Competent Authority, Notified Body, ISO Registrar - How Each Role Functions in the Medical Device Industry

To ensure quality and mitigate the risk of subjectivity or bias, the European and Canadian medical device regulatory landscape operate under a system of checks and balances in which three key roles control the go-to-market and stay-on-market process:

  • Competent Authority

  • Notified Body

  • ISO Registrar

Let’s take a close look at how competent authorities, notified bodies, and ISO registrars function and interact in the global regulatory landscape for medical devices.

FREE ACCESS: Want a curated list of content, bonus checklists + templates, and other valuable resources delivered to your inbox every week? Subscribe to our newsletter by clicking here.

Understanding the Role of Competent Authority

Speaking broadly, a competent authority is a legal term used to describe a person or organization with the legislative power to enforce the rules and regulations of a group or government. 

Under the framework of the European Union’s Medical Device Regulation (EU MDR), however, the definitions and responsibilities of a competent authority are more specific and nuanced.

 

Who are competent authorities?

A competent authority is a unique governing body belonging to a specific EU Member State. Though MDR is an EU-wide legislation, each competent authority is an appointed group within the boundaries of a specific country.

 

What do competent authorities do?

Competent authorities sit atop the chain of command and enforce the legal requirements of MDR. This role is responsible for certifying that Notified Bodies are following regulations in field work with medical device companies.

In order to maintain impartiality, competent authorities are required to adhere to standards set by the International Standardization Organization, specifically ISO/IEC 17021. In doing so, they conduct regular audits of Certification Bodies.

 

How do competent authorities interact with medical device manufacturers?

Competent authorities do not offer guidance directly to medical device manufacturers, but they do indirectly support companies by ensuring the certification process is impartial and fair. 

Competent authorities also are part of an EU-wide umbrella organization called the Competent Authorities for Medical Devices (CAMD). This network is a way to improve communication and collaborative work as well as stay united in the welfare and safety of all device end users and customers.

 

Understanding the Role of Notified Body

The next level of regulatory control is overseen by a group known as a notified body. Appointed by competent authorities, notified bodies have the largest impact on the medical device pathway into the EU.

 

Who are the notified bodies?

Notified bodies are independent organizations who perform conformity assessments of medical devices according to the requirements outlined in the Medical Device Regulation. 

Oftentimes these are privately held firms, with industry-specific expertise in the fields of risk management and medical device safety and standards.

 

What do notified bodies do?

Notified bodies are the sole issuers of EC-type Examination Certificates, which confirm devices are safe for public sale in the EU market.

Notified bodies conduct in-depth assessments of the design, manufacturing, and functionality of a medical device through a variety of tasks, such as:

  • Examine technical design

  • Conduct product testing

  • Review all technical documentation, such as technical file, user manuals, and reports

  • Complete full audits of quality management system

  • Perform random checks throughout life cycle

  • Compile evaluation reports

As part of the auditing process, notified bodies must assess for conformity with any and all defined standards and regulations, specifically those outlined in MDR.

 

How do notified bodies interact with medical device manufacturers?

The European Commission publishes a list of recognized notified bodies that can legally perform conformity assessment audits on medical devices. Medical device companies must choose from this list of accredited notified body firms as part of the conformity process.

Audits performed by notified bodies happen in two ways. The first is during a yearly, scheduled visit which companies are notified of far in advance. The second instance takes place as unscheduled, unannounced audits. Notified bodies are required to conduct this type of audit once per-year in addition to the scheduled visits.

 

Understanding the Role of ISO Registrar

An ISO registrar, also known as a Canadian registrar, is a conformity assessment body that audits for QMS compliance with an ISO standard, like ISO 9001 or ISO 13485.

 

Who are ISO registrars?

ISO registrars are verified, third-party organizations who specialize in the International Standard Organization requirements for quality management systems.

In order to become an accredited ISO registrar, firms must adhere to in-depth standards of operation. This includes understanding both the standards put forth guidelines for conformity, corrective action, auditing, documentation, and much more.

 

What do ISO registrars do?

ISO registrars are responsible for conducting quality management system audits. In the medical device industry, specifically, ISO registrars audit quality systems for compliance with ISO-specific standards, like ISO 9001 and ISO 13485, in the Canadian market.

 

How do ISO registrars interact with medical device manufacturers?

ISO registrars are responsible for auditing medical device manufacturers’ QMS for compliance in the Canadian market only. One limitation of ISO registrars is that they are not authorized to issue medical device registration certifications, rather this is handled by Health Canada.

FREE ACCESS: Want a curated list of content, bonus checklists + templates, and other valuable resources delivered to your inbox every week? Subscribe to our newsletter by clicking here.

Breeze through your next conformity assessment audit with Greenlight Guru

If you’re concerned about passing an upcoming conformity assessment audit, Greenlight Guru is here to help.

Our Medical Device Success Platform (MDSP) is designed to make the go-to-market process as simple as possible. The cloud-based software is aligned with EU MDR and ISO best practices and provides full traceability throughout every process of the entire medical device lifecycle—a new requirement of the MDR that no other solution can match. Get your free demo today!


Looking for a design control solution to help you bring safer medical devices to market faster with less risk? Click here to take a quick tour of Greenlight Guru's Medical Device QMS software