FDA Aligning To ISO 13485_2016 (And Why It Matters)

Earlier this year, the FDA announced their intentions to change the US’s current medical device regulations from FDA 21 CFR Part 820 to ISO 13485:2016This is kind of a big deal. Let me explain why.

First, what is ISO 13485:2016? And what is FDA 21 CFR Part 820?

FDA 21 CFR Part 820 is the quality system regulations that the United States has been following since 1996. The QSRs define minimum criteria for a medical device company regarding design, manufacturing, packaging, labeling, storage, installation, and servicing of medical devices sold and distributed in the United States

ISO 13485:2016 is a voluntary standard that defines quality system requirements which much of the rest of the world recognizes for developing and maintaining the system that caters to the medical device market.

Free Resource: Want to see a full comparison of ISO 13485:2016 & FDA 21 CFR Part 820? Download here.

understanding the difference between iso 13485 & 13485:2016

In a nutshell, not much differs between the two. Both systems contain the essentially the same requirements, especially since ISO 13485 was revised in 2016. ISO 13485:2016 is not a regulation or law, however, while FDA 21 CFR Part 820 is mandatory for medical device distribution in the United States.

Historically, just because a medical device company was certified to ISO 13485:2016 had little to no baring with respect to compliance with Part 820 in the eyes of FDA. Again, Part 820 is the law in the U.S.; ISO 13485 is not.

 

REGULATORY SHIFT IN THE WORKS

In early 2018, the FDA announced their intentions to shift towards harmonizing the FDA Quality System Regulations with ISO 13485:2016 for medical devices. This shift is being made with the intentions of reducing compliance and record keeping burdens on device manufacturers. This change will also modernize the regulations. ISO 13485 was originally published for use in 1996 and revised a few times since, with the most recent version being published in 2016, while FDA 21 CFR Part 820 has been unchanged since 1996. A lot has changed in the medical device industry in 20 years, and FDA wants to keep on top of those changes.

 

Why now?

ISO 13485:2016 has gained significant recognition globally outside the U.S. And with the most recent version of this standard, ISO 13485 and 21 CFR Part 820 are very much in sync with one another. FDA shifting to full adoption of ISO 13485:2016 would further solidify global regulatory harmonization efforts. (Note Working Group ISO/TC 210—the group who responsible for ISO 13485—already includes participation from FDA and other global regulatory bodies.)

Plus, the Medical Device Single Audit Program (MDSAP) rolled out within recent years has also been gaining significant momentum. One of the premises of MDSAP is to harmonize regulations and minimize audit and inspection burden for medical device companies. In fact, Health Canada is requiring ISO 13485:2016 certification and MDSAP for medical devices entering the Canadian market starting January 1, 2019. FDA shared that it plans to also eventually use MDSAP as the means to fully adopt ISO 13485.

 

IMPLICATIONS FOR RISK MANAGEMENT

Another QMS topic of interest is risk management. FDA Part 820 barely mentions risk management while ISO 13485:2016 puts a major emphasis on risk-based QMS and cites another standard, ISO 14971 for managing medical device product risk management many times. And we know that ISO 14971 standard is currently in the process of being revised with the current draft open for comments until mid-October 2018.

 

IMPLICATIONS FOR THE INDUSTRY

What impact will this transition from QSRs to ISO 13485 have on medical device companies? It’s expected that the impact on the currently running industry in the US will be minimal, but not without some challenges. Minimal because of how in sync ISO 13485:2016 is with respect to FDA 21 CFR Part 820. Said another way, if a company has a quality management system that meets the requirements of 820 is should also align with ISO 13485 requirements (key word: should). Challenging because achieving ISO certification is a separate process that requires an audit by a third party auditing organization.

What about companies who are already ISO 13485:2016 certified? These medical device companies certified to ISO 13485:2016 would likely receive significant benefits from easier US market access without having to implement FDA QSR processes. 

In the time it will take to switch regulations, ISO 13485:2016 will likely be more solidified and easy to adjust to. Kim Tautman, leading medical device quality systems expert and former FDA official who was one of the principal authors of the current Part 820, has stated, however, that those working in the medical device industry should start making preparations for these changes as soon as possible. At RAPS’ 2016 Regulatory Convergence, she said, “You might not want to do this project, but if you’re marketing pretty much anywhere in the major countries or jurisdictions of the world, ISO 13485:2016 is--in some way, shape, or form--a requirement, and we have to learn how to deal with it.”

 

PREPARING FOR CHANGES TO COME

So, is this a done deal?

Nope. As of right now, it’s simply a proposal. The proposed change is not yet mandated by law, so it could be a while more before we know for sure. The FDA will face a tremendous undertaking if the change does go into effect, so unavoidable issues need to be considered. The process of starting and finishing out this change will likely take years.

It is expected that there will be some serious momentum on the topic from FDA starting in 2019, with final rule possible sometime in 2020. Best estimates on the soonest this transition from Part 820 QSRs to ISO 13485:2016 could take a few years.

 

FINAL THOUGHTS

Whenever the FDA decides to roll this out, rest assured Greenlight Guru will have you covered. With our QMS software platform specifically designed for medical device companies, our subject matter experts and developers are closely tracking these changes to ensure any and all pertinent changes are implemented into our software. We take the worry out of compliance, and allow you to focus on making true quality products.