We are a provider of class 1 devices to hospitals and clinics. Our products are not sold direct to consumers as they would have no need for such products. Customer include Hospitals (private, commercial and government-VA). We are ISO 13485 accredited with design in our scope, and manufacture 90% of our products in-house, with some subcontracting and some re-branding. We have agreements with our customers and with distributors of our product (mostly, oversea). These contracts state our basic terms, etc. including net 30 payment, etc. We have a line of customer service order processors, who receive and respond to customer orders via EDI, email, phone and, rarely, fax). Orders are generally for x number of boxes of type Y product, etc. Which are pulled from our inventory system and shipped.
During an internal audit, the auditor wrote up a nonconformance when he observed that many of the orders coming in, especially in emails, had a page or pages of T&Cs attached to the PO or referenced a URL in the PO to review related PO T&Cs.
The order processor was not reviewing the attachments, etc., as they are not trained or qualified to do so. The auditor said these attachments constituted customer requirements that needed to be reviewed. We responded in the related corrective action request that we have a signed agreement with our customers outlining our terms which they signed, and that as far as we were concerned, this trumped anything extra they were flowing.
In reviewing the action taken, the auditor subsequently rejected our answer, saying that you can’t ignore a customer’s requirement and, once you execute on the PO/contract, you are agreeing to the terms as outlined there. Adding, failing to review information flowed from a customer introduces potential risk that should be considered.
If we have to review every T&C, etc. the customer is flowing, it would add a significant burden on how quickly we can turn an order around… this would not be in the customer’s best interest. What do you think?
During an internal audit, the auditor wrote up a nonconformance when he observed that many of the orders coming in, especially in emails, had a page or pages of T&Cs attached to the PO or referenced a URL in the PO to review related PO T&Cs.
The order processor was not reviewing the attachments, etc., as they are not trained or qualified to do so. The auditor said these attachments constituted customer requirements that needed to be reviewed. We responded in the related corrective action request that we have a signed agreement with our customers outlining our terms which they signed, and that as far as we were concerned, this trumped anything extra they were flowing.
In reviewing the action taken, the auditor subsequently rejected our answer, saying that you can’t ignore a customer’s requirement and, once you execute on the PO/contract, you are agreeing to the terms as outlined there. Adding, failing to review information flowed from a customer introduces potential risk that should be considered.
If we have to review every T&C, etc. the customer is flowing, it would add a significant burden on how quickly we can turn an order around… this would not be in the customer’s best interest. What do you think?