In 2016, the International Standards Organization (ISO) published the 3rd edition of ISO 13485, the leading global standard for medical device quality management systems. Known as ISO 13485:2016, this document serves as the standard for how medical device companies should manage their quality system. The guidelines found in ISO 13485 are becoming increasingly referenced and utilized in the development of the medical device single audit program (MDSAP), which allows manufacturers to sell products in several international markets after passing a single comprehensive audit.
Today, medical device companies that wish to sell devices in Europe must pass an ISO 13485 audit conducted by a Notified Body. A notified body is a third-party organization that has been accredited to assess the conformity of a medical device to the appropriate legislation and requirements before it can be placed on the market.
Medical device companies based in the United States are subject to inspections from the United States FDA, and although medical device companies can obtain ISO 13485 certification, an ISO certificate is not a requirement for medical device companies who wish to sell devices in the US.
Besides having different requirements for compliance, medical device manufacturers should note an important difference between FDA inspections and ISO audits for medical device quality systems. When we talk about the ISO 13485 audit, we're talking about conforming to a standard. Companies that fail to conform simply lose the privilege of selling products in markets where it is required. On the other hand, FDA inspections are based on legal requirements, meaning medical device companies can face fines and penalties if violations are discovered.
Preparing your medical device company for an ISO 13485 audit is a necessary step if you intend to sell your medical devices in Europe. You'll want to start by purchasing the ISO 13485:2016 standard and conducting a gap analysis to determine where your current quality system meets the requirements and where it falls short.
Following your gap analysis, you should implement a plan to achieve compliance with the standard. Determine what tasks are required to align that process with your organization's quality system, form a cross-functional team led by a quality manager to implement the changes and get started.
When you're ready to be audited for compliance with ISO 13485, you will need to contact a Notified Body to conduct the audit. You should expect an assessment of your quality system to include the following:
From the perspective of Notified Bodies, if a quality activity is not documented, it never happened. Greenlight Guru's eQMS platform, designed specifically for medical device companies, serves as a central data repository for documenting all quality activities associated with manufacturing devices and conforming to the ISO 13485 standard.
Greenlight Guru was specifically built to help medical device companies establish compliance with both ISO 13485:2016 and the FDA QSR, dedicate efforts towards developing higher quality devices and reduce overall time to market. The compelling proof that this solution is shaping the industry can be found in these published case studies, which detail how Greenlight Guru has helped a growing list of medical device companies establish quality management systems and obtain ISO 13485 certification.