A process that identifies and eliminates non-conformances and potential non-conformances enables companies to realize not only a cost savings in the short-term, but could redefine a company culture centered on far-term accomplishments.
After a long inspection day with FDA, a company president commented to me, “I don’t understand it! I have been told that we issue CAPA reports like they were going out of style.
I recognize that our close-out performance is not something to be proud of, but the thing that really gets me goin’ is that we issue all of these CAPAs and the same issues pop up again and again and again. I don’t get it. This CAPA process still doesn’t work.”
A Common Situation (revisited)
As a third-party auditor, I assess the Corrective and Preventive Action Process or CAPA almost immediately after initiating the due diligence and document review stages of the audit process. The logistics of any audit become entwined with the CAPA process early on due to the fact that each process is affected by correcting non-conformances and preventing their reoccurrence in a timely manner. Companies that have ongoing issues with this process (“Our CAPA process still doesn’t work after all of these years”) usually:
- Issue too many CAPAs
- Open too many CAPAs
- Lack management’s commitment to “resource” these initiatives
- Retain only the quality department to work on these company-wide, quality data opportunities
- Fail to really verify or validate the effectiveness of the corrective/preventive actions taken, in a timely manner
- Weaken risk management tools being facilitated to define a triage-based decision-making process
- Run on a distinct and systemic failure mode that does not make management aware of the appropriate and relevant information brought into view because of these defectives—that is, quality data is not being used to its fullest extent for compliance and improvement opportunities
It is imperative that your company successfully use the CAPA process every day, as it impacts each procedure in the Quality Management System (QMS). CAPA is one of the key elements to a compliant QMS that will lead to improvement (with an ISO focus on continual improvement(s)) and compliance. A robust CAPA process is of the utmost importance to an orthopaedic device manufacturer in an age when recalls are prevalent, warning letters for repeat offenders are on the rise and Medical Device Reporting continues to be a gauge for failure affecting human beings. A process that identifies and eliminates non-conformances and potential non-conformances enables companies to realize not only a cost savings in the short term, but could, more importantly, redefine a company culture centered on far-term accomplishments.
Not every problem or non-conformance requires corrective action, per se. Yet, I continue to notice companies where every defective that is realized is being captured in a cumbersome CAPA process using formats far too complicated for mere aberrant issues. Whether “full” corrective action is needed varies by the type of device being manufactured, the risks involved with each occurrence and the severity of the outputs. Another process enhancement should be that CAPA decisions are no longer for only one individual or just the quality department to make. Companies that I have worked with—before and after FDA inspections—commonly have a quality review board in place to facilitate the CAPA process using cross-functional team members to solve problems in a timely manner. FDA commonly emphasizes this crossfunctional point using the responsibility and authority-link throughout an inspection.
FDA requires that procedures are in place to ensure that information is disseminated to those directly responsible for assuring quality or the prevention of such problems, and to provide for submission of relevant information on identified quality problems, as well as corrective and preventive actions, for management review. Your company’s procedures should clearly define the criteria to be followed to determine what information will be considered relevant to the action taken and why. FDA emphasizes that it is always management’s responsibility to ensure that all non-conforming issues are handled appropriately, in a timely manner and using risk management as a foundation point for decision making.
FDA agrees that the degree of CAPA taken to eliminate or minimize actual or potential nonconformities must be appropriate to the magnitude of the problem and commensurate with the risks encountered. FDA will not dictate in a regulation the degree of action that should be taken, because each circumstance will be different, but FDA does expect your company to develop procedures for assessing the risk, the actions that need to be taken for different levels of risk, and the means to correct or prevent the problem from recurring, depending on that risk assessment.