Afbeelding met tekst Automatisch gegenereerde beschrijving.
[Audio] Welcome in the training for audit preparation. My name is Jolanda Oorthuizen and I am your trainer but I will let an artificially created voice do the talking for me. You are signed up for this training as have a role within our Quality Management System to fullfill and an audit is coming up. Now let's go to the first slide of the training in which I will first explain what rules apply to medical devices, why we have an audit and what is a Quality Management System..
[Audio] If you already worked at LivAssured in 2022 you might remember the first couple of slides. In Europe we have a law for medical devices to make sure that they are safe and performing well so that patients who need them get better using them instead of getting worse. That law is called the Medical Device Regulation. The Medical Device Regulation devides medical devices in risk classes depending on how dangerous they can be for a patient. The lowest class is class 1. Under this class fall crutches, bandages and wheelchairs. When a wheelchair mallfunctiones you might fall or are not able to transport yourself. The severity of the device mallfunctioning is low and therefore the risk class is low. The highest risk class is class 3. Implantables like a pacemaker, kneeimplants and life sustaining devices like heart lung machines fall in this highest risk class. If these devices mallfunction the chance that the patient dies is high..
[Audio] The higher the risk class the more requirements in the medical device regulation the device needs to fullfill. Manufacturers of class 1 devices can claim compliance themselves. Class 2a and higher need to be audited to the Medical Device Regulation by a so called notified body. If a manufacturer makes a class I device and claims compliance themselves they can place a CE mark on their device, CE stands for Conformité Européenne which in french means compliant to the european rules. If you are audited by a notified body the manufacturer can place a CE mark including the number of the notified body on their device once they receive a certificate stating that the notfied body agrees that the device meets all the requirements..
[Audio] The classification under the M-D-R is determined by the intended purpose of the device which is the use for which a device is intended according to the data supplied by the manufacturer on the label, the instructions for use, pormotional and sales material or statements and as specified by the manufacturer in the clinical evaluation. The classification also depends on the claims for the device. For instance if you claim that the device prevents deaths than the risk classification would be higher. NightWatch plus has a more extensive intended purpose than than of the NightWatch Original namely we now state that the device is intended to perform monitoring via the portal which is will now be part of the device. This places the NightWatch plus in a higher classification, class 2a for which certification by a notified body is required..
[Audio] The Medical Device Regulation requires that the manufacturer works according to a Quality Management System in short QMS. A quality management system is a collection of processes, work instructions and forms aimed on consistently meeting requirements from the law (M-D-R--), standards and business. Standards are the distilled wisdom of people with expertise in their subject matter and who know the needs of the organizations they represent – people such as manufacturers, sellers, buyers, customers, trade associations, users or regulators. There are many standards each addressing their own topic. For instance a standard for electrical safety of medical devices, for cybersecurity and for the safety of toys for children. There is also a standard for Quality Management Systems for medical device manufacturers ISO13485 made by I-S-O the international Organization for Standardization. Standard ISO 13485 is a harmonized standard to the M-D-R--, which means that if you comply to the requirements of the standard you automatically comply to a lot of requirements regarding the Q-M-S for the M-D-R-. We are getting our companies QMS, ISO 13485 and M-D-R certified and the NightWatch plus class 2a certified against the M-D-R-..
[Audio] Let's explain the parts that comprise a Quality Management System. A QMS consists of Processes which include Standard Operating procedures which can include work instructions. A Process is a set of interrelated or interacting activities which transforms inputs into outputs. A process is the high-level description of a large task or series of related tasks. It provides the "big picture" and includes the objectives for employees. A procedure, or standard operating procedure in short S-O-P--, is a detailed and structured series of documented steps or actions that outlines how a specific task or process should be executed within an organization. Multiple standard operating procedures can be part of one process. A procedure answers the questions: "what happens", "in what order", "who does what to whom", and how? A work instruction, is a document with detailed instructions that provides specific guidance and detailed step-by-step instructions on how to perform a particular task or step within a standard operating procedure. A policy is a set of general guidelines or statements of position regarding a given topic. At its core, the purpose of policies is to offer a structured set of principles or rules crafted to guide decision-making and behaviour. Our quality policy for instance provides a framework for all quality activities within the organization and the risk management policy provides guidance for establishing the criteria for risk acceptability..
[Audio] All output from the Quality Management System are records. For instance if the complaint handling procedure states that we collect complaints from customers we should have a record to proof this. If our management review procedure tells that we perform management review twice a year and then create a report we should have 2 management review reports to show during the audit..
[Audio] Each standard operating procedure in our Q-M-S has a so called process owner. The process owner is responsible to manage the execution of the procedure and is responsible for the performance of the procedure. The process owner is responsible to ensure that all employees who fullfill a role in the procedure are trained on the procedure. The process owner explains their procedure to the auditor during the audit. Who the process owner is of a specific procedure can be found in the approval table in the standard operating procedure. On this slide you see the approval table of the standard operating procedure for management review. The approval table of the standard operating procedure for Software Development. The approval table of the standard operating procedure for feedback and complaint handling and the approval table of the standard operating procedure for training and competences. You can see the process owners of these procedures in the yellow circles.
[Audio] Every year an internal audit is held. This picture shows the draft internal audit schedule which sets the schedule for the upcoming 4 years. Each year the schedule is reviewed on if it needs to be adapted. Depending on the risk level a process area is audited yearly for high risk level process area's, once every 2 years for medium risk level process area's or once every 3 years for low risk process levels. The initial internal audit we will perform over all process area's. During a certification audit by the notified body which is next week, all process area will be audited. After the certification this year, the following two years we will get a surveillance audit in which a limited scope will be audited and then the year after there is a re certification audit which audits all process area's again. Once somewhere every 5 years the notified body executes a unannounced audit in which they come visit us unannouced and perform an audit. Lets see what you have to do and know to succesfully participate in an audit..
[Audio] As explained before the process owner of the standard operating procedure is responsible for the performance of the procedure and will explain the procedure to the auditor during an audit. The process owner will need to show that the employees who have a role in the procedure work according to the rules in the procedure and know what they are doing. It might be that the auditor spots a name of an employee in a record and ask to speak to that employee to explain something about the record. Therefore you need to have your knowledge on your role in a procedure up to date. To prepare the audit, first of all you need to know what your assigned roles are. The HR Manager, Jeroen has communicated those with you when the HR files were created but you can also check it yourself in CD-H R M08 or if you find this difficult contain Jeroen again. Then it is good to check the latest published version of the procedure in which your role participates. You need to check this in Scilife. To update your knowledge it can be good to watch the youtube video of the training on the procedure again. You can find this in the training module in Scilife. When the audit schedule is known myself or the process owner will let you know when you might be expected to say something during the audit..
[Audio] And then the audit starts and you are requested to explain something. How do you need to behave during the audit? First of all. Stay calm and relaxed. Be friendly to the auditor. If you make the auditor angry, an auditer might be more aeger to find nonconformities on your behalf. Be self-confident. Try to reflect that we have everything under control. Do not discuss with the auditor. They are there to audit the work. They are not allowed to provide any advice or discuss issues and implementation of regulations. All auditors are trained to use speak pauses. Leaving a long pause, ,gives an awkward vibe which tends most people to start talking and revealing information about things you were not asked about. Pauses, do not need to be filled. Simply only answer the exact questions of the auditor and then stop talking..
[Audio] Only show typical examples if you are allowed to choose to show something. Try not to show any extraordinary work which might raise questions on compliance. Do not provide any extra irrelevant information. Additional information leads to further and perhaps deeper questions into the matter. If you do not understand the question from the auditor. Ask! Do not start babbeling and provide the wrong information. If you do not remember certain information from your procedure you can simply say. I do not remember right now, lets look that up and show them where to find the information in the standard operating procedure. Do not have any internal discussions in front of the auditor. We cannot have any disagreements show towards the auditor this could lead to a nonconformity. Think about what you are going to say before operning your mouth!.
[Audio] This is the end of this presentation. If you have any questions related to this training you can contact me directly..