ISO 13485:2016 Suitable for Modern Medical Devices Industry

Bribery refers to any offering, giving, accepting or promising advantage with any value or bribe in order to influence the decision, action or judgement of persons in charge of a duty.

The International Standard Organization first time published the medical device-related standards in 1996, the ISO 13485 and ISO 13488. In ISO 13485, design control requirements were included while in ISO 13488, no design control requirements were included. A few years after, in 2003, ISO 13485 was revised and included the requirements of Process Approach. Now, in 2016, the standard has gone through some changes and is named as ISO 13485:2016. This revision intends to create a global auditing process through the medical devices single audit program instead of having multiple audits throughout the year.

Medical devices are revolutionizing medicine with breathtaking advances in the detection and treatment of many diseases. ISO 13485 is evolving with medical devices to keep pace with modern innovation. Possibly more than any other type of manufactured product, the quality of medical devices has a direct impact on their work effectiveness as well as the safety of patients, and users. Therefore, most of the service providers in the medical device industry sector understand the main objectives of ISO 13485, which is to harmonize medical device regulatory requirements for a quality management system to have quality medical devices and safe patients. ISO 13485:2016 standard defines quality management system requirements for organizations that are involved from the initial stage of conception to production and post-production. Requirements include final decommission and disposal of the medical device’s life-cycle, design and development, production, storage and distribution, installation as well as delivery of medical device or related services that are safe for their intended purpose.

The main improvement of ISO 13485:2016

The new standard puts more emphasis on risk management and risk-based decision making for processes out of product realization field. The focus on risk is placed due to the safety and performance of medical devices and compliance with regulatory requirements. Medical devices in support by ISO 13485 reflect increased regulatory requirements for the organization through the supply chain. Specifically: the updated standard pays more attention to the greater emphasis on the proper infrastructure, especially for the production of sterile medical devices, as well as for the validation of sterile barrier properties.

Product realization and production control 

The new standard anticipates the establishment of product handling, storage, measuring, revalidation and traceability requirements. Whereas in a different state, the old version covered the same basic matters which required identifying the product verification, validation, monitoring, inspecting and testing requirements.

The new standard introduces several changes to provide greater control over devices production. Main changes of ISO 13485:2016 are related to the hygiene of the production and records of servicing activities.

Computer validation software 

There are some additional changes on the standard regarding the applicability of the computer system validation as well. The ISO 13485:2003 states the validation of the software for “production and service provision”, while the latest version of the standard analyzes requirements for software used as part of the Quality Management System. Additionally, ISO 13485:2016 involves the step of adding the application of risk to the validation process and requires validation and revalidation to be proportionate to the risk related to the use of the software.

Supplier management and monitoring 

The new standard states greater emphasis on supplier selection criteria. ISO 13485:2003 requires from the organization the establishment of supplier standards, while the updated standard has a greater focus on the performance of the supplier and how the performance can affect the quality of the device. Whenever selecting a supplier, you not only intend to monitor the supplier’s performance but to take into consideration the risk when a supplier fails or has low performance, then your response should be proportional to the risk that you are taking as well. The ISO 13485:2016 helps toward a reevaluation of the criteria and takes necessary actions in case the requirements are not met.

Risk-based approach 

A risk-based approach is found in both standards; however, the old version drives you to think about risk only during product realization. Whereas, the ISO 13485:2016 drives the application of risk methods and techniques in the whole processes of the Quality Management System, as well as outsourced processes.

What are the benefits of ISO 13485:2016? 

Organizations can benefit a lot by adopting ISO 13485:2016; mostly related to safety and performance of medical devices. Very often quality is viewed as an inconvenience. However, organizations that embrace quality most of the time are considered having lower costs, less recalls, and overall improved productivity.

ISO 13485 can help an organization by:

  •  Demonstrating compliance with regulatory and legal requirements
  • Ensuring the establishment of internationally-harmonized QMS practice that constantly provide safe and effective medical devices
  • Managing risk in an effective way throughout the whole supply chain
  • Improving processes, manufacturing methodologies and efficiencies accordingly

An organization that embraces quality helps in achieving compliance, improves operations, and finally, delivers a competitive advantage.

ISO 13485 & ISO 9001

ISO 13485 is a stand-alone standard, therefore has got similarities with ISO 9001 Quality Management System in the scope and intent. Since ISO 13485 and ISO 9001 differ in structure and terminology, they also have particular similarities that allow them to work together without opposing one another. This allows the organization to obtain certification in both standards and maintain them accordingly.

The ISO 9001:2008 standard has several differences compared to the ISO 9001:2015 because it follows a high-level structure. In the new ISO 9001:2015 standard, some requirements have been removed like management representative and preventive action which is part of ISO 9001:2008 and ISO 13485.

Planning for implementation of the ISO 13485:2016

As the ISO 13485:2016 is already published, it is time to plan for updating the quality management system according to the new standard.

The organizations should obtain a copy of this new standard. The responsibilities for the upgrading of the system should be assigned. Responsible persons should be trained on the new standard rules and regulations. A gap analysis should be conducted and work should be started immediately to eliminate the gap. Although there are three years, timely preparation will be a wise approach.

PECB is a certification body for persons, management systems, and products on a wide range of international standards. As a global provider of training, examination, audit, and certification services, PECB offers its expertise in multiple fields, including ISO 13485 Quality Management System for Medical Device courses.

Enquire Now

Want to know more? Contact us today for any questions.

We will use this information to contact you about this enquiry only and not for marketing purposes.


Leave a Reply

This article first appeared at: This article first appeared on the PECB Group Inc website and the original article can be viewed by clicking here.

Table of Contents

Enquire Now

Interested in this course? Let's help you get started.
We will use this information to contact you about this enquiry only and not for marketing purposes.

More Quality Articles

What is risk? There’s a lot of research into all types of risk, but in my experience, I have found that most people and organisations don’t completely gras…
There are 7 Critical Steps to Pass Audits. Carina takes your through these steps.
Introduction Enterprise Risk Management (ERM) is describing a Risk Matrix (ERM Risk Matrix) as a tool for ranking and displaying risks by defining ranges for consequ…
What is a Compliance Management System (CMS)? For organizations seeking growth and long-term success, adhering to compliance obligations is not an option, is a must…
What is ISO 18788? ISO 18788 specifies the requirements and provides guidance for organizations that conduct or contract security operations.Moreover, it provide…
Information Security Management Network segregation is the tool used for dividing a network into smaller parts which are called subnetworks or network segments. Yo…
Information Security Management The popularity of the terms “data controller” and “data processor” has sharply increased in recent years. In part because of the sig…
The ability to predict what the future holds and choosing effectively among varying alternatives lies at the centre of contemporary societies and organizations. Ri…
“Food Safety” refers to the prevention, elimination and control of foodborne diseases at the stage of consumption. In a globalized world, the impact of food safety ha…
Six Sigma Benefits Reducing Waste Improving Time Management Increase Customer Loyalty Boost Employee Motivation Higher Revenues and Lower Costs Six Sigma has prov…
As the threat of energy-resource depletion has emerged, the global demand for energy is increasing constantly. Provided that billions of people still have no access…
Is your Business protected against a breach of data and software? Are you Internationally Certified to be able to prevent hackers from stealing your organization’s v…
The education industry has gone through tremendous changes over the last decades in terms of educational opportunities, teaching methods, availability of reading…
The Three P(’s)illars of Sustainability The concept of the “triple bottom line” was firstly introduced in 1994 by John Elkington, with the idea of organizations pre…
A politically inclined attack or just a ‘simple’ lack of security awareness? Whatever the case, the cyber-attack that hit Marriott was huge. This was the joint second…