ISO 13485 and FDA: Harmonization with FDA QSR and insights on next version of ISO 13485
In this paragraph we want to discuss about the future integration between ISO 13485 and FDA QSR.
Usually ISO standards are subject of revision by a specific technical committee every 5 years. However, from 3 to 5 years is the period from which a revision of the ISO 13485:2016 will probably occur by the ISO TMB (Technical Management Board).
One of the issue to address is that the current ISO 13485 standard does not adhere to the so-called ISO High Level Structure (HLS). This is a structure of ISO standard that should apply to all the ISO Management System Standards.
There are of course other reasons why there is the necessity to start a revision of the current ISO 13485:
- The new EU MDR and EU IVDR, with the related annexes of the ISO 13485 which should be updated.
- Alignment with MDSAP regulation.
What ISO High Level Structure (HLS)
ISO High Level Structure is a common and standardised way to prepare ISO Management System Standard, which shall include:
- A common general structure (table of contents): identical chapters, article numbers, and chapter, article or clause titles, etc.
- Introductory texts for identical articles.
- Identical wording for identical requirements.
- Common terms and core definitions.
Obviously, the main process of QMS for medical devices will remain, with the management review on the top of the QMS to ensure appropriate implementation of all the processes.
Harmonization with FDA Quality System Regulation
In December 2018 FDA communicated its willingness to update US Quality System Regulation according to ISO 13485.
FDA 21 CFR 820 is very similar to ISO 13485 requirements. Despite this, company selling in US shall still have their QMS compliant with both ISO and FDA regulation.
The merging of these requirements will surely simplify the quality management systems of medical device manufacturer. ISO 13485 was originally published in 1996 and the most recent version being published in 2016, while FDA 21 CFR Part 820 has been unchanged since 1996. There is for sure the necessity to update this regulation as medical device world change substantially in the last 25 years. Specifically, there are completely new technologies and new challenges that needs to be considered.
In this contest, the AAMI technical report AAMI TIR 102/2019 is very interesting and it provides a mapping of the US FDA 21 CFR requirements to the “regulatory requirements” references in ISO 13485:2016.
How the future ISO 13485 will look like?
It is always difficult to envision how the next iteration of ISO 13485 will look like. However I would like to speak about one improvement that in my opinion is very important.
This is related to the role of preventive actions within the Quality System. Currently preventive actions are in last chapter of ISO 13485, which is honestly a bit strange: preventive actions are in fact basically related to QMS risk-based approach which is a pillar of the ISO 13485 version 2016.
If we take for sample ISO 9001:2015, preventive action basically disappeared from the standards. In fact, preventive actions are part of the risk-based approach that every quality system needs to implement.
I would expect that also for ISO 13485 preventive actions will play a more fundamental role starting from the next version of the standard.
For other new or revised ISO standards, refer to the posts related to ISO 14971 (risk management) or ISO 20417 (labelling). ISO 14155 (clinical investigations) is also a newly update standard.
Subscribe to 4EasyReg Newsletter
4EasyReg is an online platform dedicated to Quality & Regulatory matters within the medical device industry. Have a look to all the services that we provide: we are very transparent in the pricing associated to these consulting services.
Within our WebShop, a wide range of procedures, templates, checklists are available, all of them focused on regulatory topics for medical device compliance to applicable regulations. Within the webshop, a dedicated section related to cybersecurity and compliance to ISO 27001 for medical device organizations is also present.
As one of the leading online platforms in the medical device sector, 4EasyReg offers extensive support for regulatory compliance. Our services cover a wide range of topics, from EU MDR & IVDR to ISO 13485, encompassing risk management, biocompatibility, usability, software verification and validation, and assistance in preparing technical documentation for MDR compliance.
Do not hesitate to subscribe to our Newsletter!
