WHAT IS ISO 13485?
The new standard ISO 13485:2016 - Medical Devices quality management system was published on 1st March 2016. The requirements have changed significantly and organizations with 2003 or 2012 certification are now in a transition period.
ISO 13485:2016 is based on the ISO 9001:2008 process model approach and is a management systems standard specifically developed for the manufacture of medical devices. Its primary objective is to facilitate harmonized medical device regulatory requirements.
Annex B of the ISO 13485:2016 standard includes a comparison wiht ISO 9001:2015 for reference. Importantly, neither can be used to make a QMS that is automatically compliant to the other and both need auditing.
Further, there are many terms in ISO 13485 unique to medical devices. ISO 13485 also retained the role of a quality representative to top management where ISO 9001:2015 removed this in many aspects. Interestingly ISO 9001:2015 has a lot more requirement for monitoring external providers for performance than the old version and this is something always required by ISO 13485.
The standard contains specific requirements for manufacture, installation and servicing and calls for:
- Implementation of a Quality Management System with several enhancements
- Risk Management approach to product development and product realisation
- Validation of processes
- Compliance with statutory and regulatory requirements
- Effective product traceability and recall systems.
WHO IS IT APPLICABLE TO?
ISO 13485 contains requirements that are essential for any organization operating at any tier in the medical device and pharmaceutical supply chain.
It is especially relevant to manufacturers that wish to demonstrate applicable regulatory requirements, and by organizations whose services support medical device manufacturers.
WHAT ARE THE BENEFITS OF CERTIFICATION
- Customer satisfaction – through delivery of products that consistently meet customer requirements as well as quality, safety and legal requirements
- Reduced operating costs – through continual improvement of processes and resulting operational efficiencies
- Improved stakeholder relationships – including staff, customers and suppliers
- Legal compliance – by understanding how statutory and regulatory requirements impact the organization and its customers
- Improved risk management – through greater consistency and traceability of products and use of risk management techniques
- Proven business credentials – through independent verification against recognised standards
- Ability to win more business – particularly where procurement specifications require certification as a condition to supply in a highly regulated sector.
FACTS ABOUT THE TRANSITION
ISO 13485:2016 is a standard that focuses on the importance of the life-cycle of a medical device, including its design, development, production, storage, distribution, installation, servicing and final decommissioning. The standard is designed to assist organizations in focusing their management system and therefore practices on strengthening its risk management approach and meeting regulatory requirements. The following is a major revision of the ISO 13485:2016 standard.
ISO 13485:2016 replaces ISO 13485:2003 and ISO 13485:2012. The revised ISO 13485:2016 was published on 1st March 2016.
The standard is aligned with ISO 9001:2008 and not ISO 9001:2015. This misalignment is due to the revision of both standards being completed in parallel to one another.
- The changes were managed by the ISO technical committee 210. Its role was to ensure that this quality management system standard remains fit for purpose given developments over recent years with product specific requirements outlined in device directives such as; the In Vitro Diagnostic Medical Devices Directive (IVDD) 98/79/EC and the Medical Devices Directive (MDD) 93/42/EEC.
The standard is in line with the 3 Medical Device Directives, and the Z annexes at the front demonstrate where they align. However, the Medical Device Regulations are now live and will replace the Directives in 2020 (Medical Devices) and 2022 (in-vitro diagnostic devices). It is therefore very likely that an amendment or corrigendum to ISO 13485:2016 will be released in the near future to incorporate 2 new Z annexes demonstrating how it aligns to the new Regulations.
Clients who currently hold accredited certification against ISO 13485 have until 28th February 2019 to successfully transition to ISO 13485:2016. To find out more on your specific transition requirements click here.
THREE STEPS TO CERTIFICATION
Application for registration is made by completing the Quote Request Form. This provides information about your organization so we can accurately define the scope of assessment.
Assessment to ISO 13485 is undertaken by NQA - this consists of two mandatory visits that form the Initial Certification Audit (explained below).
Certification is issued by NQA and maintained through a programme of annual surveillance audits and a three yearly recertification audit. Please note that you must be able to demonstrate that your management system has been fully operational for a minimum of three months and has been subject to a management review and full cycle of internal audits.
Initial Certification Audit
Stage 1 - The purpose of this visit is to confirm that your organization is ready for full assessment. Your assessor will:
- confirm that the quality management system conforms to the requirements of ISO 13485
- confirm its implementation status
- confirm the scope of certification check legislative compliance
- produce a report that identifies any non-compliance or opportunities for improvement and agree a corrective action plan if required
- produce an assessment plan and confirm a date for the Stage 2 assessment visit
Stage 2 - The purpose of this visit is to confirm that the management system fully conforms to the requirements of ISO 9001 in practice. Your assessor will:
- undertake sample audits of the processes and activities defined in the scope of certification
- document how the system complies with the standard by using objective evidence
- report any non-compliances or opportunities for improvement
- produce a surveillance plan and agree a date for the first annual surveillance visit
If the assessor identifies any major non-conformances, certification cannot be issued until corrective action is taken and verified.
QMS Training - We provide a range of training options to suit your needs and budget. These give you the skills to implement, audit and manage an effective quality management system.
Gap Analysis - We can undertake a gap analysis to help you determine the likely workload and timescale for implementing a quality management system that will achieve ISO 13485 certification. You can use this to plan implementation or brief a consultant.
Consultancy - We don't provide consultancy but we can help you choose a reputable consultant from the NQA Associate Consultant Register.
Get a Quote - We'll give you a clear indication of the costs of gaining and maintaining certification, contact our sales team directly here.
GET IN TOUCH
We can advise you on how to achieve certification, related training, useful resources and finding a reputable consultant.
Contact our business advisors on 0800 052 2424 or complete our contact us form.