ISO 13485:2016 Medical Devices Quality Management Systems

History and Background of ISO 13485

The International Organization for Standardization (ISO) initially released the ISO 13485 Quality Management System Standard in 1996. This standard was established to provide medical device companies with requirements to ensure and maintain quality systems. The requirements for quality management systems are specified in ISO 13485:2016. It primarily demonstrates the ability of an organization to provide quality medical devices and to fulfill customer and regulatory requirements. It was first published in the year 1996 by the International Organization for Standardization (ISO). The ISO 13485 was based on the ISO 9001. Initially, this standard (ISO 13485) was published in two versions:

  • ISO 13485 for manufacturers like OEMs
  • ISO 13488 for manufacturers on contract or for the suppliers

The standard was revised in 2003 wherein all the documents were combined into one that paved way for one main standard that could be universally applied for all medical device manufacturers. Along with the medical device industries, the entire medical device supply chain also needs to adhere to the specifications of the ISO 13485 standard. The second edition (ISO13485:2003) and ISO/TR 14969:2004 have been technically canceled and got replaced with the third edition (ISO 13485). Technical Corrigendum ISO 13485:2003/Cor.1:2009 is also incorporated in it. A summary of the changes incorporated into this edition compared with the previous edition is given in Annex A.

What is New in ISO 13485:2016?

Every six years, all ISO standards are reviewed and changed. The standard has been updated to reflect the most up-to-date quality management system techniques. The new standard is compatible with all technological advancements along with the regulatory requirements and also meets other expectations. The primary update is the increased focus on risk management and risk-based decision-making.

The other prominent updates include the changes in regards to the increased regulatory requirements for the supply chain industries.

In March 2016, the ISO 13485 standard was updated. The additions to the standard include:

  • Focus on risk management
  • Clarification on management responsibilities
  • Clarification on training responsibilities
  • Creating/ aligning a better design
  • Improvement in facility requirement
  • Development & improvement on many regulations
  • Increased focus on the control of suppliers
  • Traceability procedure requirements
  • Complaint handling
  • Focus on product cleanliness requirements

How to Implement ISO 13485?

To get started with implementing ISO 13485 2016, your organization will need to follow the below-listed steps:

  1. Identifying the requirements – List down the requirements that you need to satisfy with your QMS. These requirements are usually legal and other regulatory requirements that suit your organization’s culture.
  2. Defining the scope – The next important step is to determine the scope of your organization. This brings in clarity on what needs to be done and creates a boundary for your implementation. Using the quality manual and quality policy documents can help you in defining your organization’s scope.
  3. Defining processes and procedures – In order to ensure quality and improved business practices, you will have to define the processes and procedures your organization will follow and make sure how these interact with each other.
  4. Implementing processes and procedures – Documenting the existing and new processes and procedures will ensure quality and consistency in the products and services and your organization can also meet the critical requirements set forth.
  5. Bringing in training and awareness program – This will ensure that every employee is aware of his roles and responsibilities and also understands how the QMS works.
  6. Choosing a certification body – Opting for the right certification body is very important that will confirm if your organization is conforming to the ISO 13485 or not.
  7. Conducting internal audits – Your Organization will have to go through internal audits before being audited by the certification body.
  8. Conducting management review – During this stage, your Organization's data in the QMS activities will be examined to ensure that all the processes have the required resources to bring efficiency and effectiveness.

How Omnex Can Help with ISO 13485

Learn from Omnex QMS experts on how to implement and/or audit ISO 13485 systems including risk management methodology with disciplined problem-solving methods.

Omnex specializes in implementing MDSAP programs that integrate ISO 13485 along with multiple regulatory requirements of agencies worldwide. Contact us for more information on how Omnex can help your organization.

Key Requirements of ISO 13485?

Certification to the ISO 13485:2016 QMS standard is not necessarily a requirement of the ISO 13485; however, companies can benefit from the standard without actual certifying to the ISO 13485 standard. Having a certificate of ISO 13485 will add value to the Organisation and assure trust for customers. The ISO 13485 standard is divided into 8 sections; the first 3 are introductory and the last 5 are the necessary and important requirements of the QMS.

  1. Section 4 – Quality Management System – General QMS, documentation, and quality control requirements
  2. Section 5–Management Responsibility –Implementing and maintaining and planning QMS, review and ensure customer satisfaction
  3. Section 6–Resource Management –Controlling the resources including human resources, infrastructure, building, environment
  4. Section 7–Product Realization –Planning, designing, and creating the product
  5. Section 8–Measurement, Analysis, and Improvement –Monitoring and measuring the results, corrective and preventive actions (CAPA)

There are various elements when it comes to implementing and getting certified to ISO 13485 standard, especially for the PCBA manufacturing in the medical sector.

  • Documented quality control process for manufacturing of medical devices
  • Full understanding of quality regulations for medical device
  • Traceability of documented processes and materials.
  • Analysis and improvement

Benefits Associated with ISO 13485

In addition to cutting cost and saving time, there are a plethora of benefits in implementing ISO 13485 2016 QMS standard:

  • Enhancing customer satisfaction – ISO 13485 aims to fulfill customer needs by assessing them and ensuring client retention, which is a major need of the QMS standard itself.
  • Improving the process – Create an environment for improvement by identifying and eliminating waste within the process, reducing errors and reworks, and thereby facilitating greater efficiency.
  • Continual improvement culture – A major benefit of implementing the medical device standard is to adopt a culture of continual improvement. By doing so, Organizations and their employees can focus on new ways to improve and develop better products and strategies.
  • Brand building – Certification to the ISO 13485 standard implies that your Organisation takes quality very seriously and brings trust in your customers.
  • Informed decision making – By making use of facts and figures, it is easier to have clarity and are in better control of your decisions
  • Employee engagement – Employees become more engaged in their work when they understand their roles and focus on delivering quality products and services, bringing improved productivity.

How to Get ISO 13485:2016 Certified

The below listed six steps can brief you to get certified for ISO 13485 standard:

  • Planning – In addition to producing a quality manual, quality planning is required. To begin the process, your company might hire an expert ISO consultant and a certification agent.
  • Performing – Upon planning your requirements, you need to ensure your organization is meeting the regulatory requirements specified.
  • Implementing Implementing design controls is an essential step to getting certified to ISO 13485.
  • Documenting – keeping track of training, effectiveness, and competency procedures.
  • Managing – Implementing management processes like CAPA (Corrective & Preventive Actions) will help in getting certified.

Certification audit – Certification body performs Stage 1 and stage 2 audits to get your organization to be certified to ISO 13485 Requirements.

Omnex Certificate Accreditation – Exemplar Global QM, AU & TL/ Omnex

Omnex follows Exemplar Global, a worldwide recognized “Training Provider and Examiner Certification Scheme (TPECS)”, and depending on the courses and examination you have chosen to become qualified.

The courses offered by Omnex comprises three separate Exemplar Global Competency Units with the following objectives:

Exemplar Global-QM (Understanding the QMS requirements)

Exemplar Global-AU (Understanding the Auditing requirements)

Exemplar Global-TL (Understanding the Lead Auditing/Team Leader requirements)

Omnex Methodology

Omnex can help you conduct an ISO 13485 Discovery Analysis (or Assessment) or conduct a Best-In-Class assessment to assist your organization in making process improvements that result in Efficiency and savings.

Omnex will conduct a Discovery Analysis during an initial assessment. Omnex will study your current processes to see the gaps in the systems as well as review Best-In-Class practices depending on the scope of the assessment. Omnex assessments always focus on savings and improvements within the organization. On the last day of the assessment, feedback and planning will be provided to the customer team. An implementation plan, team, and next steps are completed as a part of the Discovery Analysis. Of course, this can also be conducted at the beginning of an implementation, when the standard is revised or when the customer is ready for an overhaul of their systems.

If an organization receives an FDA 483 or a citation, the first thing Omnex will do is conduct a comprehensive assessment and determine overall organization risk. Based on the findings a comprehensive improvement plan will be developed. Some of the FDA findings and Omnex improvements are as follows:

  • Quality unit deficiencies equate to QMS improvements that introduce prevention-based tools.
  • Batch failure investigations equate to the better disciplined problem-solving methodologies
  • "Lack of follow up" procedures could point to two areas that need work one is Top Management and their follow-through capabilities QOS/BOS and/or second, organization-wide follow-through using the discipline of process, product and system audits.
  • Escalation is something that can be built into multiple processes in the QMS. Sure-fire methods to institute escalation processes are by implementing an EwIMS that has programmed into it "reminders" and "escalation".

Omnex's core strengths are spelled out in the 16 methodologies in which we specialize. Each of these practices is Best-In-Class practice that can be implemented based on the needs of a specific organization in any industry.