How is your organization ensuring quality management along every step of your medical device lifecycle? While not a requirement, ISO 13485 is an international standard designed to help organizations develop, establish, and maintain a quality management system (QMS) process. Manufacturers that go through the steps of this standard can demonstrate their commitment to best practices, as well as take steps toward receiving other certifications, such as the CE mark. With the FDA working to add this standard to their rules in December 2023, here are the basic pieces of ISO 13485 that medical device manufacturers should know.
What is ISO 13485 for medical devices?
ISO 13485 is an international standard that outlines best practices for quality management systems (QMS). Organizations that play a role in manufacturing, designing, installing, and servicing medical devices need to understand ISO 13485. The most recent version of the standard was revised in 2016.
Following ISO 13485 means that an organization is meeting customer and regulatory requirements with its medical devices and subsequent services.
Manufacturers aren’t the only ones who use ISO 13485 – suppliers and external providers can also use it. Associated services with the devices apply under this standard just as much as the devices do. There aren’t limits on how the regulations apply based on the size of the organization or type of device, either.
ISO 13485 with MDR and FDA
Whether manufacturers are looking to market their product in the EU or the United States, ISO 13485 is important for all non-exempt devices.
While ISO 13485 is not mandatory for MDR, it is necessary to have some kind of quality management system (QMS) in place, which can be satisfied by abiding by this international standard. It can also help organizations receive the CE mark.
In the United States, the FDA has worked to harmonize its standards with ISO 13485. Most recently, the FDA has proposed to reference the standard in the Quality System Regulation, with the final rule set to be released in December 2023.
Main components of ISO 13485
Organizations are responsible for “monitoring, maintaining, and controlling the processes” that are required by ISO 13485, even if they don’t perform the processes. Sometimes organizations won’t be required to perform certain design and development controls, but these controls still need to be accounted for in the QMS. Similarly, if certain requirements don’t make sense because they don’t relate to activities performed by the device or its related services, they don’t need to be included in the QMS.
The ISO 13485 standard consists of five main pieces: A quality management system; management responsibility; resource management; product realization; and measurement, analysis, and improvement.
Establishing the quality management system
When building the quality management system (QMS), manufacturers should be able to answer the following questions:
- What process is needed to carry out the QMS and how do you put this process into practice organization-wide?
- What roles need to be in place to implement the QMS?
- How is the QMS being carried out with a risk-based approach?
- What does the sequence of events look like, and how do various pieces interact, to achieve the QMS?
Management responsibilities
One of the roles that needs to be fulfilled under the quality management system is the individual or team that manages its implementation and maintenance.
Management duties include conducting reviews, conveying how important it is to meet regulatory requirements, establishing objectives, ensuring that QMS resources are available, and having a quality policy in place that is “high-value.”
Resource management practices
Resources should be managed to ensure the QMS is implemented correctly and maintained effectively. This can include managing infrastructure, resource provision, human resources, contamination control, and the work environment.
Product realization process
The product moving from planning to the market is its realization. To plan for product realization, manufacturers should establish requirements for devices in regards to quality, identify and create any documentation necessary to carry out QMS processes, explain what the work environment and infrastructure need to look like to support QMS, define requirements for employee training and qualification, and outline processes for the following:
- Verification
- Validation
- Measurement
- Monitoring
- Handling
- Inspection
- Storage
- Distribution
- Traceability
All information that pertains to product realization also needs to be accessible and understandable.
Measurement, analysis, and improvement processes
The measurement, analysis, and improvement process as defined by ISO 13485 needs to explain what conformity to the QMS would mean for the product, develop a system to ensure conformity is met, and maintenance steps to keep the QMS rolling.
Meeting Your ISO 13485 Requirements From Start to Finish
Companies looking to meet FDA and MDR requirements should understand ISO 13485 requirements. These best practices can help you get your products to market. While RAM Technologies doesn’t manufacture end-use products, only components, our PSUs are ISO 9001-certified. We can help manufacturers with certification and our processes will meet your ISO 13485 requirements.
To learn more about our power supplies, contact us today.
RAM Technologies’ power supplies are 60601-1 3.2 certified and meet 60601-1-2 EMC standards. When you’re designing your medical device and need help with a PSU, contact us for details.
More Resources:
What the FDA Moving to IEC 60601-1 3.2 Means for Manufacturers
Downloadable Guide to IEC 60601-1
Differences Between 3.1 and 3.2 Certification for IEC 60601-1
Understanding IEC 60601-1-2