Search results

Strategy to assess if the change is a significant change

When you have significant change for your medical device, you are obliged to report it to your Notify Body according to the guidelines from the practice guide that you have mentioned. Each Notify Body has its own templates for reporting the changes so you will need to fulfill them. Than the Notify body will decide, depending on the significance of the change, is additional audit necessary or not.

In our documentation toolkit, we do not have that template for reporting the change since it is Notify body form. 

Since we are talking here about the change of the medical device, then definitively you will have a change in your technical documentation (medical device file). Document change management is described in the procedure 00_Procedure_for_Document_and_Record_Control_Premium_EN, in section 3.5 Document updates and changes.

Main challenge stat up companies face to comply with ISO 13485

First, you need to educate yourself about ISO 13485, what kind of standard it is, what are the specific requirements in it. If any requirements in Clauses 6, 7, and 8 are not applicable due to the nature of the medical device, those requirements can be excluded.

For example, if your medical device is not sterile, then requirements 7.5.5 Particular requirements for sterile medical devices and 7.5.7 Particular requirements for validation of processes for sterilization and sterile barrier systems are not applicable for you.

If your medical device is software, then several more requirements are not applicable: 6.4.2 Contamination control; 7.5.2 Cleanliness of product, 7.5.9.2 Particular requirements for implantable medical devices. 

Then you need to be sure that you have a medical device. ISO 13485:2016 is applicable for manufacturing medical devices. Definition what is a medical device you can find on the following link:

• Medical device regulation MDR 2017/745 – Article 2 – Definitions https://advisera.com/13485academy/mdr/definitions/

The next important step is to define your processes and to make all necessary documentation procedures and records. In that, very helpful can be a documentation toolkit. It is a set of pre-written templates, easy-to-use, fully compliant policies, procedures, and records. 

You can find our ISO 13485:2016 documentation toolkit on the following link: https://advisera.com/13485academy/iso-13485-documentation-toolkit/

For more details, please see the following articles:

• What is ISO 13485? https://advisera.com/13485academy/what-is-iso-13485/
• How to get ISO 13485 certified? https://advisera.com/13485academy/iso-13485-certification/
• Checklist of ISO 13485 implementation and certification steps https://advisera.com/13485academy/knowledgebase/checklist-of-iso-13485-implementation-and-certification-steps/
• How to structure Quality Management System documentation according to ISO 13485 https://advisera.com/13485academy/knowledgebase/how-to-structure-quality-management-system-documentation-according-to-iso-13485/

• Clean room requirements standards for ISO 13485:2016

  ISO organization has following standards dedicated to clean rooms, outlining the practices and procedures required to manage the risk of contamination, and provide the framework for classifying and monitoring the cleanliness of the air in cleanrooms:

  • ISO 14644-1:2015, Cleanrooms and associated controlled environments – Part 1: Classification of air cleanliness by particle concentration https://www.iso.org/standard/53394.html
  • ISO 14644-2:2015, Cleanrooms and associated controlled environments – Part 2: Monitoring to provide evidence of cleanroom performance related to air cleanliness by particle concentration https://www.iso.org/standard/53393.html.

  More information about managing the cleanliness of a product and contamination control according, you can find on the following link:

  • Managing cleanliness of a product and contamination control according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/07/04/managing-cleanliness-of-a-product-and-contamination-control-according-to-iso-134852016/

  Also, the following article may be useful:

  • Managing medical device infrastructure requirements according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/06/28/managing-medical-device-infrastructure-requirements-according-to-iso-13485/

  • Making evidence to RPO and RTO

    The Recovery Point Objective (RPO) and Recovery Time Objective (RTO) are identified and documented during the Business Impact Analysis.

    When identifying which impacts can occur to a business process due to a disruptive event, and how they evolve over time, you can gather evidence to support the definition of RPO and RTO.

    In the Business Impact Analysis toolkit you bought, there is a Business Impact Analysis Questionnaire you can use to document the information needed to define the RPO and RTO.

    This article will provide you a further explanation about RTO and RPO:

    • What is the difference between Recovery Time Objective (RTO) and Recovery Point Objective (RPO)? https://advisera.com/27001academy/knowledgebase/what-is-the-difference-between-recovery-time-objective-rto-and-recovery-point-objective-rpo/

    This material will also help you regarding RTO and RPO:

    • Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

  • ISO 9001 Mandatory Core Policies and Procedures

    In this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ - you can see that ISO 9001:2015 has no mandatory procedures. Concerning mandatory documents, the list is very small (the scope, the quality policy and the quality objectives). All the rest is up to each organization. Please consider that the list of mandatory records is larger.

    You can find more information about documents and records below:

    • How to structure quality management system documentation - https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/
    • New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
    • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
    • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/
       

     

  • Documents required by MDSAP and FDA in ISO 13485 Documentation Toolkit

    1. Do you have in your 13485 & MDR package documents required by MDSAP? If no, where I can get them.

    In our ISO 13485 & MDR documentation toolkit, we have all the necessary documentation for the internal audit which is very similar to MDSAP Documents. These are the following documents:

    • Procedure for Internal audit
    • Internal audit checklist
    • Internal audit program<
    • Internal audit plan
    • Internal audit report

    On this link you can see the list of the documents that we have in our Documentation toolkit https://advisera.com/13485academy/iso-13485-internal-audit-toolkit/: 

    The list of MDSAP audit procedures and forms you can find on the following link: https://www.fda.gov/medical-devices/medical-device-single-audit-program-mdsap/mdsap-audit-procedures-and-forms

    More information on ISO 13485:2016 internal audit process you can find in the following articles:

    • Five main steps in the ISO 13485:2016 internal audit https://advisera.com/13485academy/knowledgebase/five-main-steps-in-the-iso-134852016-internal-audit/
    • How to create a checklist for an ISO 13485 internal audit for your QMS https://advisera.com/13485academy/knowledgebase/how-to-create-a-checklist-for-an-iso-13485-internal-audit-for-your-qms/

    2. The same question about your 13485 & MDR package documents required by FDA?"

    Medical device regulation is applicable to all medical devices that want to be placed on the EU market. Necessary Technical documentation is described in Annex 2 and Annex 3 of the MDR 2017/745.

    Here are the links to that Annexes:

    • EU MDR Annex 2 – Technical documentation - https://advisera.com/13485academy/mdr/technical-documentation/
    • EU MDR Annex 3 – Technical documentation on post-market surveillance – https://advisera.com/13485academy/mdr/technical-documentation-on-post-market-surveillance/

    We, in our ISO 13485 & MDR Documentation Toolkit have prepared the obligatory procedures and reports. Other test reports depend on the type of medical device and it was not possible to standardize it. Below you can see listed these documents:

    • Procedure for clinical evaluation and related documents
    • Procedure for post-market surveillance and related documents
    • Technical documentation procedure and related documents

    A 510(k) is the technical dossier required by the US Food and Drug Administration (FDA) to sell a medium-risk medical device or IVD in the United States. It is formally called a Pre-market Notification. A 510(k) contains detailed technical, safety, and performance information about a medical device. The documentation must demonstrate the device in question is "substantially equivalent" to a predicate device (i.e. a product already cleared for sale in the US). The FDA must review the 510(k) and "clear" your device before you can legally sell or distribute it in the United States.

    Here is the link to the content of the 510(k):

    • Content of a 510(k)  https://www.fda.gov/medical-devices/premarket-notification-510k/content-510k
    • Premarket Notification 510(k) https://www.fda.gov/medical-devices/premarket-submissions/premarket-notification-510k

    Differences between MDR and FDA 510(k) are in some definitions, classes, and in the clinical investigation trials. Therefore, you can use our templates from our documentation toolkit. However, once again I repeat that this documentation is not all the required documents, and plans, reports, and results of different tests can not be standardized.