ISO 13485

Last updated November 08, 2023

ISO 13485Medical devices -- Quality management systems -- Requirements for regulatory purposes is a voluntary standard,^[1] published by International Organization for Standardization (ISO) for the first time in 1996, and contains a comprehensive quality management system for the design and manufacture of medical devices. The latest version of this standard supersedes earlier documents such as EN 46001 (1993 and 1996) and EN 46002 (1996), the previously published ISO 13485 (1996 and 2003), and ISO 13488 (also 1996).

Background

Though it is tailored to the industry's quality system expectations and regulatory requirements, an organization does not need to be actively manufacturing medical devices or their components to seek certification to this standard, in contrast to the automotive sector's ISO/TS 16949, where only firms with an active request for quotation, or on the bid list, of an International Automotive Task Force supply chain manufacturer can seek registration.^[3]

Reason for use

While it remains a stand-alone document, ISO 13485 is generally harmonized with ISO 9001. A principal difference, however, is that ISO 9001 requires the organization to demonstrate continual improvement, whereas ISO 13485 requires only that the certified organization demonstrate the quality system is effectively implemented and maintained. Additionally, the ISO 9001 requirements regarding customer satisfaction are absent from the medical device standard.^[4]

Other specific differences include:

the promotion and awareness of regulatory requirements as a management responsibility. Examples of market-specific regulatory requirements include 21 CFR 820, the Quality System Regulation for medical devices sold in the United States, enforced by the U.S. Food and Drug Administration (FDA), or the Medical Devices Directive 93/42/EEC, required for doing business in the European Union
controls in the work environment to ensure product safety
focus on risk management activities and design control activities during product development
specific requirements for inspection and traceability for implantable devices
specific requirements for documentation and validation of processes for sterile medical devices
specific requirements for verification of the effectiveness of corrective and preventive actions
specific requirements for cleanliness of products

Compliance with ISO 13485 is often viewed as the initial step in ensuring adherence to European regulatory requirements. This is particularly significant when it comes to assessing the conformity of Medical Devices and In-vitro Diagnostic Medical Devices in accordance with European Union Directives 93/42/EEC, 90/385/EEC, and 98/79/EEC before allowing their sale. A fundamental aspect of proving conformity lies in the establishment and implementation of a Quality Management System compliant with ISO 9001, ISO 13485, and ISO 14971. While it's important to note that the European Union Directives don't explicitly mandate certification to ISO 9001 and/or ISO 13485, it is the preferred approach for demonstrating compliance to these standards, and this certification is issued by specialized organizations referred to as "Registrars."

Furthermore, some of these registrars also serve as Notified Bodies, which play a pivotal role in the pre-market assessment of certain medical devices. When a Notified Body conducts a thorough evaluation and issues a positive assessment, it results in the coveted certificate of conformity, granting the CE mark and the authorization to market the medical device within the European Union. It's important to underline that the Notified Body's assessment scrutinizes the company's Quality Management System in great detail, along with a meticulous review of the requisite Technical Documentation. This comprehensive evaluation is a crucial element that the Notified Body takes into account when granting the certificate of conformity for the company's product or products.

In summary, the journey to compliance with European regulatory requirements for medical devices entails a multi-faceted approach, with ISO 13485 serving as a cornerstone and the involvement of Notified Bodies as a key step to gain the necessary certifications and permissions for market access in the European Union.

This standard adopted by CEN as EN ISO 13485:2003/AC:2007 is harmonized with respect to the European medical device directives 93/42/EEC, 90/385/EEC and 98/79/EC.^[5]

ISO 13485 is now considered to be inline standard and requirement for medical devices even with "Global Harmonization Task Force Guidelines" (GHTF).^[6] The GHTF guidelines are slowly becoming universal standards for design, manufacture, export and sales of various medical devices. The GHTF has been replaced in the last few years by the International Medical Device Regulators Forum (IMDRF)^[7] and is structured differently from the GHTF as only the regulators, that are primary members of the group, get to make many of the decisions. The IMDRF main membership (the regulators) do want to have non-regulators involved without voting rights and in this way they are hoping to get the process and documents completed quicker than under the GHTF system (regulators & non-regulators were equal in voting rights) that worked reasonably well, but somewhat slow.

This standard adopted by CEN as EN ISO 13485:2012 is harmonized with respect to the European Medical Devices Directive 93/42/EEC.^[8]

Mexico published on October 11, 2012, a national standard as a Norma Oficial Mexicana (NOM) to control manufacture of medical devices inside the country. NOM-241-SSA1-2012, Buenas Practicas de Fabricación para Establecimientos dedicados a la Fabricación de Dispositivos Médicos.^[9] The scope of application is mandatory in the national territory, for all establishments dedicated to the process of medical devices marketed in the country. The Cofepris is the body assigned to its control, verification and to grant the records of compliance to the companies that implement this Standard of Good Manufacturing Practices. This standard is partially in line with ISO 13485: 2003 and ISO 9001: 2008.

In 2017, The Farmacopea de los Estados Unidos Mexicanos (United Mexican States Pharmacopoeia), medical industrial sectors and Cofepris are working together for updating NOM-241 Standard, putting special attention on managing risks during manufacture and regulating by manufacturing lines some of the most important medical devices manufacturing processes. This standard will be published in August 2018, and 180 days after publication it will become mandatory for the industry.

In Spain, medical devices are named in ISO-13485 as "Sanitary Products" as Castellano-language translation of ISO-13485, but in Mexico they are known as "Medical Devices" and correspond to those used in medical practice and that meet the definition established by NOM-241 as: Medical device, to the substance, mixture of substances, material, apparatus or instrument (including the computer program necessary for its proper use or application), used alone or in combination in the diagnosis, monitoring or prevention of human or auxiliary diseases in the treatment of the same and of the disability, as well as the employees in the replacement, correction, restoration or modification of the anatomy or human physiological processes. Medical devices include products of the following categories: medical equipment, prostheses, orthotics, functional aids, diagnostic agents, supplies for dental use, surgical, healing and hygiene products. ISO 13485:2016 Certificates meets the requirement of IEC 60601-2-25 : 1993 + A1: 1999 safety of Electrocardiograms.

Chronology

Year	Description
1993	EN 46001 Quality systems – Medical devices – Particular requirements for the application of EN ISO 9001 is published by the European Committee for Standardization (CEN), forming the basis for developing ISO 13485.
1996	ISO 13485 (1st Edition).
2000	EN ISO 13485 is published by CEN, creating a European Norm version of the international standard, and the previous European standard (EN 46001) is withdrawn.
2003	ISO 13485 (2nd Edition).
2012	EN ISO 13485 is revised so that it harmonizes with the three European directives associated with the medical sector: 93/42/EEC (medical devices), 98/79/EC (in vitro diagnostic medical devices), and 90/385/EEC (active implantable medical devices).
2016	ISO 13485 (3rd Edition).

Related Research Articles

A quality management system (QMS) is a collection of business processes focused on consistently meeting customer requirements and enhancing their satisfaction. It is aligned with an organization's purpose and strategic direction. It is expressed as the organizational goals and aspirations, policies, processes, documented information, and resources needed to implement and maintain it. Early quality management systems emphasized predictable outcomes of an industrial product production line, using simple statistics and random sampling. By the 20th century, labor inputs were typically the most costly inputs in most industrialized societies, so focus shifted to team cooperation and dynamics, especially the early signaling of problems via a continual improvement cycle. In the 21st century, QMS has tended to converge with sustainability and transparency initiatives, as both investor and customer satisfaction and perceived quality are increasingly tied to these factors. Of QMS regimes, the ISO 9000 family of standards is probably the most widely implemented worldwide – the ISO 19011 audit regime applies to both and deals with quality and sustainability and their integration.

Conformance testing — an element of conformity assessment, and also known as compliance testing, or type testing — is testing or other activities that determine whether a process, product, or service complies with the requirements of a specification, technical standard, contract, or regulation. Testing is often either logical testing or physical testing. The test procedures may involve other criteria from mathematical testing or chemical testing. Beyond simple conformance, other requirements for efficiency, interoperability, or compliance may apply. Conformance testing may be undertaken by the producer of the product or service being assessed, by a user, or by an accredited independent organization, which can sometimes be the author of the standard being used. When testing is accompanied by certification, the products or services may then be advertised as being certified in compliance with the referred technical standard. Manufacturers and suppliers of products and services rely on such certification including listing on the certification body's website, to assure quality to the end user and that competing suppliers are on the same level.

The ISO 9000 family is a set of five quality management systems (QMS) standards by the International Organization for Standardization (ISO) that help organizations ensure they meet customer and other stakeholder needs within statutory and regulatory requirements related to a product or service. ISO 9000 deals with the fundamentals of QMS, including the seven quality management principles that underlie the family of standards. ISO 9001 deals with the requirements that organizations wishing to meet the standard must fulfill. ISO 9002 is a model for quality assurance in production and installation. ISO 9003 for quality assurance in final inspection and test. ISO 9004 gives guidance on achieving sustained organizational success.

Medical software is any software item or system used within a medical context, such as:reducing the paperwork, tracking patient activity

On commercial products, the presence of the logo means that the manufacturer or importer affirms the goods' conformity with European health, safety, and environmental protection standards. It is not a quality indicator or a certification mark. The CE marking is required for goods sold in the European Economic Area (EEA); goods sold elsewhere may also carry the mark.

<span class="mw-page-title-main">Medical device</span> Device to be used for medical purposes

A medical device is any device intended to be used for medical purposes. Significant potential for hazards are inherent when using a device for medical purposes and thus medical devices must be proved safe and effective with reasonable assurance before regulating governments allow marketing of the device in their country. As a general rule, as the associated risk of the device increases the amount of testing required to establish safety and efficacy also increases. Further, as associated risk increases the potential benefit to the patient must also increase.

Quality management ensures that an organization, product or service consistently functions well. It has four main components: quality planning, quality assurance, quality control and quality improvement. Quality management is focused not only on product and service quality, but also on the means to achieve it. Quality management, therefore, uses quality assurance and control of processes as well as products to achieve more consistent quality. Quality control is also part of quality management. What a customer wants and is willing to pay for it, determines quality. It is a written or unwritten commitment to a known or unknown consumer in the market. Quality can be defined as how well the product performs its intended function.

Dental laboratories manufacture or customize a variety of products to assist in the provision of oral health care by a licensed dentist. These products include crowns, bridges, dentures and other dental products. Dental lab technicians follow a prescription from a licensed dentist when manufacturing these items, which include prosthetic devices and therapeutic devices. The FDA regulates these products as medical devices and they are therefore subject to FDA's good manufacturing practice ("GMP") and quality system ("QS") requirements. In most cases, however, they are exempt from manufacturer registration requirements. Some of the most common restorations manufactured include crowns, bridges, dentures, and dental implants. Dental implants is one of the most advanced dental technologies in the field of dentistry.

The British Standards Institution (BSI) is the national standards body of the United Kingdom. BSI produces technical standards on a wide range of products and services and also supplies certification and standards-related services to businesses.

A European Authorised Representative (E.A.R.) serves as a legal entity designated by non European Union (EU) manufacturers, to represent them in the EU and ensure their compliance with the European Directives. The CE certificate and declaration of conformity can only be issued by a company located in the European Union.

Croatian Register of Shipping, also known as CRS, is an independent classification society established in 1949. It is a non-profit organisation working on the marine market, developing technical rules and supervising their implementation, managing risk and performing surveys on ships. The Society's head office is in Split.

A notified body, in the European Union, is an organisation that has been designated by a member state to assess the conformity of certain products, before being placed on the EU market, with the applicable essential technical requirements. These essential requirements are publicised in European directives or regulations.

The Bureau of Indian Standards (BIS) is the National Standards Body of India under Department of Consumer affairs, Ministry of Consumer Affairs, Food & Public Distribution, Government of India. It is established by the Bureau of Indian Standards Act, 2016 which came into effect on 12 October 2017. The Minister in charge of the Ministry or Department having administrative control of the BIS is the ex-officio President of the BIS. BIS has 500 plus scientific officers working as Certification Officers, Member secretaries of technical committees and lab OIC's.

British Approvals Service for Cables is an independent accredited certification body headquartered in Milton Keynes, United Kingdom. Here, the organization's dedicated testing laboratory also operates which is believed to be the largest of its type in Europe. BASEC was established in 1971 and principally provides product certification services for all types of cable and wire, ancillary products and management systems within the cable industry. The organization maintains operations throughout the world including Africa, Middle East, America, Asia and Europe.

ISO 14971Medical devices — Application of risk management to medical devices is a voluntary standard for the application of risk management to medical devices. "Voluntary standards do not replace national laws, with which standards' users are understood to comply and which take precedence" over voluntary standards such as ISO 13485 and ISO 14971. The ISO Technical Committee responsible for the maintenance of this standard is ISO/ TC 210 working with IEC/SC62A through Joint Working Group one (JWG1). This standard is the culmination of the work starting in ISO/IEC Guide 51, and ISO/IEC Guide 63. The third edition of ISO 14971 was published in December 2019 and supersedes the second edition of ISO 14971.

IEC 62304 – medical device software – software life cycle processes is an international standard published by the International Electrotechnical Commission (IEC). The standard specifies life cycle requirements for the development of medical software and software within medical devices. It has been adopted as national standards and therefore can be used as a benchmark to comply with regulatory requirements.

Harmonization is the process of minimizing redundant or conflicting standards which may have evolved independently. The name is also an analogy to the process to harmonizing discordant music.

The Annex SL is a section of the ISO/IEC Directives part 1 that prescribes how ISO Management System Standard (MSS) standards should be written. The aim of Annex SL is to enhance the consistency and alignment of MSS by providing a unifying and agreed-upon high level structure, identical core text and common terms and core definitions. The aim being that all ISO Type A MSS are aligned and the compatibility of these standards is enhanced.

Regulation (EU) 2017/745 is a regulation of the European Union on the clinical investigation and sale of medical devices for human use. It repeals Directive 93/42/EEC (MDD), which concerns medical devices, and Directive 90/385/EEC, which concerns active implantable medical devices, on 26 May 2021.

A custom-made medical device, commonly referred to as a custom-made device (CMD) or a custom device, is a medical device designed and manufactured for the sole use of a particular patient. Examples of custom-made medical devices include auricular splints, dentures, orthodontic appliances, orthotics and prostheses.

References

↑ "FOREWORD - SUPPLEMENTARY INFORMATION". www.iso.org/foreword-supplementary-information.html.
↑ "ISO 13485:2016 - Medical devices -- Quality management systems -- Requirements for regulatory purposes". www.iso.org. Retrieved 2016-03-24.
↑ "IATF 16949:2016 Automotive Quality Management System - BSI America - BSI America". www.bsiamerica.com.
↑ "Understanding ISO 13485".
↑ "Summary list of titles and references of harmonised standards related to medical devices - DG Enterprise & Industry. European Commission". Archived from the original on 2009-02-01.
↑ "GHTF is no longer in operation". www.ghtf.org.
↑ "International Medical Device Regulators Forum". www.imdrf.org.
↑ "CENELEC - Standards Development - List of Technical Bodies -". www.cenelec.eu.
↑ "NORMA Oficial Mexicana NOM-241-SSA1-2012, Buenas prácticas de fabricación para establecimientos dedicados a la fabricación de dispositivos médicos". www.dof.gob.mx. Retrieved 19 October 2017.

External links

Guide to ISO 13485
ISO 13485 Standard: Medical devices — Quality management systems: ISO Website
Overview, guidance and regulatory compliance for EU medical device manufacturers
CFR - Code of Federal Regulations Title 21, Part 821, Food and Drug Administration's Quality System Regulation

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.

[1] "FOREWORD - SUPPLEMENTARY INFORMATION". www.iso.org/foreword-supplementary-information.html.

[2] "ISO 13485:2016 - Medical devices -- Quality management systems -- Requirements for regulatory purposes". www.iso.org. Retrieved 2016-03-24.

[3] "IATF 16949:2016 Automotive Quality Management System - BSI America - BSI America". www.bsiamerica.com.

[4] "Understanding ISO 13485".

[5] "Summary list of titles and references of harmonised standards related to medical devices - DG Enterprise & Industry. European Commission". Archived from the original on 2009-02-01.

[6] "GHTF is no longer in operation". www.ghtf.org.

[7] "International Medical Device Regulators Forum". www.imdrf.org.

[8] "CENELEC - Standards Development - List of Technical Bodies -". www.cenelec.eu.

[9] "NORMA Oficial Mexicana NOM-241-SSA1-2012, Buenas prácticas de fabricación para establecimientos dedicados a la fabricación de dispositivos médicos". www.dof.gob.mx. Retrieved 19 October 2017.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

v t e ISO standards by standard number
List of ISO standards – ISO romanizations – IEC standards
1–9999	1 2 3 4 6 7 9 16 17 31 -0 -1 -3 -4 -5 -6 -7 -8 -9 -10 -11 -12 -13 68-1 128 216 217 226 228 233 259 261 262 302 306 361 500 518 519 639 -1 -2 -3 -5 -6 646 657 668 690 704 732 764 838 843 860 898 965 999 1000 1004 1007 1073-1 1073-2 1155 1413 1538 1629 1745 1989 2014 2015 2022 2033 2047 2108 2145 2146 2240 2281 2533 2709 2711 2720 2788 2848 2852 3029 3103 3166 -1 -2 -3 3297 3307 3601 3602 3864 3901 3950 3977 4031 4157 4165 4217 4909 5218 5426 5427 5428 5725 5775 5776 5800 5807 5964 6166 6344 6346 6373 6385 6425 6429 6438 6523 6709 6943 7001 7002 7010 7027 7064 7098 7185 7200 7498 -1 7637 7736 7810 7811 7812 7813 7816 7942 8000 8093 8178 8217 8373 8501-1 8571 8583 8601 8613 8632 8651 8652 8691 8805/8806 8807 8820-5 8859 -1 -2 -3 -4 -5 -6 -7 -8 -8-I -9 -10 -11 -12 -13 -14 -15 -16 8879 9000/9001 9036 9075 9126 9141 9227 9241 9293 9314 9362 9407 9496 9506 9529 9564 9592/9593 9594 9660 9797-1 9897 9899 9945 9984 9985 9995
10000–19999	10006 10007 10116 10118-3 10160 10161 10165 10179 10206 10218 10279 10303 -11 -21 -22 -28 -238 10383 10487 10585 10589 10628 10646 10664 10746 10861 10957 10962 10967 11073 11170 11179 11404 11544 11783 11784 11785 11801 11889 11898 11940 (-2) 11941 11941 (TR) 11992 12006 12052 12182 12207 12234-2 12620 13211 -1 -2 13216 13250 13399 13406-2 13450 13485 13490 13567 13568 13584 13616 13816 14000 14031 14224 14289 14396 14443 14496 -2 -3 -6 -10 -11 -12 -14 -17 -20 14617 14644 14649 14651 14698 14764 14882 14971 15022 15189 15288 15291 15292 15398 15408 15444 -3 -9 15445 15438 15504 15511 15686 15693 15706 -2 15707 15897 15919 15924 15926 15926 WIP 15930 16023 16262 16355-1 16485 16612-2 16750 16949 (TS) 17024 17025 17100 17203 17369 17442 17506 17799 18004 18014 18181 18245 18629 18916 19005 19011 19092 -1 -2 19114 19115 19125 19136 19407 19439 19500 19501 19502 19503 19505 19506 19507 19508 19509 19510 19600 19752 19757 19770 19775-1 19794-5 19831
20000–29999	20000 20022 20121 20400 20802 21000 21047 21122 21500 21827 22000 22275 22300 22395 22537 23000 23090-3 23270 23271 23360 24517 24613 24617 24707 25178 25964 26000 26262 26300 26324 27000 series 27000 27001 27002 27005 27006 27729 28000 29110 29148 29199-2 29500
30000+	30170 31000 32000 37001 38500 40500 42010 45001 50001 55000 56000 80000
Category