Is your risk management process ready for ISO 13485?
Last year, the International Organization for Standardization (ISO) dramatically revamped its ISO 13485 standard, which sets rules for medical device makers to demonstrate quality control processes and make sure that devices sold to customers are safe and reliable. Certification ensures the ability to sell internationally; losing this certification can sink many businesses.
Like most changes in ISO standards, device manufacturers have three years to get certified by the registration agencies. But the new ISO 13485 has been changed a great deal from its 2003 predecessor. Putting off the adoption to the new standard until February 2019 could very easily jeopardize your ability to sell devices to overseas markets. In addition, the changes are comprehensive enough to make it very difficult for all but the largest device makers to “do it all” in-house. In short, don’t put it off or be afraid to ask for help.
Last year, the new version was published and became available for the medical device industry to look at and start preparing for the changes that need to be in effect. These changes encompass requirements that you include risk management processes throughout your quality management system, and document that you are following quality management principles and procedures throughout your product’s lifecycle and manufacturing supply chain. Its application, according to the ISO, spans “from initial conception to production and post-production, including final decommission and disposal. It also covers aspects such as storage, distribution, installation and servicing, and the provision of associated services.”
The standards were changed to reflect changes in the medical device industry, especially in sterile manufacturing, and in the increased use of outsourcing for sub-manufacturing and supply. The new standard will be looking for:
- Validation requirements for sterile barriers
- Regulatory documentation
- Post-market activities, including documenting responses to complaints and regulatory actions
- Inclusion of designers, developers, repairers and maintainers of devices, suppliers of raw materials, components and sub-assemblies
- Documentation of performance of contract manufacturers, sterilizers, logistics and calibration
- International import and distribution
Registration bodies will come to each company and recertify their quality systems. They will be looking for processes based on the Plan-Do-Check-Act cycle, four steps used to control and continually improve processes and products.
Most companies (medium and small) don’t have the technical bandwidth to implement venue changes in their current quality system.
This is why we are here to help. We can help integrate the new, most recent changes in their current quality systems so they can be ready for recertification when the time comes. Here is a sample of what we do:
Preliminary evaluation — A practice or audit of your site to determine your readiness for a registration audit. You will receive a written report including a list of any non-conformities found.
Registration assessment — Typically scheduled two to four months after your preliminary evaluation. At the conclusion of the registration assessment, your UL audit team will advise you of its recommendation and present a written non-conformity report before leaving the site.
Continuous assessment — Conducted after registration to measure your continued conformance to the ISO 13485 standard.
Triennial (recertification) assessment — Recertification assessment to begin a new 3-year cycle of registration.
Internal audits and training—we can put your facilities through “mock” audits to stress-test your QMS, and help you train your staff to meet new requirements.
Several device firms already have achieved certification for ISO 13485:2016, and have reported the need for extensive revisions of their quality processes. These firms include Product Creation Studios, a device (and not manufacturing) firm in Seattle, and Inovar, a EMS provider which certified its factory in Tecate, Mexico. So, the standard is not limited to manufacturing alone, and waiting will not provide any competitive advantage!
At Synergy Bio, we have the expertise and experience to help you establish solid risk management processes, help with document control, provide software assistance, and get you ready for the sweeping changes of ISO 13485. Get in touch with us if you’d like a deeper discussion!