ISO 13485

ISO 13485 Medical devices -- Quality management systems -- Requirements for regulatory purposes is an International Organization for Standardization (ISO) standard published for the first time in 1996; it represents the requirements for a comprehensive quality management system for the design and manufacture of medical devices. This standard supersedes earlier documents such as EN 46001 (1993 and 1996) and EN 46002 (1996), the previously published ISO 13485 (1996 and 2003), and ISO 13488 (also 1996).

The current ISO 13485 edition was published on 1 March 2016.[1]

Background

Though it is tailored to the industry's quality system expectations and regulatory requirements, an organization does not need to be actively manufacturing medical devices or their components to seek certification to this standard, in contrast to the automotive sector's ISO/TS 16949, where only firms with an active request for quotation, or on the bid list, of an International Automotive Task Force supply chain manufacturer can seek registration.[2]

Reason for use

While it remains a stand-alone document, ISO 13485 is generally harmonized with ISO 9001. A principal difference, however, is that ISO 9001 requires the organization to demonstrate continual improvement, whereas ISO 13485 requires only that the certified organization demonstrate the quality system is effectively implemented and maintained. Additionally, the ISO 9001 requirements regarding customer satisfaction are absent from the medical device standard.[3]

Other specific differences include:

  • the promotion and awareness of regulatory requirements as a management responsibility. Examples of market-specific regulatory requirements include 21 CFR 820, the Quality System Regulation for medical devices sold in the United States, enforced by the U.S. Food and Drug Administration (FDA), or the Medical Devices Directive 93/42/EEC, required for doing business in the European Union
  • controls in the work environment to ensure product safety
  • focus on risk management activities and design control activities during product development
  • specific requirements for inspection and traceability for implantable devices
  • specific requirements for documentation and validation of processes for sterile medical devices
  • specific requirements for verification of the effectiveness of corrective and preventive actions

Compliance with ISO 13485 is often seen as the first step in achieving compliance with European regulatory requirements. The conformity of Medical Devices and In-vitro Diagnostic Medical Device according to European Union Directives 93/42/EEC, 90/385/EEC and 98/79/EEC must be assessed before sale is permitted. One of the major requirements to prove conformity is the implementation of the Quality Management System according ISO 9001 and/or ISO 13485 and ISO 14971.[4] Although the European Union Directives do not mandate certification to ISO 9001 and/or ISO 13485 the preferred method to prove compliance to such standards is to seek its official certification which is issued by certifying organizations known as "Registrars". Several registrars also act as Notified Body. For those medical devices requiring the pre-market involvement of a Notified Body, the result of a positive assessment from the Notified Body is the certificate of conformity allowing the CE mark and the permission to sell the medical device in the European Union. A very careful assessment of the company Quality Management System by the Notified Body, together with the review of the required Technical Documentation, is a major element which the Notified Body takes into account to issue the certificate of conformity to the company product(s).

This standard adopted by CEN as EN ISO 13485:2003/AC:2007 is harmonized with respect to the European medical device directives 93/42/EEC, 90/385/EEC and 98/79/EC.[5]

ISO 13485 is now considered to be inline standard and requirement for medical devices even with "Global Harmonization Task Force Guidelines" (GHTF).[6] The GHTF guidelines are slowly becoming universal standards for design, manufacture, export and sales of various medical devices. The GHTF has been replaced in the last few years by the International Medical Device Regulatory Forum (IMDRF)[7] and is structured differently from the GHTF as only the regulators, that are primary members of the group, get to make many of the decisions. The IMDRF main membership (the regulators) do want to have non-regulators involved without voting rights and in this way they are hoping to get the process and documents completed quicker than under the GHTF system (regulators & non-regulators were equal in voting rights) that worked reasonably well, but somewhat slow.

This standard adopted by CEN as EN ISO 13485:2012 is harmonized with respect to the European Medical Devices Directive 93/42/EEC.[8]

Mexico published in October 11, 2012 a national standard as a Norma Oficial Mexicana (NOM) to control manufacture of medical devices inside the country. NOM-241-SSA1-2012, Buenas Practicas de Fabricación para Establecimientos dedicados a la Fabricación de Dispositivos Médicos.[9] The scope of application is mandatory in the national territory, for all establishments dedicated to the process of medical devices marketed in the country. The Cofepris is the body assigned to its control, verification and to grant the records of compliance to the companies that implement this Standard of Good Manufacturing Practices. This standard is partially in line with ISO 13485: 2003 and ISO 9001: 2008.

In 2017, The Farmacopea de los Estados Unidos Mexicanos (United Mexican States Pharmacopoeia), medical industrial sectors and Cofepris are working together for updating NOM-241 Standard, putting special attention on managing risks during manufacture and regulating by manufacturing lines some of the most important medical devices manufacturing processes. This standard will be published in August 2018, and 180 days after publication it will become mandatory for the industry.

In Spain, medical devices are named in ISO-13485 as "Sanitary Products" as Castellano-language translation of ISO-13485, but in Mexico they are known as "Medical Devices" and correspond to those used in medical practice and that meet the definition established by NOM-241 as: Medical device, to the substance, mixture of substances, material, apparatus or instrument (including the computer program necessary for its proper use or application), used alone or in combination in the diagnosis, monitoring or prevention of human or auxiliary diseases in the treatment of the same and of the disability, as well as the employees in the replacement, correction, restoration or modification of the anatomy or human physiological processes. Medical devices include products of the following categories: medical equipment, prostheses, orthotics, functional aids, diagnostic agents, supplies for dental use, surgical, healing and hygiene products. ISO 13485:2016 Certificates meets the requirement of IEC 60601-2-25 : 1993 + A1: 1999 safety of Electrocardiograms.

Chronology

Year Description
1993EN 46001 was born in Europe with the title "Quality systems. Medical devices. Particular requirements for the application of EN ISO 9001" 'which will be the basis for developing ISO 13485
1996ISO 13485 (1st Edition)
2000EN ISO 13485 the European_Committee_for_Standardization (CEN) unifies the European version with the international standard and withdrawing the previous EN 46001
2003ISO 13485 (2nd Edition)
2012EN ISO 13485 harmonized european version with the three European directives associated with the medical sector 93/42/EEC, 98/79/EC, 90/385/EEC
2016ISO 13485 (3rd Edition)
gollark: No. You need something like GMP for bignums, but C has no operator overloading due to C bad.
gollark: Technically yes, practically not really I think; each connection has a bunch of state associated with it; the actual status of the TCP stream, and the random bytes the websocket data is XORed with (for entirely accursed reasons).
gollark: This is premature optimisation.
gollark: It doesn't actually matter unless you're writing some kind of hyperoptimized algorithm, which you aren't.
gollark: You can just use example.com, it has no SSL redirection.

See also

References

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.