What is ISO 13485 certification, and why is it so important?
The mere mention of ISO certifications is enough to strike fear into the hearts of mortals, such are the levels of implementation, documentation and scrutiny involved. However, if, like us, you’re manufacturing medical devices for use worldwide by international brands, ISO is a welcome friend. It adds an additional layer to our stringent processes and regulatory compliance that is both recognisable and universal.
Overall, there are several thousand ISO standards, that cover every conceivable industry and they are absolutely essential in making sure that products and services are supplied to a common standard all over the world. The International Organisation for Standards (ISO) is the non-governmental body that creates these standards, but it is the role of external bodies to conduct the scrupulous auditing required to award an ISO certification. And the eagle-eyed among you may have noticed that the name of the organisation and acronym don’t match. This is because, as a global operation, there was no way to have one uniform acronym, so the ‘ISO’ standard itself is not derived from the name of the organisation, but from the ancient Greek word ísos, which means ‘equal’ or ‘equivalent’. It’s an elegant solution to the problem, which one might say is the hallmark of ISO.
As an organisation that works across industries, we are very familiar with the requirements for ISO certifications and routinely undergo scrutiny for the solutions and services we provide to our customers. However, it is in the field of healthcare that wefrequently come across multiple layers of regulatory audit and ISO 13485 was created to sit alongside the more familiar ISO 9001 and specifically created to standardise among other things, the design, manufacture installation, servicing and continuous improvement process of medical devices. It doesn’t matter what size of organisation you are, or what kind of product you make, if you are in this field ISO 13485 supports the release of a medical device and its processes. So, what does it assess and why is it necessary, particularly when every country has legal frameworks of their own to govern the development of these kinds of products?
What does it achieve – and how?
Firstly, its broadest purpose is to lay out the requirements for a Quality Management System, which designers and manufacturers can then work to. To quote ISO, it ensures an organisation can “demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.” That’s right – it’s not product specific. It certifies the organisation whose processes fall within the standards that are set out by ISO. Neither is it person-specific, so an employee cannot be certified as ISO 13485 compliant either. Ultimately, this tells you one important piece of information about the standard: it is not outcome driven. It is, however, very much about process consistency, procedural compliance and minimising risk in the course of working towards that outcome. And it sets the benchmark for how every organisation operates in this field.
For example, a manufacturer who is ISO 13495 compliant will:
- Have fully documented all their procedures.
- Have a documented and considered approach to risk at all stages (design, manufacture installation or servicing).
- Take every step necessary to minimise risk.
- Be able to demonstrate clarity in tracking each and every activity involved in bringing their medical device portfolio to market.
- Understand and adhere to all legal requirements for their work.
- Gain a clear understanding of each and every action, anticipate potential failures and oversights, document and correct them.
It is also important to remember that certification is ongoing. You must also be regularly audited by an internationally recognised registrar, which will sit under the Certification Body of your region.
ISO 13485 and Avnet Embedded
We have been manufacturing medical components at our Frieburg technology Campus for over 100 years – far longer than the International Organisation for Standards has been around – and our internal standards reflect the seriousness with which we take devices that can be the difference between life and death. Up until the existence of ISO 13485, we were, of course, manufacturing to the legal framework and standards of our customer’s home countries and continue to do so. So, when ISO 13485 was introduced (and even though it is not a legally required standard) we happily adopted this in addition to our existing practices, as we enjoy a global customer base, and our devices can and do find themselves in use around the world.