Search results

ISO 13485 for Class 1 FDA medical device

Within Class I, if a device is classified into a general category of exempted devices, then no Premarket Notification application or FDA clearance is needed before selling the device in the U.S. But, the supplier is mandated to register its institution and submit a list of generic products to the FDA. These Class I devices are under the fewest regulatory controls. Class I devices that are not listed as exempted devices undergo a Premarket Notification application with the FDA.

The classification procedure and market approval processes are fully explained in the 21 CFR Part 860 (Code of Federal Regulations for Medical Device Classification Procedures). For the USA market, ISO 13485:2016 is not a regulation or law, however, while FDA 21 CFR Part 820 is mandatory for medical device distribution in the United States. 

For more detail on this topic, please see the following articles:

• How to use ISO 13485 to fulfill FDA regulatory classes for medical devices - https://advisera.com/13485academy/blog/2017/09/14/how-to-use-iso-13485-to-fulfill-fda-regulatory-classes-for-medical-devices/
• Differences and similarities between FDA 21 CFR Part 820 and ISO 13485 - https://advisera.com/13485academy/blog/2017/10/05/differences-and-similarities-between-fda-21-cfr-part-820-and-iso-13485/

• Minimum required distance between a primary and secondary data center

  I was able to find good information from your articles.

• ISO 9001 Implementation and Procedures

  Setup a project sponsor, a project manager and a project team. Ensure top management support, get training and as a first step perform a Gap analysis, to determine the amount of work to be done - comparing what your organization already has in place versus ISO 9001:2015 requirements. From that GAP Analysis you can develop your Project Plan, listing what needs to be done, by whom, until when.

  Then, an important step is to design a model of how your organization work as a set of interrelated processes. For example:

  

  Decide how to describe, procedures and/or work instructions, and monitor those processes. You can accelerate implementation by customizing a documentation set like our ISO 9001:2015 Documentation Toolkit - https://advisera.com/9001academy/iso-9001-documentation-toolkit/

  From there it is implementation in order to close the gaps found. Then, perform an internal audit and the management review. There you can decide if your organization is ready for a certification audit.

  This is a very short description of the journey but below you can find more detailed information:

  • Free Gap Analysis Tool - https://advisera.com/9001academy/iso-9001-gap-analysis-tool/
  • Should you use a gap analysis in your ISO 9001 implementation? -https://advisera.com/9001academy/17/use-gap-analysis-iso-9001-implementation/
  • Checklist of ISO 9001 implementation & certification steps - https://advisera.com/9001academy/knowledgebase/checklist-of-iso-9001-implementation-certification-steps/
  • ISO 9001 Implementation diagram - https://info.advisera.com/9001academy/free-download/iso-9001-implementation-diagram
  • Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
  • Enroll for free course - ISO 9001:2015 Lead Implementer Course - https://advisera.com/training/iso-9001-lead-implementer-course/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
     

• Compliance check: Controller with no establishment and/or representative in EEA - Data and processing happens within EEA

  In order to be compliant, you need to appoint a representative in the EU this is an obligation of the controller stated in Article 27 GDPR and you should appoint it in Ireland since you are going to store data in that country. In fact, according to Article 27 paragraph 3 GDPR  “The representative shall be established in one of the Member States where the data subjects, whose personal data are processed in relation to the offering of goods or services to them, or whose behavior is monitored, are.”

  You don’t need a representative if the processing:

  • is occasional,
  • does not include, on a large scale, processing of special categories of data as referred to in Article 9(1) or processing of personal data relating to criminal convictions and offenses referred to in Article 10,
  • and is unlikely to result in a risk to the rights and freedoms of natural persons, taking into account the nature, context, scope, and purposes of the processing.
  • is carried by a public authority or body. 

  Appointing a representative is not too difficult, you require a service contract with an individual, a company, or organization established in the EU, who must be able to represent you regarding your obligations under the EU GDPR (e.g. a law firm, consultancy or private company).

  Of course, you need also to comply with all the GDPR requirements.

  You can find more information here:

  • What is the EU GDPR and why is it applicable to the whole world? https://advisera.com/eugdpracademy/knowledgebase/what-is-the-eu-gdpr-and-why-is-it-applicable-to-the-whole-world/
  • 9 steps for implementing GDPR https://advisera.com/articles/9-steps-for-implementing-gdpr/
  • List of mandatory documents required by EU GDPR https://advisera.com/articles/list-of-mandatory-documents-required-by-eu-gdpr/
  • A summary of 10 key GDPR requirements https://advisera.com/eugdpracademy/knowledgebase/a-summary-of-10-key-gdpr-requirements/ 

  You can also consider enrolling in our free EU GDPR Foundations Course

  EU GDPR Foundations Course: https://advisera.com/training/eu-gdpr-foundations-course//

• Meaning of "E" in ISO 27001:2013(E)

  The (E) complement at the end of the name of the standard means the language on which it was written was English. According to the ISO/IEC Directives, Part 1 Consolidated ISO Supplement, ISO official languages are English (E), French (F), and Russian (R): https://www.iso.org/sites/directives/current/consolidated/index.xhtml

• ISO27001 Documentation and Accreditation - Thank you!

  I received notification from my Auditor today that we have achieved accreditation with 0 non-conformities and in 6 months from commencement.  I had never tackled this type of thing before I would like to say that I don't believe this would have been acheived had I not purchased your documentation and training videos along with this discussion site.  I thank you very much for your support and material, it proved invaluable to me.  

  My next challenge will be ISO9001 and I will not hesitate to purchase your documentation again for this standard.

• ISO 13485:2016 clause 4.1.1 - documenting roles

  You can also present it in some chart, in the table or just in the text where you will describe the roles of a particular entity.

  For more details on responsibilities among this entities, please see following articles in MDR 2017/745
  • EU MDR Article 11 Authorised representative https://advisera.com/13485academy/mdr/authorised-representative/
  • EU MDR Article 13 General obligations of importers https://advisera.com/13485academy/mdr/general-obligations-of-importers/
  • EU MDR Article 14 General obligations of distributors https://advisera.com/13485academy/mdr/general-obligations-of-distributors/