[ChrisRR]

Producing medical products is all about managing risk. Whatever you do there's got to be a comprehensive risk assessment of every possible outcome of that action

If a company were to outsource the risk assessment and documentation effort would be huge and potentially open them up for a lot of legal liability if their third party manufacturer causes harm to a patient

For many manufacturers, it's much easier to use your documented in-house manufacturing, supply chain, training, machinery, etc. that you have risk documented up to the eyeballs so that if the product does cause harm, you have enough paperwork to show that you've done your due diligence

If you bring in a third party, it's incredibly difficult to prove that every aspect of their company meets the standards to which you're happy to hold yourself legally responsible.