Regulatory Focus™ > News Articles > New ISO 13485: Device Companies Have Three Years to Transition

New ISO 13485: Device Companies Have Three Years to Transition

Posted 01 March 2016 | By Michael Mezher

The International Organization for Standardization (ISO) late last month released its long-awaited revision to ISO 13485, the global standard for medical device quality management systems (QMS), which replaces the previous version from 2003.

The new revision places a greater emphasis on QMS throughout the supply chain and product lifecycle, as well as device usability and postmarket surveillance requirements.

Over the next three years, ISO 13485:2003 and ISO 13485:2016 will coexist, allowing manufacturers, accreditation/certification bodies and regulators time to transition to the new standard.

According to a draft transition planning guidance, organizations will still be able to be accredited for either ISO 13485:2003 or ISO 13485:2016 for the first two years of the transition period; however, after the second year, new accreditation will only be given for ISO 13485:2016.

After the third year, the guidance says, "any existing certification issued to ISO 13485:2003 will not be valid."

Background

Many organizations involved with medical device development, including manufacturers and service providers use ISO 13485 to "demonstrate [their] ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements."

Regulators worldwide have integrated ISO 13485 into their regulatory systems, including those in the US, EU, Canada, Australia and Japan. The standard is sometimes adapted to meet local requirements, for example, EN ISO 13485:2012 in the EU adds a forward and several annexes to the standard specific to the region.

ISO 13485 is also used for the Medical Device Single Audit Program (MDSAP), an international effort to reduce redundant audits of medical device manufacturers.

"Many jurisdictions have got quality management system requirements for medical device manufacture and supply, so it's really important that there's a common understanding between the regulator and the industry as to what's required for that quality management system," said Eamonn Hoxey, former chair of ISO's technical committee for quality management and corresponding general aspects for medical devices in a video interview on ISO's website.

ISO 13485:2016 Major Revisions

The decision to revise ISO 13485 was made following the most recent review of the 2003 standard, according to Hoxey.

"When we did the last review, we had discussions with the regulatory authorities and we – both industry and the authorities – felt that it was time to revise the standard … Since 2003, a number of jurisdictions have either revised or introduced regulations for medical devices, so we want to make sure the quality management system requirements align fully with those regulatory requirements."

When asked about the new revision, ISO representative Maria Lazarte, relayed a list of major changes from the technical committee for ISO 13485.

Some of the biggest changes between the 2003 and 2016 version include:

Incorporation of risk-based approaches beyond product realization. Risk is considered in the context of the safety and performance of the medical device and in meeting regulatory requirements;
Increased linkage with regulatory requirements, particularly for regulatory documentation;
Application to organizations throughout the lifecycle and supply chain for medical devices;
Harmonization of the requirements for software validation for different software applications (QMS software, process control software, software for monitoring and measurement) in different clauses of the standard;
Emphasis on appropriate infrastructure, particularly for production of sterile medical devices, and addition of requirements for validation of sterile barrier properties;
Additional requirements in design and development on consideration of usability, use of standards, verification and validation planning, design transfer and design records;
Emphasis on complaint handling and reporting to regulatory authorities in accordance with regulatory requirements, and consideration of post-market surveillance; and
Planning and documenting corrective action and preventive action, and implementing corrective action without undue delay.

Speaking to those changes, Hoxey said "it's important to bear in mind that ISO 13485 does deal with the whole lifecycle from design and development, through manufacture, transport … and on to the end of life."

ISO 13485:2016

Categories: Regulatory News

Regulatory News

Story Thumbnail
FDA Finalizes Rule to Simplify Medical Device Classification Procedures
- 13 December 2018
- By Ana Mulero
Read More
Story Thumbnail
EU Regulatory Roundup: France to Create Trial Fast Track for Cell and Gene Therapies
- 13 December 2018
- By Nick Paul Taylor
Read More
Story Thumbnail
FDA Withdraws Proposed Rule on Generic Label Changes
- 13 December 2018
- By Zachary Brennan
Read More

About the Regulatory Profession

Regulatory Code of Ethics

Member Knowledge Center

Regulatory Competency Framework

Regulatory Convergence

RAPS Regulatory Conference - Europe 2019

Fundamentals of US Regulatory Affairs, 10th Edition

Exam Schedules

New ISO 13485: Device Companies Have Three Years to Transition

Background

ISO 13485:2016 Major Revisions

Regulatory News

FDA Finalizes Rule to Simplify Medical Device Classification Procedures

EU Regulatory Roundup: France to Create Trial Fast Track for Cell and Gene Therapies

FDA Withdraws Proposed Rule on Generic Label Changes