A medical device can be as basic as a bedpan or as intricate as a personalized sensor that remotely monitors the performance of organs in living humans. Yet all medical devices share one commonality: when produced by companies that follow the medical device quality management standard ISO 13485, they're aiming for the highest globally recognized standard of quality. With the impending harmonization of ISO 13485 and 21 CFR Part 820 just around the corner, the standard is further cementing its global importance and ubiquity.
If your organization plays a role in the development of a medical device, a quality management system (QMS) that meets ISO 13485 requirements doesn't just happen. It takes a concerted organizational effort, thoughtful planning, and a thorough understanding of the work required for compliance. Below you'll find answers to some of the questions commonly asked by companies striving for compliance with ISO 13485 requirements.
The ISO 13485 medical device guidelines for maintaining an effective QMS are all geared toward the safe design, manufacture, and distribution of effective medical device products. The standard outlines expectations for the foundational aspects of quality management, specifically:
Device manufacturers that meet the ISO 13485 quality system requirements for medical devices reap an array of production benefits, such as minimized variation. Adherence to the standard also provides economic benefits that come from reducing scrap and making quality processes more efficient in general.
The medical device quality management systems used in the production of most types of medtech products by companies in Australia, Canada, European Union member nations, and Japan are beholden to ISO 13485 requirements. All 165 member countries of the International Organization for Standardization (ISO) follow the standard as well.1
The U.S. Food and Drug Administration's (FDA) quality system requirements for medical devices are based on the guidelines set forth in the 21 CFR Part 820 - Quality System Regulation (QSR). However, the agency recently issued a proposed rule that would harmonize Part 820 with ISO 13485 requirements.2
Separate regulatory guidance remains in effect for the time being, so device makers intending to distribute products in regions and markets subject to FDA oversight must still adhere to the QSR guidelines. Device companies planning to market products internationally should comply with both Part 820 and ISO 13485 requirements.
The updated standard contains many minor adjustments, but the most notable changes involve an elevated emphasis on risk and risk management. Since the revised ISO 13485 requirements went into effect, device makers are expected to apply a risk-based approach to the control of their medical device quality management processes. Also, the executives of medical device companies should explicitly incorporate risk management into decisions that guide not only their organizations' quality objectives but their business goals as well.
The updated ISO 13485:2016 requirements call for an increased focus on risk as it pertains to critical quality-related areas, such as:
The ISO 13485 requirements were based on ISO 9001, the international gold standard for quality management systems. However, ISO 9001 offers a general set of requirements geared toward customer satisfaction and continual improvement that can be too subjective and/or difficult to measure for many medtech companies. ISO 13485, therefore, focuses on meeting specific metrics that measure medical device quality management performance and are aimed at maintaining QMS effectiveness.
There are two other notable differences between ISO 13485 requirements and those set forth in ISO 9001:
ISO itself is not an enforcement agency; it exclusively establishes and maintains ISO standards. Adherence to ISO 13485 requirements is confirmed through QMS audits performed by authorized third-party certification bodies. Following the completion of a successful audit, those agencies certify that the audited medical device quality management system meets the standard. That certification stands for three years.
Enjoying this blog? Learn More.
Understanding ISO 13485:2016 – A Brief, Yet Comprehensive, OverviewDownload Now