Latest Edition of ISO 13485

Latest Edition of ISO 13485

By Christina Milan, BRC Quality Consultant

The latest edition of ISO 13485, the internationally recognized quality management systems standard for the medical device industry was published in March 2016. Its primary objective is to facilitate harmonized medical device regulatory requirements. This new revision will bring the standard up to date with the evolving European requirements and other international regulatory changes that have occurred since the previous revision in 2003.

The previous edition of ISO 13485:2003 was based on the old ISO 9001:2000 standard, the new one is based on ISO 9001:2008 process model approach and is a management systems standard specifically developed for the manufacture of medical devices.

Let’s review some key changes/requirements to ISO 13485;

• You can exclude any requirement in sections 6, 7, or 8 if you can justify doing so because of the nature of your activities or products.
• There is an increased focus regarding feedback mechanisms.
• Risk management and risk based decision making are included throughout the quality management system. You’re expected to apply risk management methods and techniques to all QMS processes including outsourced processes.
• Additional requirements related to complying with all applicable regulations.  You’re now required to set objectives for meeting regulatory requirements (in addition to setting objectives for meeting product requirements).
• Additional requirements and clarity with regard to validation, verification, and design activities; the standard now wants you to think about how to verify and validate medical devices that connect to, or interface with, other medical devices.
• Requirements to consider risk management outputs, to clarify product usability and safety requirements, and to make sure that input requirements can be verified or validated.
• Requirements to establish your product handling, storage, measuring, revalidation, and traceability requirements.
• More explicit requirements for software validation for different applications.
• While both standards expect you to establish a special file for each type of medical device, in the new standard you’re now expected to include a description of each medical device or family of devices and to include all associated specifications, procedures, and records.
• Requirements to record supplier monitoring and re-evaluation activities and to consider privacy regulations when you develop methods for protecting confidential health information.
• Requirements to think about the safety and performance of your products and the associated training needs of product users, and to verify that regulatory requirements will be met and user training will be available before you agree to supply products to customers.
• In the servicing section you’re required to analyze servicing records in order to identify servicing complaints and improvement opportunities.
• In addition to having to maintain the suitability and effectiveness of your QMS, you’re now expected to maintain the safety and performance of your products whenever improvements are being considered.

Hopefully this will be useful to assist you in updating your management systems.

What can you do NOW to help your organization get ready for ISO 13485:2016?