ISO13485 – This International Standard specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.
Any discussion about FDA compliance and quality management is ultimately about risk management.
Going through ISO13485 in detail, I see no less than 40 procedures that need to be written. That includes the process of creating and maintaining the documentation on these 40 procedures.
For the most part, you must have a procedure for everything you do as a company.
Here are some processes that you may not have thought of…
- Compliance reviews – You must periodically review your compliance activities
- Self audits – You must periodically perform self audits
- Safety – You must have safety processes in place for any of the tasks needed to create and deliver your product or service
- Training – You must have a training procedure in place
- Competency – You must have a process in place to ensure competency
For all of these and any other processes, you must have a process in place to create or change the process. You must have a process in place to review these processes periodically. All of your processes must be documented [including a process to manage the documentation].
Since this is about risk management, you are more than likely to err on the side of caution.
You can do all of this work manually, but an automated system makes it so much easier. An automated system needs to have a process component, a document management component and the ability to do electronic signatures – PLM software has all of the capabilities that you need for any compliance activities, whether it be ISO9000 for manufacturing or ISO13485 for a quality management system.
Becoming FDA compliant is a big job that requires many man-hours of effort. Most companies will need help, are you one of them?