Medical device manufacturers have a responsibility to consistently deliver devices that are safe and effective.
ISO 13485:2003 specifies quality management system requirements for organizations that need to demonstrate their ability to provide medical devices and related services that consistently meet customer and regulatory requirements.
Scope And Deliverables
ISO 13485:2003 – This is the latest version of ISO 13485 and fully replaces ISO 13485:1996 and ISO 13488:1996. This is the only standard to which medical device manufacturers may be registered. It was published in July 2003 and is based on the ISO 9001:2000 process model approach. ISO 13485:2003 provides a good base model for compliance with:
- EU CE marking Medical Devices Directives (Annex II, V, VI)
- Japan Pal requirements
- Health Canada CMDCAS (class II, III & IV devices)
ISO 13485:2003 is also considered to be fully compatible with the FDA quality system requirements.
Other related standards include:
- PD ISO/TR 14969:2004 – This standard provides guidance for the application of the requirements for quality management systems contained in ISO 13485:2003.
- ISO 14971:2001 – This standard specifies a procedure by which a manufacturer can identify the hazards associated with medical devices and their accessories. It also specifies a procedure to estimate and evaluate the identified risks, control these risks and monitor the effectiveness of the control.
The principal project outcomes are as follows:
- Identification, analysis and prioritization of significant risk aspects.
- A documented and cohesive set of procedures that will improve risk impact management as well as overall business operations.
- Goals, and clear responsibility and accountability for those goals.
- Metrics for key performance indicators that are linked to your business plan.
- An internal audit and management review process that will identify nonconformances versus the ISO13485 standard as well as areas in which the quality management system is not delivering meaningful results toward achieving business goals.
- Accredited registration of your QMS
What We Will Do
Risk Impact Analysis
The first step in creating an quality management system for medical devoces is to identify elements of your business that have high risk and gain access to the relevant legislation. This information will be used to produce objectives for compliance and a management program to achieve them.
Process Flow Diagrams
Your manual will be created using SatiStar’s process flow diagramming technology. This technology enables us to eliminate 70% or more of the text that is normally found in text based quality manuals. SatiStar documentation specialists will interview those individuals who actually do the work. This is your system. We simply hold the pen to record in your worker’s words, what they do. Interviews typically take between 20 minutes to 2 hours for each individual process. In all there are typically 10-15 processes captured to create your management system.
SatiStar will create ISO 13485 compliant policies and procedures and assemble these documents into a quality manual for your approval. Implementation of the QMS as described by the manual, can often commence while the manual is still being created.
SatiStar’s methodology eliminates a separate gap analysis. We integrate a gap analysis within the manual creation activity. In this way, we eliminate considerable time, cost and rework from the overall project. That in turn enables us to get you registered much more quickly.
QMS Implementation Coaching and Support
The overall management system implementation process takes about six months, but you can choose to implement the system at any pace that is comfortable. During this phase of the project, we work with you to transform your manual into a living document that you can truely call your own. One caveat must be brought to your attention with regard to implementation. More rapid implementations have better success and produce much higher quality results. If you plan to extend the implementation time frame beyond 12 months our experience is that it will be hard to maintain sufficient inertia towards registration to keep the project viable, and avoid considerable rework.
A qualified auditor will be employed to conduct the audit, which will take between one and two days to complete. The audit itself will be documented in an audit binder that we will create on your behalf. Any corrective actions that are required will be written up by our auditor and placed within the audit binder. The auditor will then review with your quality system representative exactly what each corrective action refers to, and will discuss detailed actions that will rapidly and effectively close out the corrective action request. Coaching will also be provided on how to respond to corrective action requests.
SatiStar will facilitate a management review meeting. We will create an agenda for this meeting that complies with the requirements of the standard, and will demonstrate how such a meeting can be conducted in order that it becomes an effective tool for action and improvement. A record of the management review meeting and the actions arising from that meeting will be required to meet the requirements of the ISO 13485 standard.
SatiStar will provide coaching on how to pass an audit, and will help remove the stress from the event by providing strategies and techniques for working with the auditor effectively. In 99% of the registrations that we assist clients with, the registrar makes a clear recommendation for registration at the time of the external audit. What remains is to receive the registration certificate, and of course, maintain the system.
What We Need You To Do
Although SatiStar does most of the technical work, ultimately it is up to the client to implement and “live” in the new ISO13485:2003 management system processes.
- Select an quality system representative who will ensure that the management system processes are implemented and maintained.
- Provide an “ISO War Room” where we can conduct training, coaching, interviews and planning sessions.
- Participate in the risk analysis, process flow diagramming, management review meeting and in the internal audit events.
WHAT PEOPLE ARE SAYING
SatiStar's Experience Makes The Difference!