ISO 13485 Medical Devices - Quality Management System

ISO 13485 is the internationally recognized standard for quality management systems in the medical device industry. It specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices, and that related services consistently meet customer requirements and applicable regulatory requirements. It is designed and intended for use by organizations for the design and development, production, installation, servicing and sales of medical devices.

The primary objective of ISO 13485 is to facilitate harmonized medical device regulatory requirements for quality management systems. ISO 13485 is a standalone standard. It is largely based on the structure of ISO 9001, but includes some particular requirements for medical devices such as risk analysis, sterile manufacturing and traceability. Organizations being certified to ISO 13485 cannot claim conformity to ISO 9001.

The standard contains specific requirements for manufacture, installation and servicing and calls for:

  • Implementation      of a Quality Management System with several enhancements
  • Risk      Management approach to product development and product realization
  • Validation      of processes
  • Compliance      with statutory and regulatory requirements
  • Effective      product traceability and recall systems      

Connection with national requirements for approval of medical devices

Legal access to markets for products is essential for manufacturers of medical devices. ISO 13485 is often required by national regulations as part of the approval process for medical devices, e.g. for the EU directive on medical devices (Medical Device Directive 93/42/EEC, In Vitro Diagnostic Directive 98/79/EC, Active Implantable Medical Devices 90/385/EEC).

TUV SVERIGE Business Assurance is appointed as a notified body to carry out conformity assessment according to Annex II, IV and V of the Medical Device Directive 93/42/EEC. Manufacturers certified according to ISO 13485:2003 fulfill all the quality management requirements for any class of devices under this directive.

Related standards

ISO 14969:2005 – This standard provides guidance for the application of the requirements for quality management systems contained in ISO 13485. This guidance can be used to better understand the requirements of ISO 13485 as it helps illustrate some of the variety of methods and approaches available for meeting the requirements of ISO 13485.

ISO 14971:2007 – This standard specifies a procedure by which a manufacturer can identify the hazards associated with medical devices and their accessories. It also specifies a procedure to estimate and evaluate the identified risks, control these risks and monitor the effectiveness of the control. Its primary objective is to facilitate harmonized medical device regulatory requirements

ISO 13485

Who can apply for ISO 13485 certification?

ISO 13485 is applicable to all manufacturers and suppliers of medical devices, components, contract services and distributors of medical devices. For a number of markets ISO 13485 certification is not sufficient on its own and the appropriate local regulatory certification is also required to legally manufacture and sell medical devices.

What are the benefits of certification?

  • Customer      satisfaction – through delivery of products that consistently meet      customer requirements as well as quality, safety and legal requirements
  • Reduced      operating costs – through continual improvement of processes and resulting      operational efficiencies
  • Improved      stakeholder relationships – including staff, customers and suppliers
  • Legal      compliance – by understanding how statutory and regulatory requirements      impact the organization and its customers
  • Improved      risk management – through greater consistency and traceability of products      and use of risk management techniques
  • Proven      business credentials – through independent verification against recognized      standards
  • Ability      to win more business – particularly where procurement specifications      require certification as a condition to supply in a highly regulated      sector

What is the certification process?

The certification process is in three simple steps:

  • Application      for certification
  • Complete      the on line form for TUV_ SVERIGE to send a quotation.
  • Initial      Certification Audit

The assessment process is based on a 2 stage approach as follows:

Stage 1 – a basis audit to check whether the organization is in a state of readiness for the stage 2 audit and involves the following:

  • Confirm that the quality manual conforms      to the requirements of the ISO 13485
  • Confirm the scope of certification      including any justifiable exclusions
  • Check legislative compliance
  • Production of a report that identifies      any non-compliance or potential for non-compliance and
  • Agree a corrective action plan if      required.
  • Production of an assessment plan and      confirm a date for the stage 2 assessment visit.

Stage 2 – the purpose of this visit is to confirm that the quality management system fully conforms to the requirements of ISO 13485 in practice and involves the following:

  • Undertake sample audits of the processes      and activities defined in the scope of assessment
  • Document how the system complies with the      standard
  • Report any non-compliances or      observations
  • Produce an audit programme and confirm a      month and year for the first surveillance visit.