It’s been 13 years since ISO 13485 was last updated, and there was a lot of ground to cover in the standard’s recent revision. The main benefit of the revision is greater transparency of the requirements and alignment between the regulators, auditing bodies, and manufacturers of medical devices.
An FDA representative stated that the objectives of the new revision are to:
Improve clarity of the requirements
Increase confidence that the requirements are consistent with cGMPs or current Quality System regulatory requirements/objectives
Increase harmonization of QMS regulatory requirements
Increase medical device manufacturers’ ability to meet customer requirements
According to the Regulatory Affairs Professionals Society (RAPS), some of the biggest changes between the 2003 and 2016 versions include:
Incorporation of risk-based approaches beyond product realization; risk is considered in the context of the safety and performance of the medical device and in meeting regulatory requirements
Increased linkage with regulatory requirements, particularly for regulatory documentation
Application to organizations throughout the lifecycle and supply chain for medical devices
Harmonization of the requirements for software validation for different software applications (QMS software, process control software, software for monitoring and measurement) in different clauses of the standard
Emphasis on appropriate infrastructure, particularly for production of sterile medical devices, and addition of requirements for validation of sterile barrier properties
Additional requirements in design and development for consideration of usability, use of standards, verification and validation planning, design transfer, and design records
Emphasis on complaint handling and reporting to regulatory authorities in accordance with regulatory requirements, and consideration of post-market surveillance, and
Planning and documenting corrective action and preventive action, and implementing corrective action without undue delay.
Over the next three years, ISO 13485:2003 and ISO 13485:2016 will coexist, allowing manufacturers, accreditation/certification bodies, and regulators time to transition to the new standard. Organizations will still be able to be accredited for either ISO 13485:2003 or ISO 13485:2016 for the first two years of the transition period; however, beginning with the third year, new accreditation will be given only for ISO 13485:2016.