Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.

ISO 13485:2016 Revisions Webinar

This webinar goes over the major changes of the new ISO 13485:2016 standard, including the upgrade process. Program Manager Rick Burgess presented and responded to questions live on the webinar.

  • Loggen Sie sich ein, um Kommentare anzuzeigen.

ISO 13485:2016 Revisions Webinar

  1. 1. ISO 13485:2016 – The Next Revision Richard (Rick) Burgess Medical Program Manager 30 March 2016 © DQS Group 1April 6, 2016
  2. 2. ISO 13485:2016 – The Next Revision April 6, 2016© DQS Group 2  Agenda and Scope  Relationship to ISO 9001  New requirements  Transition Timing  Questions
  3. 3. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 3  Structure
  4. 4. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 4  Structure  Based on ISO 9001:2008
  5. 5. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 5  Structure  Based on ISO 9001:2008  Does not follow the new high level structure of ISO 9001:2015
  6. 6. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 6  Structure  Based on ISO 9001:2008  Does not follow the new high level structure of ISO 9001:2015  Annex B shows the corresponding sections of ISO 9001:2015
  7. 7. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 7  Considerations for the changes:  Regulatory requirements
  8. 8. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 8  Considerations for the changes:  Regulatory requirements  Risk Management
  9. 9. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 9  Considerations for the changes:  Regulatory requirements  Risk Management  Supplier controls
  10. 10. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 10  Considerations for the changes:  Regulatory requirements  Risk Management  Supplier controls  Feedback
  11. 11. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 11  Considerations for the changes:  Regulatory requirements  Risk Management  Supplier controls  Feedback  Verification, Validation and Design Transfer
  12. 12. ISO 13485:2016 - Putting the pieces together April 6, 2016© DQS Group 12  Considerations for the changes:  Regulatory requirements  Risk Management  Supplier controls  Feedback  Verification, Validation and Design Transfer  Clarifications
  13. 13. ISO 13485:2003 vs ISO 13485:2016 2003 • Requirements for QMS that can be used by an organization for: • design and development • production • installation and servicing of medical devices • design, development, and provision of related services. • Can also be used by internal and external parties, including certification bodies, to assess the organization’s ability to meet customer and regulatory requirements. 2016 • Requirements for QMS that can be used by an organization involved in one or more stages of the life- cycle of a medical device: • design and development • production • storage and distribution • installation • servicing • final decommissioning and disposal of medical devices • and design and development, or provision of associated activities (e.g. technical support). • Can also be used by suppliers or other external parties providing product (e.g. raw materials, components, subassemblies, medical devices, sterilization services, calibration services, distribution services, maintenance services) to such organizations. The supplier or external party can voluntarily choose to conform to the requirements of this International Standard or can be required by contract to conform. April 6, 2016© DQS Group 13 0.1 General
  14. 14. ISO 13485:2003 vs ISO 13485:2016 2016 • When a requirement is qualified by the phrase “as appropriate”, it is deemed to be appropriate unless the organization can justify otherwise. A requirement is considered appropriate if it is necessary for: • product to meet requirements; • compliance with applicable regulatory requirements; • the organization to carry out corrective action; • the organization to manage risks. April 6, 2016© DQS Group 14 0.2 Clarification of concepts
  15. 15. ISO 13485:2003 vs ISO 13485:2016 2016 • When the term “risk” is used, the application of the term within the scope of this International • Standard pertains to safety or performance requirements of the medical device or meeting applicable regulatory requirements. • — When a requirement is required to be “documented”, it is also required to be established, implemented and maintained. • — When the term “product” is used, it can also mean “service”. Product applies to output that is intended for, or required by, a customer, or any intended output resulting from a product realization process. April 6, 2016© DQS Group 15 0.2 Clarification of concepts
  16. 16. ISO 13485:2003 vs ISO 13485:2016 2016 • In this International Standard, the following verbal forms are used: • “shall” indicates a requirement; • “should” indicates a recommendation; • “may” indicates a permission; • “can” indicates a possibility or a capability. • “Regulatory requirements” encompasses requirements contained laws applicable to the user of this standard. The application of “regulatory requirements” is limited to requirements for the QMS and the safety or performance of the medical device. April 6, 2016© DQS Group 16 0.2 Clarification of concepts
  17. 17. ISO 13485:2003 vs ISO 13485:2016 2016 • a) understanding and meeting requirements; • b) considering processes in terms of added value; • c) obtaining results of process performance and effectiveness; • d) improving processes based on objective measurement. April 6, 2016© DQS Group 17 0.3 Process Approach
  18. 18. ISO 13485:2003 vs ISO 13485:2016 2016 • Applicability to organizations that are involved in one or more stages of the life-cycle of a medical device. • Use by suppliers or external parties that provide product, including quality management system- related services to medical device organizations. • Identifies responsibilities for monitoring, maintaining, and controlling outsourced processes. • Allows for clauses 6, 7 and 8 to be not applicable. • Clarifies that the term “regulatory requirements” April 6, 2016© DQS Group 18 1 Scope
  19. 19. ISO 13485:2003 vs ISO 13485:2016 Several new definitions added and some existing definitions refined • Customer complaint - complaint • Distributor • Importer • Labeling – redefined • Life-cycle • Manufacturer • Medical Device Family • Performance Evaluation • Post-market surveillance • Product • Purchased Product • Risk • Risk management • Sterile Barrier System April 6, 2016© DQS Group 19 3 Terms and Definitions
  20. 20. ISO 13485:2003 vs ISO 13485:2016 • Requirements to document the role(s) of the organization based on applicable regulatory requirements • Determine the processes needed and application of those processes – taking into account the roles of the organization • Apply risk based approach to control of appropriate processes needed for QMS • Processes changes to be evaluated for impact on QMS and products produced • Validation of computer software utilized in the QMS April 6, 2016© DQS Group 20 4.1 General Requirements
  21. 21. ISO 13485:2003 vs ISO 13485:2016 • Defines contents of medical device file • Description, purpose, labeling, IFU • Product specifications • Manufacturing procedures • Monitoring and measuring procedures • Requirements/Procedures for installation and servicing as applicable • Requirements for the protection of confidential health information • Prevention of deterioration or loss of documents April 6, 2016© DQS Group 21 4.2 Documentation Requirements
  22. 22. ISO 13485:2003 vs ISO 13485:2016 • No significant changes to sections: • 5.1 Management Commitment • 5.2 Customer Focus • applicable regulatory requirements • 5.3 Quality Policy • 5.4.1 Quality Objectives • applicable regulatory requirements • 5.4.2 Quality Management System Planning • 5.5.1 Responsibility and authority • 5.5.2 Management Representative • applicable regulatory requirements • 5.5.3 Internal Communication April 6, 2016© DQS Group 22 5 Management Responsibility
  23. 23. ISO 13485:2003 vs ISO 13485:2016 • Documented procedure required • Inputs expanded • Complaint Handling • Reporting to regulatory authorities • Monitoring and measurement of processes • Monitoring and measurement of product • Corrective action • Preventive action • Applicable new or revised regulatory requirements • Outputs to be recorded and include the input reviewed and decisions/actions related to: • Improvement needed for QMS and processes • Improvement of product related to customr reqs • Changes needed to response to regulatory requirements • Resource needs April 6, 2016© DQS Group 23 5.6 Management Review
  24. 24. ISO 13485:2003 vs ISO 13485:2016 • Requirements for documented processes for establishing competence, providing needed training and ensuring awareness of personnel • Application of risk based approach for determining the methodology used to check effectiveness of training April 6, 2016© DQS Group 24 6.2 Human Resources
  25. 25. ISO 13485:2003 vs ISO 13485:2016 • Documented requirements for infrastructure needs to achieve: • Product conformity • Prevent product mix-up • Ensure orderly handling of product • Maintenance activities to apply (as appropriate) to equipment used in: • Production • Control of work environment • Monitoring and measurement April 6, 2016© DQS Group 25 6.3 Infrastucture
  26. 26. ISO 13485:2003 vs ISO 13485:2016 • 6.4.1 Work Environment • Must document requirements for work environments needed to meet product conformity • 6.4.2 Contamination Control • Sterile medical devices - • Documented requirements for control of microorganisms or particulate matter • Maintain cleanliness during assembly or packaging process April 6, 2016© DQS Group 26 6.4 Work Environment and contamination control
  27. 27. ISO 13485:2003 vs ISO 13485:2016 • Added to requirements to product realization list: • Inclusion of infrastructure and work environment considerations • required verification, validation, monitoring, measurement, inspection and test, handling, storage, distribution and traceability activities specific to the product together with the criteria for product acceptance; April 6, 2016© DQS Group 27 7.1 Planning of Product Realization
  28. 28. ISO 13485:2003 vs ISO 13485:2016 • 7.2.1 Determination of requirements related to product • Determining if any user training is needed to ensure performance and safe use of medical device • 7.2.2 Review of requirements related to product • Applicable regulatory requirements are met • any user training identified is available or planned • 7.2.3 Communication • Communication with customers shall be planned and documented • Shall communicate with regulatory agencies April 6, 2016© DQS Group 28 7.2 Customer Related Processes
  29. 29. ISO 13485:2003 vs ISO 13485:2016 • 7.3.1 General – new/unchanged • 7.3.2 Design and Development Planning • D&D planning documents shall be maintained and updated • Shall document: • Reviews needed at each D&D stage • Methods to ensure traceability of outputs to inputs • Resources needed April 6, 2016© DQS Group 29 7.3 Design and Development
  30. 30. ISO 13485:2003 vs ISO 13485:2016 • 7.3.3 Design and Development Inputs • Addition of “usability and safety requirements” • 7.3.4 Design and Development Outputs • No significant changes • 7.3.5 Design and Development Review • No significant changes April 6, 2016© DQS Group 30 7.3 Design and Development
  31. 31. ISO 13485:2003 vs ISO 13485:2016 • 7.3.6 Design and Development Verification • Documented verification plans • Methods • acceptance criteria • As appropriate • Statistical techniques • Sample size rationale • Connection or interface to other medical devices • Confirm Outputs meet inputs when connected April 6, 2016© DQS Group 31 7.3 Design and Development
  32. 32. ISO 13485:2003 vs ISO 13485:2016 • 7.3.7 Design and Development Validation • Documented validation plans • Methods • Acceptance criteria • As appropriate • Statistical techniques • Sample size rationale • Conducted with representative product • Rationale for choice documented • Connection or interface to other medical devices • Confirm requirements met when connected April 6, 2016© DQS Group 32 7.3 Design and Development
  33. 33. ISO 13485:2003 vs ISO 13485:2016 • 7.3.8 Design and Development Transfer • New section • Documented procedures for transfer to manufacturing • Verify: • Outputs suitable for manufacturing • Production capability can meet requirements • Record of results of conclusions of transfer April 6, 2016© DQS Group 33 7.3 Design and Development
  34. 34. ISO 13485:2003 vs ISO 13485:2016 • 7.3.9 Control Design and Development Changes • Determine significance of change to: • Function • Performance • Usability • Safety • Applicable regulatory requirements April 6, 2016© DQS Group 34 7.3 Design and Development
  35. 35. ISO 13485:2003 vs ISO 13485:2016 • 7.3.10 Design and Development Files • New section • File shall be maintained for each device or device family • Shall include: • Records of conformity to D&D requirements • Records for D&D changes April 6, 2016© DQS Group 35 7.3 Design and Development
  36. 36. ISO 13485:2003 vs ISO 13485:2016 • 7.4.1 Purchasing Process • Establishment of criteria for evaluation and selection of suppliers • Supplier’s ability to provide product that meets reqs • Performance • Effect of purchased product on quality of device • Risk associated with device • Monitoring and re-evaluation of suppliers • Non-fulfillment addressed based on: • Risk associated with purchased product • Compliance with applicable regulatory requirements April 6, 2016© DQS Group 36 7.4 Purchasing
  37. 37. ISO 13485:2003 vs ISO 13485:2016 • 7.4.2 Purchasing Information • Shall describe or reference product to be purchased • Product specifications • Written agreements (as applicable) • Notification of changes prior to implementation • Changes that affect ability to meet specified requirements April 6, 2016© DQS Group 37 7.4 Purchasing
  38. 38. ISO 13485:2003 vs ISO 13485:2016 • 7.4.3 Verification of Purchased Product • Based on: • Supplier evaluation results • Risks associated with purchased product • Notification of changes: • Determine if changes affect product realization or device April 6, 2016© DQS Group 38 7.4 Purchasing
  39. 39. ISO 13485:2003 vs ISO 13485:2016 • 7.5.1 Control of Production and Service provision • Minor changes • Production and service provision shall be planned, carried out, monitored and controlled to ensure that product conforms to specification. • Production controls to also include: • Qualification of infrastructure April 6, 2016© DQS Group 39 7.5 Production and Service Provision
  40. 40. ISO 13485:2003 vs ISO 13485:2016 • 7.5.2 Cleanliness of Product • Minor changes • Additional requirement for cleanliness/contamination control: • c) product cannot be cleaned prior to sterilization or its use, and its cleanliness is of significance in use April 6, 2016© DQS Group 40 7.5 Production and Service Provision
  41. 41. ISO 13485:2003 vs ISO 13485:2016 • 7.5.3 Installation Activities • No changes • 7.5.4 Servicing Activities • Service records to be analyzed by organization or supplier: • a) To determine if the information is to be handled as a complaint • b) As appropriate, for input to the improvement process • 7.5.5 Particular Requirements for sterile medical devices • No change April 6, 2016© DQS Group 41 7.5 Production and Service Provision
  42. 42. ISO 13485:2003 vs ISO 13485:2016 • 7.5.6 Validation of processes for production and service • Documented procedure to include: • Approval of changes to the processes • Software validations • Approach proportionate to risk in use of software • Effect on product conformity to specifications • Validation records to include: • Results • Conclusions of validation • Necessary actions April 6, 2016© DQS Group 42 7.5 Production and Service Provision
  43. 43. ISO 13485:2003 vs ISO 13485:2016 • 7.5.7 Particular Requirements for validation of processes for sterilization and sterile barrier systems • Addition of sterile barrier system validations • Validation records to include: • Results • Conclusions of validation • Necessary actions April 6, 2016© DQS Group 43 7.5 Production and Service Provision
  44. 44. ISO 13485:2003 vs ISO 13485:2016 • 7.5.8 Identification • Requires documented procedure • Requirement that was in 7.5.3.3 of 2003 version • Unique Device Identification (UDI) • As applicable by regulatory requirements • Shall be a documented system April 6, 2016© DQS Group 44 7.5 Production and Service Provision
  45. 45. ISO 13485:2003 vs ISO 13485:2016 • 7.5.9 Traceability • No changes • 7.5.10 Customer Property • No changes • 7.5.11 Preservation of product • Additional requirements on protection from expected conditions and hazards: • Design and construct of packaging and shipping containers • Documentation of special conditions if packaging is not enough April 6, 2016© DQS Group 45 7.5 Production and Service Provision
  46. 46. ISO 13485:2003 vs ISO 13485:2016 • 7.6 Control of monitoring and measuring equipment • No changes • 8 Measurement, analysis and improvement • 8.1 General • No changes April 6, 2016© DQS Group 46
  47. 47. ISO 13485:2003 vs ISO 13485:2016 • 8.2 Monitoring and Measurement • 8.2.1 Feedback • Emphasis on feedback coming from both production and post-production activities • Utilization of feedback as input to risk management for monitoring and maintaining product requirements April 6, 2016© DQS Group 47 8 Measurement, analysis and improvement
  48. 48. ISO 13485:2003 vs ISO 13485:2016 • 8.2.2 Complaint Handling • New section • Requirements for procedure and timely handling of complaints • Procedure to include: • Receiving and recording information • Evaluating information to determine if the feedback constitutes a complaint; • Investigating complaints; • Determining the need to report the information to the appropriate regulatory authorities; • Handling of complaint-related product; • Determining the need to initiate corrections or corrective actions April 6, 2016© DQS Group 48 8 Measurement, analysis and improvement
  49. 49. ISO 13485:2003 vs ISO 13485:2016 • 8.2.3 Reporting to Regulatory Authorities • New section • Procedure required if applicable by regulatory requirements • Complaints that result in need for: • Adverse event reporting • Advisory Notices • Records of reporting required April 6, 2016© DQS Group 49 8 Measurement, analysis and improvement
  50. 50. ISO 13485:2003 vs ISO 13485:2016 • 8.2.4 Internal Audit • No changes • 8.2.5 Monitoring and measurement of processes • No changes • 8.2.6 Monitoring and measurement of product • Minor change • Records to identify test equipment used April 6, 2016© DQS Group 50 8 Measurement, analysis and improvement
  51. 51. ISO 13485:2003 vs ISO 13485:2016 • 8.3 Control of Nonconforming Product • 8.3.1 General • New section • Clarification of procedure requirements to define controls and related responsibilities and authorities • Identification • Documentation • Segregation • Evaluation • Disposition • Inclusion of determination for investigation and notification of any external party April 6, 2016© DQS Group 51 8 Measurement, analysis and improvement
  52. 52. ISO 13485:2003 vs ISO 13485:2016 • 8.3 Control of Nonconforming Product • 8.3.2 Actions in Response to nonconforming product detected before delivery • Acceptance by concession only if: • Justification provided • Approval is obtained • Applicable regulatory requirements met April 6, 2016© DQS Group 52 8 Measurement, analysis and improvement
  53. 53. ISO 13485:2003 vs ISO 13485:2016 • 8.3 Control of Nonconforming Product • 8.3.3 Actions in Response to nonconforming product detected after delivery • Minor change • Expanded section on 2003 requirements • Addition of records requirement for Advisory Notices • 8.3.4 Rework • No changes April 6, 2016© DQS Group 53 8 Measurement, analysis and improvement
  54. 54. ISO 13485:2003 vs ISO 13485:2016 • 8.4 Analysis of Data • New requirements for: • Determination of appropriate methods • To include statistical techniques and use • Data to now include: • Audits • Service reports (as applicable) • If analysis shows QMS is not sutiable, adequate or effective, analysis is to be used as input for improvements. April 6, 2016© DQS Group 54 8 Measurement, analysis and improvement
  55. 55. ISO 13485:2003 vs ISO 13485:2016 • 8.5 Improvement • 8.5.1 General • No changes • 8.5.2 Corrective Action • Minor change • CA’s to be taken without undue delay • Verify CA has no adverse affect • 8.5.3 Preventive Action • Minor change • Verify PA has no adverse affect April 6, 2016© DQS Group 55 8 Measurement, analysis and improvement
  56. 56. ISO 13485:2016 Transition April 6, 2016© DQS Group 56  When do we have to make the change?
  57. 57. ISO 13485:2016 Transition April 6, 2016© DQS Group 57  When do we have to make the change?  Depends on your organization.
  58. 58. ISO 13485:2016 Transition April 6, 2016© DQS Group 58  When do we have to make the change?  Depends on your organization.  Depends on other standards that your organization is registered to.
  59. 59. ISO 13485:2016 Transition April 6, 2016© DQS Group 59  TC Recommendation  ISO TC 210 has recommended a co- existence period of 3 years
  60. 60. ISO 13485:2016 Transition April 6, 2016© DQS Group 60  TC Recommendation  ISO TC 210 has recommended a co- existence period of 3 years  Recommending that:  2 years after publication (1 March 2018), all accredited certificates be to ISO 13485:2016
  61. 61. ISO 13485:2016 Transition April 6, 2016© DQS Group 61  TC Recommendation  ISO TC 210 has recommended a co- existence period of 3 years  Recommending that:  2 years after publication (1 March 2018), all accredited certificates be to ISO 13485:2016  3 years after publication (1 March 2019), all ISO 13485:2003 certificates will not be valid
  62. 62. ISO 13485:2016 Transition April 6, 2016© DQS Group 62  What if I have ISO 9001 as well?
  63. 63. ISO 13485:2016 Transition April 6, 2016© DQS Group 63  What if I have ISO 9001 as well?  All ISO 9001:2008 certificates will expire September 2018
  64. 64. ISO 13485:2016 Transition April 6, 2016© DQS Group 64  What if I have ISO 9001 as well?  All ISO 9001:2008 certificates will expire September 2018  Upgrade audits for ISO 9001:2015 must occur by 1 July 2018
  65. 65. ISO 13485:2016 – The Next Revision April 6, 2016© DQS Group 65
  66. 66. DQS Inc Contact Information April 6, 2016© DQS Group 66 DQS Inc 1-800-285-4476 customerservice@dqsus.com www.dqsus.com Medical Program Rick Burgess Medical Program Manager Richard.Burgess@dqsus.com 763-229-9833

×