On February 2nd, 2024 the U.S. Food and Drug Administration (FDA) made its formal announcement and ruling providing guidance on 21 CFR Part 820 which up to that point was the standard overseeing medical device quality system regulation and current good manufacturing practices (cGMP) in the United States of America. The big news – 21 CFR 820 will be heavily amended to incorporate ISO 13485 as the leading guidance for Quality Management System Regulation (QMSR) and cGMP. While the news wasn’t a surprise, it does put a final note on the direction the agency intends to take for medical device practices moving forward, especially as it relates to risk management. While many device OEMs already utilize ISO as their leading regulation standard, those who don’t will have two years to adjust to these changes to be in compliance effective February 2nd, 2026. Here’s what you need to know as it relates to the differences between 21 CFR 820 and ISO 13485, as well as considerations OEMs should take into account in order to meet the 2026 deadline. Big Picture:
Key Differences: Transitioning to ISO 13485 Transitioning from CFR 820 to ISO 13485 involves several steps to ensure compliance with the ISO standard. A general outline of the steps an OEM should take to transition may include: 1. Understand the Requirements of ISO 13485: Familiarize yourself with the requirements of ISO 13485. This includes understanding the structure of the standard, its key clauses, and any specific requirements which may differ from CFR 820. (see above table for highlights) 2. Gap Analysis: Conduct a thorough gap analysis to identify the differences between your current quality management system under CFR 820 and the requirements of ISO 13485. This will help you determine what changes, if any, need to be made to your existing processes, procedures, and documentation. This is also a great time to do a review of your QMS tool to determine if it is an appropriate tool for future use. 3. Document Review and Update: Review your existing documentation, including quality manuals, procedures, work instructions, and forms, to ensure they align with the requirements of ISO 13485. Update or create new documents as necessary to meet the standard's requirements. 4. Training and Awareness: Provide training to relevant personnel to ensure they understand the requirements of ISO 13485 and their roles in implementing and maintaining the QMS. This may include training on new procedures, processes, and documentation. 5. Implementation of New Processes: Implement any new processes or procedures required by ISO 13485. This may include processes related to risk management, design and development, purchasing, production, and service provisions. 6. Internal Audits: Conduct internal audits of your QMS to verify compliance with ISO 13485 requirements. Identify any non-conformities and take corrective actions to address them. 7. Management Review: Hold management reviews to evaluate the effectiveness of the QMS and identify opportunities for improvement. Ensure top management is actively involved in the transition process and committed to maintaining the QMS. 8. Certification Audit: BEFORE you consider this step be sure to speak with a regulatory affairs subject matter expert to ensure it is necessary. Once you believe your QMS is fully compliant with ISO 13485, engage a certification body to conduct a certification audit. The audit will assess your organization's compliance with the standard and determine if you are eligible for certification. 9. Address Non-conformities: If any non-conformities are identified during the certification audit, take corrective actions to address them. The certification body will typically require verification that corrective actions have been implemented before issuing the ISO 13485 certificate. 10. Continual Improvement: Continuously monitor and improve your QMS to ensure ongoing compliance with ISO 13485 and to enhance the efficiency and effectiveness of your processes. Although the 21 CFR 820 and ISO 13485 vary in their structure, and at times use different terminology to describe similar concepts, 21 CFR 820 and ISO 13485 are substantially similar in that both prioritize principles such as risk management, design controls, and continual process improvement. It’s possible as organizations begin to look at their current standards and systems, they will find the transition process is not as cumbersome as initially thought. While this is an obvious assumption, it’s important to note regulatory affairs professionals should be counseled throughout this entire process to ensure appropriateness of adoption and change management.
0 Comments
Our client, a Class III medical device company, was issued an FDA 483 warning letter due to product field failures and QMS issues posing life threatening risks to implant patients. The Square-1 Engineering subject matter experts (SME team) were brought in to identify & correct systems and process issues across six (6) functional departments and two (2) manufacturing locations domestically. As you can guess our clients’ situation was dire due to several implant failures in the field. We invite you to download the case study below to learn how we saved our client $4.5M while successfully concluding the remediation project.
As a consultant [freelancer, gig, moonlighter, etc.] we work in the capacity of ‘work for hire’ whereas we go in, do a job and work ourselves out of the picture. Then it’s onto the next job, rinse and repeat. This can be a fun way to make dough while providing that good ole ‘work life balance’ so many people love to preach about.
Where consultants typically run into problems is the work they’re performing on behalf of the client or end user isn’t clearly defined or even in writing. As a result, it’s common for consultants to find themselves in sticky, even legal, situations they don’t know how to navigate. Keeping your nose out of legal issues or poor project results really comes down to ‘deliverables’, however before we get there it’s important we keep top of mind two maxims which are the cornerstones of a consultants life: Know what you can do vs what you shouldn’t (don’t try to be everything to everyone, stay in your lane doing good quality work you’re confident you can deliver) Remove the he said she said situation (both consultant and client should sign a Statement-of-Work, SOW, which clearly spells out responsibilities of each party, cost, duties within the project and their respective deadlines, these are referred to as ‘deliverables’, before the project starts) Establishing deliverables with a client can be tricky. It’s important both parties agree on the expectations of the work to be performed and the consultant can actually deliver the goods. Remember, the SOW is a legal document. If you over commit and under deliver you could find yourself in hot water. If you’re a consultant and are establishing deliverables on a project with a client make you keep the following in mind: 1. Can you deliver what the client expects and are those expectations realistic? 2. Challenge the customers’ expectations – does the customer understand what they want and does it match up with what they’re asking? 3. Communicate ahead of time – if you need help, are missing info or are at risk of missing a deadline, don’t wait till the very last minute to communicate. At the first point in which the issue arises inform your client of the situation and in the same conversation come prepared to offer a solution. Communication is key to successful project completion. 4. Focus on performing at a high level while delivering early, this will position you to be awarded more business in the future from said client Key Take Away: Get all work agreed upon in writing via an SOW and ensure you can actually deliver the goods. Communicate in the moment and often while focusing on delivering ahead of schedule with a high level of quality output. Action Item: Run a gap analysis on your existing projects to see if there are areas you may be at risk. Once you’ve identified those areas of risk on your current projects, come up with a viable solution to address it and proactively communicate with your client the situation and next steps. Ask for their buy in, then move forward. About the AuthorTravis Smith is the founder and managing director of Square-1 Engineering, a medical device consulting firm, providing end to end engineering and compliance services. He successfully served the life sciences marketplace in SoCal for over 15 years and has been recognized as a ‘40 Under 40’ honoree by the Greater Irvine Chamber of Commerce as a top leader in Orange County, CA. Categories
All
Archives
August 2024
|
Visit Square-1's
|
|