EN ISO 13485:2016 standard specifies the requirements for a quality management system where the organization must demonstrate its ability to provide medical devices and related services that meet customer requirements and applicable regulatory requirements. It is flexible enough to meet the individual needs of different types of medical device organizations. ISO 13485 does not specify detailed requirements but requires the medical device organization to identify those stakeholder requirements that are relevant to its individual needs and integration into the QMS.
In today's paper, I want to address what documents and records are required for an effective quality management system (QMS) based on the ISO 13485 standard and which are commonly used in the implementation of QMS in ISO 13485.
Organizations try to meet the requirements of the standard and therefore try to create too many documents, some just for the sake of “what if…“.
This can be useful, but ultimately such documentation makes a big and confusing jungle in maintaining the implemented processes, and organizations then lack opportunities for improvement with the ability to use them to their advantage as well as to their customers.
So, which documents and records are required to streamline QMS?
Mandatory documents
| Mandatory document |
Statute ISO 13485: 2016 |
| Documented tasks performed by the organization |
4.1.1 |
| Written quality agreements with external partners |
4.1.5 |
| Procedure for validating a computer software application | 4.1.6, 7.5.6, 7.6 |
| Quality policy |
4.2.1 |
| Quality goals |
4.2.1 |
| Quality manual |
4.2.1 |
| Document review procedure |
4.2.4 |
| Procedure for checking records |
4.2.5 |
| Responsibilities and authorities |
5.5.1 |
| Management review procedure |
5.6.1 |
| Competence, training and information procedure |
6.2 |
| Infrastructure requirements |
6.3 |
| Requirements for maintenance activities |
6.3 |
| Work environment requirements |
6.4.1 |
| Work environment monitoring and control procedure |
6.4.1 |
| Health, cleanliness and clothing requirements for staff |
6.4.1 |
| Measures to control a contaminated or potentially contaminated product |
6.4.2 |
| Requirements for control of contamination by a sterile medical device |
6.4.2 |
| Risk management processes in product implementation |
7.1 |
| Ways of communication with customers |
7.2.3 |
| Design and development process |
7.3.1 |
| Purchase procedure |
7.4.1 |
| Production control procedure and methods |
7.5.1 |
| Product cleanliness requirements |
7.5.2 |
| Requirements for installation and acceptance criteria for medical devices to verify installation |
7.5.3 |
| Procedure for performing medical device activities |
7.5.4 |
| Process validation procedures |
7.5.6 |
| Sterilization procedures validation procedure |
7.5.7 |
| Product identification procedure |
7.5.8 |
| Traceability procedure |
7.5.9.1 |
| Procedure for maintaining product conformity |
7.5.11 |
| Procedure for monitoring and measuring equipment |
7.6 |
| Procedure for obtaining feedback from customers |
8.2.1 |
| Complaints handling procedure |
8.2.2 |
| Internal audit procedure |
8.2.4 |
| Nonconforming product inspection procedure |
8.3.1 |
| Procedure for issuing advisory notices |
8.3.3 |
| Recasting procedure |
8.3.4 |
| Data analysis procedure |
8.4 |
| Corrective action procedure |
8.5.2 |
| Procedure for preventive measures |
8.5.3 |
Mandatory records
<
| Mandatory record | ISO 13485:2016 |
| Records of software validation activities |
4.1.6, 7.6 |
| A set of medical devices |
4.2.3 |
| Management review records |
5.6.1 |
| Records of education, training, skills and experience |
6.2 |
| Records of maintenance activities |
6.3 |
| Records of risk management activities |
7.1 |
| Product implementation planning outputs |
7.1 |
| Records of results and activities resulting from the examination of product requirements |
7.2.2 |
| Changes to product requirements records |
7.2.2 |
| Design and development - planning documents |
7.3.2 |
| Design and development of inputs |
7.3.3 |
| Design and development of outputs |
7.3.4 |
| Design and development review records |
7.3.5 |
| Records of design and development verification results |
7.3.6 |
| Design and development validation plans |
7.3.7 |
| Records of results and conclusion of design and development validation |
7.3.7 |
| Results and conclusions of design and development transfer |
7.3.8 |
| Records of design and development changes |
7.3.9 |
| Design and development file |
7.3.10 |
| Records of the results of supplier evaluation, selection, monitoring and reassessment |
7.4.1 |
| Purchased product verification records |
7.4.3 |
| Record for each medical device or dose of medical devices |
7.5.1 |
| Medical device installation records and installation verification |
7.5.3 |
| Records of service activities |
7.5.4 |
| Records of sterilization process parameters |
7.5.5 |
| Records of results and conclusion of validation |
7.5.6 |
| Records of the results and conclusion of the sterilization of medical devices |
7.5.7 |
| Traceability records |
7.5.9.2 |
| Records of the name and address of the consignee of the transport package |
7.5.9.2 |
| Customer notifications of changes to his property |
7.5.10 |
| Records of calibration and verification results of monitoring and measuring equipment |
7.6 |
| Customer feedback report |
8.2.1 |
| Complaints handling records |
8.2.2 |
| Regulatory reporting records |
8.2.3 |
| Internal audit plan |
8.2.4 |
| Internal audit report |
8.2.4 |
| Proof of conformity of the products with the acceptance criteria |
8.2.6 |
| The identity of the person who authorizes the release of the product |
8.2.6 |
| The identity of personnel performing any inspection or testing of implantable medical devices |
8.2.6 |
| Discrepancy record |
8.3.1 |
| Records of the acceptance of the product by the concession and the identity of the person authorizing the concession |
8.3.2 |
| Records of actions related to the issuance of advisory notices |
8.3.3 |
| Rework records |
8.3.4 |
| Records of data analysis results |
8.4. |
| Records of corrective measures |
Training:
Quality manager for healthcare and social services
Internal auditor of the QMS in the field of medical devices ISO 13485
AIAG members and Odette - together with established industry partners and stakeholders have decided to release a new version of MMOG/LE, in order to support the following objectives for a more stable and predictable supply chain.
More
ISO / IEC 17025 is a standard that applies to laboratories in various industries and ensures that standards for laboratory testing and calibration are followed in practice.
More
Recently, we have begun to accumulate events that we are not used to in our latitudes. Apart from the pandemic, we have certainly all caught a tornado in Moravia and other extreme weather events. ISO 22301 specifies business continuity requirements and rules and helps companies recover quickly from unforeseen events. Its aim is to prepare companies and protect them in the event of such an exceptional unforeseen event.
More
What is the difference between PSB and PSCR? Why is PSB no longer enough and what has changed? What training should you undergo?
More
