1

Regulatory Updates and Changes

David Pickard,

BSI Microbiologist

Copyright © 2016 BSI. All rights reserved.

2

What’s changed, or about to change ?

ISO 9001 : 2015

ISO F/DIS 13485

Commission Recommendation 2013/473/EU

Medical Devices Regulation

Medical Devices Single Audit Programme (MDSAP)

Copyright © 2016 BSI. All rights reserved.

3

ISO 9001 : 2015 Main Changes

New ISO Management Systems “High Level Structure” (Annex SL)

The numbering system has been changed from the existing structure (8 to 10 clauses)

The majority of the newer requirements follow a risk based approach

• Risk analysis

• Risk management

• Uncertainty and the effect on actions

• Risk management versus preventive action

Allows for greater flexibility with multiple quality management systems (QMS, EHS, etc).

Follows the Plan → Do → Check → Act (PDCA) principle

Three year transition period – September 2015 to September 2018

Copyright © 2016 BSI. All rights reserved.

4

ISO 13485 : 2003 and ISO 13485 : 2012

What’s the difference ? Confusing Isn’t it?

Copyright © 2016 BSI. All rights reserved.

ISO

13485:2

003 • The current

International Standard

EN

ISO

13485:2

003 • The previous

version of the European Harmonised Standard

• Obsolete as of 30 August 2012

EN

ISO

13485:2

012 • Changes within

Foreword & Annex Zs only

• No change to requirements (Normative Text)

• Annex Z’s to provide greater clarity on applicability & alignment with AIMDD, MDD & IVDD

1

5

• Many additions

• Some new requirements

• Some expansion & clarification

• Increased clarity of interrelationship between clauses and requirements

ISO 13485 : 2016 – What’s New?

6

Regulatory Requirements

RiskManagement

Validation, Verification & Design Transfer

Outsourced Processes & Supplier Control

Feedback

Areas of Increased EmphasisISO 13485 3rd

Edition

Improved linkage of clauses

7

5 – Management Responsibility

5

General requirements

Increased emphasis on regulatory

requirements

5.5.1 Responsibility & Authority

Top mgmt shall

DOCUMENT the

interrelation of all

personnel who....

5.5.2

Management representative

Focus on awareness of

quality management

system and the removal of customer

requirements from bullet c)

5.6

Management review

Procedures required, document planned intervals

+ More bullet points for

inputs, new bullet for outputs

8

6.4 – Work environment and contamination control

6.4.1

Work environment

Adds documentation requirements, competence for temporary work, NOTE refers to ISO 14644 and ISO 14698

for further information

6.4.2

Contamination control

For sterile medical devices, the organization shall document requirements for control of contamination with micro-organisms or particulate matter and maintain the

required cleanliness during assembly or packaging

processes.

9

1. Study the standard (FDIS, or when published)

2. Consider gap analysis of current QMS vs. new requirements

3. Prepare initial transition plan, with timescales

4. Factor any additional resources & costs into budgets

5. Review staff awareness / knowledge and determine training required

6. Compile project / implementation plan

7. Discuss top–level plan and timescales with BSI Client Manager

8. Look out for additional help, information and resources

What can you do now?

10

Unannounced Audits, Medical Devices Regulation, and MDSAP

• Unannounced Audits -

• Why are they happening ?

• Who’s had one already ?

• Welcomed or loathed ?

• Medical Devices Regulation -

• Amalgamation of the Medical Device Directive, In-vitro Diagnostics Directive, Active Implantable Medical Device Directive, etc, into a single Regulation.

• Relatively early days

• Medical Devices Single Audit Programme (MDSAP) -

• A single audit to allow manufacturers to access EU, USA, Canadian, Brazilian, Australian, and Japanese Markets.

11

Compliance with Harmonised Standards

Is it mandatory for UK Sterile Service Departments to comply and hold Certification to ISO 13485 ?

Is it mandatory for Medical Device Manufacturers to comply and hold Certification to ISO 13485 ?

Is it mandatory for UK Sterile Service Departments to comply and hold Certification to Annex V (sterility aspects only) & Article 12 of the Medical Devices Directive ?

Is it mandatory for Medical Device Manufacturers to comply and hold Certification to Annex II / V of the Medical Devices Directive ?

12

Re-usable medical devices

Mandatory compliance for a medical device manufacturer ?

BS EN ISO 17664 : 2004 - Sterilisation of medical devices – Information to be provided by the manufacturer for the processing of re-sterilisable medical devices

Mandatory compliance for a UK Sterile Service Department ?

BS EN ISO 15883-1 : 2009 – Washer Disinfectors – General Requirements –Terms, Definitions and Tests

BS EN ISO 17665-1 : 2006 – Sterilisation of healthcare products – moist heat. Requirements for the development, validation and routine control of a sterilisation process for medical devices

13

Maintaining and improving Regulatory Compliance

What pro-active steps can a Sterile Services Department take ?

• Representation at procurement / purchasing meetings for tenders, instrument replacement, new equipment, etc

• Request and review Instructions for Use prior to purchase / use

• Maintain current copies of the Manufacturers’ Certification (ISO 13485, CE Marking, etc)

• Ensure that sub-contractors Scopes of Certification cover the services to be offered

• Leadership, awareness, communication and involvement at all levels in the SSD to ensure that ISO 13485 and the relevant sections of the MDD are maintained and improved.

14

15

Questions