The medical technology industry has gone through some changes in the last 14 years, as has its regulatory environment, and it was time that ISO 13485 reflected that evolution. The global standard for medical device quality management systems recently underwent its first revision since 2003, and it contains a number of changes that must be taken into account by medical device manufacturers and their critical suppliers. And, yes, there is a deadline: Companies must show compliance to ISO 13485:2016 by March 1, 2019. That might seem a ways off, but Notified Bodies have a lot on their plate right now, and audits are taking longer than ever before. PlasticsToday checked in with Garth Conrad, Vice President, Quality, at C. R. Bard, now part of BD, to learn more about how the revision affects the medical manufacturing space.
“There are three things I would focus on in the revision,” said Conrad: The approach to risk management, greater convergence with FDA CFR Part 820 and supply-chain management.
Previously, ISO 13485 essentially compartmentalized risk management activities around product development and post-market complaints. “The revision comprehensively takes risk management and applies it throughout the controls of a quality management system,” said Conrad. “The new version drives you to consider risk in all areas of your quality system—purchasing controls, management review and the basic documentation system for managing change control. Different levels of risk management now are incorporated into your system,” explained Conrad.
|Garth Conrad, Vice President, Quality, at C. R. Bard, now part of BD.|
ISO 13485:2016 also integrates “more of the flavor of what you see in FDA CFR Part 820 in terms of requirements,” said Conrad. “Regulators around the world are beginning to converge to a more common set of requirements and expectations.” The European Union’s new Medical Device Regulation (MDR), which starts to go into effect in 2020, was influenced by the breast implant scandal, in which a French manufacturer of implants was found to be using non-medical grade silicone. As a result, the MDR includes a number of safeguards that were absent in the Medical Device Directive, which it replaces. “ISO 13485:2016 was drafted a little before then, but it did capture some of [the same] expectations,” said Conrad.
The third foot of this three-legged stool is supply chain management. “Regulators understand that the majority of medical devices are not made by OEMs, who have deep and wide supply chains,” said Conrad. “As such, quite a bit of information in the revision relates to purchasing controls and flow-down of requirements into the OEM’s supply base.”
|Garth Conrad will discuss implementing ISO 13485:2016 during the Regulatory & Quality Update conference track at the co-located Medical Design & Manufacturing (MD&M) and PLASTEC West event in Anaheim, CA, on Feb. 6 to 8. The session is scheduled for Feb. 6 from 9:15 to 11 AM. When registering for the conference, be sure to use the promo code PLASTICSTODAY to receive a 20% discount.|
While medtech OEMs are not required to work with suppliers that have ISO certification, they must ensure that suppliers have adequate quality control systems in place. “Maintaining ISO certification guarantees a certain level of compliance. If OEMs require ISO certification from their suppliers, they are in the game at a certain level of performance,” said Conrad. Other avenues are available, he added, including FDA’s Medical Device Single Audit Program (MDSAP).