ISO 13485 Small Business Package

GENERAL INFORMATION ABOUT ISO 13485

ISO 13485 (and variations such as DIN EN ISO 13485) is an internationally recognized quality standard which states the requirements of the Quality Management System (QMS) for the design and manufacture of Medical Devices. While it remains a stand-alone document, ISO 13485 is based on ISO 9001 with some additional clauses as well as the removal of some requirements.

ISO 13485:2016 specifies requirements for a Quality Management System where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. Such organizations can be involved in one or more stages of the life-cycle, including design and development, production, storage and distribution, installation, or servicing of a medical device and design and development or provision of associated activities (e.g. technical support). ISO 13485:2016 can also be used by suppliers or external parties that provide product, including quality management system-related services to such organizations.

ISO 13485 is recognized by the Global Harmonization Task Force (GHTF) and has become the model QMS standard for the medical industry. ISO 13485 certification provides:

Global Recognition – ISO 13485 Standard is recognized in major markets around the world

• United States of America
• Europe
• Canada
• Japan
• Australia

BENEFITS OF ISO 13485

A solid QMS provides:

• Improved product safety
• Increased Efficiency
• Cost Savings
• More Effective Risk Management
• Increased likelihood of meeting Customer Requirements
• Meet legal, regulatory, contractual and marketing requirements

Factors to take into consideration when implementing ISO 13485

• Does this meet the regulations?
• Is this as simple as possible?
• How does this impact the business?

A roadmap for constructing QMS should be based on what to do and when to do it based on the stage of the product lifecycle.

• Product Development
• Transfer to Manufacturing
• Go to Market
• Post-Market

FIRST PHASE OF QMS

In the first phase of QMS, QMS procedures must be established for:

• Design Controls
• Risk Management
• Document Control & Records Management
• Supplier Management

In the second phase, QMS procedures must be established for the following:

• Training
• Purchasing
• Device Master Record
• Production & Process Controls
• Labeling & Packaging
• Receiving, Incoming, In-Process, Final Inspection
• Identification & Traceability/Device History Record
• Change Management
• Nonconforming Material
• CAPA
• Management Responsibility

ESTABLISHING THE LAST PART OF A QMS

Before going to market, the following need to be established into the QMS procedure:

• Process Validation
• Software Validation
• Calibration
• Preventive Maintenance
• Handling, Storage, Distribution, & Installation
• Servicing
• Complaint Handling
• Adverse Event Reporting/MDR
• Corrections & Removals
• Customer Feedback
• Analysis of Data
• Quality Manual

Establishing post market QMS

• Define the internal auditing procedures
• Set the schedule and frequency for internal audits
• Make sure that personnel conducting internal audits have been appropriately trained to conduct audits

Although not fully harmonized, an ISO 13485 Quality Management System (QMS) is very close to the Food and Drug Administration’s (FDA) QSR standards in this area, namely 21 CFR 820.

COMPARISON BETWEEN ISO 13485 AND FDA-QSR-21CFR-820

What is 21 CFR 820?

• Title 21 of the Code of Federal Regulations (CFR) covers the broad area of food and drugs
• Part 820 outlines
  • Quality Systems for medical device manufacturers.
  • Current Good Manufacturing Practice (CGMP) regulations that govern the methods used in, and the facilities and controls used for, the design, manufacture, packaging, labeling, storage, installation, and servicing of all finished devices intended for human use.
  • These requirements are meant to ensure that medical devices are safe, effective, and in compliance with the Federal Food, Drug, and Cosmetic Act.

Where do they each apply?

• ISO 13485 is a global standard that is voluntary in the US but required in some countries. Third party registrars (CB’s) conduct audits to ensure conformance.
  • The Food and Drug Administration enforces 21 CFR 820.
• 21 CFR 820 is applicable to manufacturers of finished medical devices sold in the United States, including imported products. Only parts of the requirement may apply, depending on the class.

RELATIONSHIP BETWEEN FDA-QSR 21 CFR 820 AND ISO 13485

They have several differences, which is what have kept them from harmonizing. ISO 13485:2003 is a standard based on ISO 9001 that is specific to medical devices. This standard is not adopted by the Food and Drug Administration (FDA) but the FDA participated in writing ISO 13485:2003 to make sure their requirements and ISO 13485:2003 are aligned. The FDA QSR has more stringent complaint handling & reporting requirements

However, if a company meets the requirements of ISO 13485:2003, they should easily be able to meet the FDA Quality System Requirements (QSR).

US FDA Medical Device Regulations & Guidelines

• Design Control Guidance for Medical Device Manufacturers Text related to FDA 21 CFR 820.30 and sub clause 4.4 of ISO 9001.
• Labeling for Medical Devices Guidance on medical device labeling from the FDA
• Quality Systems Regulations (QSR) US FDA QSR regulation and Good Manufacturing Practices (GMP).
• Post Market Surveillance Guidance on criteria and approaches for medical device post-market surveillance.
• Human Factors in Medical Device Design Discusses the CDRH push to have manufacturers apply Human Factors to device design.

WHY WAS ISO 13485 REVISED?

All ISO standards are reviewed and revised regularly to make sure they remain relevant to the marketplace. ISO 13485:2016 responds to the latest QMS practices, reflecting the evolution in medical device technology and changes in regulatory requirements and expectations. This ensures that the standard remains compatible with other management system standards, including the new edition of ISO 9001.

ISO 13485:2016 Certification for Small Business offers everything that a small business needs to become ISO 13485 certified. Its Small Business Package leads your company to ISO 13485 Certification with confidence.

It gives you everything you need to prepare for registration. But if you don’t plan to train your internal auditors, the Small Business Package is tailored especially for you. Some companies don’t need to train their internal auditors because

• There are trained auditors on staff
• They will be trained elsewhere
• An outside consultant will perform the audits, at least for the first year
• There are not enough employees to perform internal audits (NOTE: ISO 13485 does not allow someone to audit their own work)

With this ISO 13485 Small Business Package your end product will be a quality system that works for you and helps your company continually improve its processes and customer satisfaction.

• In use since 2001
• Successful at all audits worldwide
• Has efficient and effective design
• Recommended by major OEM’s and Registrars

SAVE TIME:

• Quality Management System (QMS) is documented. Quality Manual, Procedures & Forms are fully written and ready to customize. They contain guidance so you know what to edit and examples are provided.

SAVE MONEY:

• No need to hire consultants to develop your system or to train your employees.
• Training of requirements of the standard on how to implement them.
• Gives the option to train your organization’s employees in house through PowerPoint training that comes with trainer’s guide and detailed speaker’s notes or self-train your employees with convenient online training.