, by pulling in more activity that was classically "Regulatory" further blurs an already blurry line. That said, I think it already was, to some extent as no matter how long I am in quality, I believe the functional "owners" own the quality and compliance of their areas. Thus, I currently run R&D, and I believe I, not the Quality or Regulatory departments, own design controls, DFMEAs and other design based risk activity etc. (and I say this having previously run RA/QA - when I believed the same thing). The role of QA is verifying that what we come up with does indeed meet the requirements in the standards/regs.
From your list, I generally split as below, but I have seen many of these flipped....(and, in the interest of complete disclosure, at one point in my career I ran RA but staged a coup and took over much of this because our Quality department was not being at all effective at them)
A strategy for regulatory compliance -
Regulatory - though that assumes this is not "Quality Compliance" but much broader "Regulatory Compliance"Addressing the applicable general safety and performance requirements (think Annex I) -
Regulatory & R&DResponsibility of the management -
Executive team - as executives, we don't get to delegate this - though I would tie Quality into making sure audits and Management Reviews happen with appropriate contentResource management, including selection and control of suppliers and sub-contractors -
Quality (though Supply Chain and HR should won large sections of this)Risk management -
Quality (overall connectivity of assessments) - R&D/Manufacturing (FMEAs and other product level documents)Clinical evaluation (MDR) or performance evaluation (IVDR) -
Medical/Clinical (but if not possible, RA tends to be more comfortable with this type of writing)Product realization -
R&D/EngineeringImplementing UDI -
Quality (though I know a lot of people place in RA)Managing the post-market surveillance system
Either - depends on where skills are in given orgHandling communication with competent authorities, notified bodies, other economic operators, customers, or other stakeholders
Varies - RA for regulators and preferably NBs (reg folks get hired for writing skills); customers might be legal, customer service etc. Other stakeholders depends on who - Board of Directors should be RA/QA exec or President/CEOReporting serious incidents and field safety corrective actions
always seen Quality Compliance but I think could fit in RA and bigger orgs often have completely separate department under Medical AffairsManaging corrective and preventive actions and verifying their effectiveness
Quality (ones typically trained in RCA and other techniques that make CAPA work)Processes for monitoring and measuring output, data analysis, and product improvement
Quality
g-------------------------------
Ginger Glaser RAC
Vice-President, Quality and Regulatory Affairs
Maplewood MN
United States
------------------------------
Original Message:
Sent: 03-Jul-2017 15:07
From: Dan O'Leary
Subject: Quality or Regulatory in the EU Regulations
The EU-MDR and EU-IVDR, Article 10 requires the manufacturer to implement a Quality Management System and lists some areas the QMS needs to cover. It appears that the scope is larger than ISO 13485:2016. Some colleagues have suggested that this will blur the traditional distinction between quality and regulatory. I don't know where to the draw the line, because my background is quality, often in small companies, that may not have separated them well.
The regulations, in Article 10, enumerate the minimum aspects of the QMS. I've paraphrased them below. My question is which, if any, people would consider "regulatory" and not "quality". I would also be interested on thoughts about "blurring the line".
A strategy for regulatory compliance
Addressing the applicable general safety and performance requirements (think Annex I)
Responsibility of the management
Resource management, including selection and control of suppliers and sub-contractors
Risk management
Clinical evaluation (MDR) or performance evaluation (IVDR)
Product realization
Implementing UDI
Managing the post-market surveillance system
Handling communication with competent authorities, notified bodies, other economic operators, customers, or other stakeholders
Reporting serious incidents and field safety corrective actions
Managing corrective and preventive actions and verifying their effectiveness
Processes for monitoring and measuring output, data analysis, and product improvement
------------------------------
Dan O'Leary
Swanzey NH
United States
------------------------------