sfs-en iso 13485:2016 -standardin pääsisältö ja merkitys
TRANSCRIPT
Terveydenhuollon laitteiden
laatustandardin
SFS-EN ISO 13485:2016
esittelytilaisuus
6.6.2016
Suomen Standardisoimisliitto SFS ry
1
Standardin pääsisältö ja merkitys
Tom Ståhlberg
vt. toiminnanjohtaja
Terveysteknologian Liitto ry - FiHTA
FiHTA
ISO 13485:2016 - tausta ja
muutokset käytännössä
Tom Ståhlberg
Johtaja, Viranomaisasiat ja
vt. Toimitusjohtaja
6.6.2016
…mutta nyt, tervetullut muutos!
ISO 13485:2016/muutokset: Usein muutosvastarinta…
Onks pakko?
”Ihan hyvä laadunhallintasysteemi jo nyt!”
”Kuka maksaa näistäkin muutoksista?”
”Ei tartte tehdä mitään – on jo tullut hoidettua
US FDA:n ja Kanadan CMDCAS’n takia”
Älä laita pää pensaaseen!
Hyödyllisiä muutoksia!
Eikä enää vain valmistajan osalta
hyödyllinen, vaan soveltuu koko arvoketjuun!
Potilas fokuksessa
Products and services
must be safe and effective
Medical Device Directives
Goals are:
• To ensure the safety, quality and performance
of medical devices
• To ensure that medical devices do not compromise the health and safety of patients, users, third parties and environment
ISO 13485:2016 hyväksytty 1.3.2016 (julkaistu noin klo. 10.06)
ISO 13485:2016 hyväksytty 1.3.2016 – muutostarpeita!
Siirtymäaika 3 vuotta
Suositus: 2 vuoden jälkeen vain sertifiointi/uudelleen sertifiointi vs.
ISO 13485:2003.
Huom! Jos nyt sertifiointi vanhaan standardiin, niin max.
voimassaoloaika 28.2.2019 asti!
Suunnittele yhdessä sertifioijan kanssa! Ei tarvitse olla sidoksissa
olemassa olevaan sykliin!
Ei vielä harmonisoitu (EN ISO 13485:2012), päämäärä (?) 30.9.2016
Toinen muutos tulossa
Directive 93/42/EEC on Medical Devices
Directive 90/385/EEC on Active Implantable MD
Regulation on MD and Active Implantable MD
Directive 98/79/EC on IVD MD
Regulation on IVD MD
FiHTA
Johtamisjärjestelmä
Regulaatiot huomioitava alusta alkaen!
www.reguloiko.fi
Tuotespesifiset vaatimukset
1. Intended use
2. Which regulations
apply?
3. Define risk class
4. Essential requirements
5. Conformity assessment
6. Declaration of conformity and CE
marking
7. Product registration
8. Throughout the product life
cycle
Quality Management Systems: subsystems
Suunnittelun
hallinta
Materiaalin
hallinta
Tulosteiden,
dokumenttien ja
muutosten hallinta
Laitteistojen ja
tilojen hallinta
Prosessien ja
tuotannon hallinta
Korjaavat ja
ehkäisevät
toimenpiteet
Johtaminen
Standardi – periaatteessa vapaaehtoinen, mutta…
Tarvitaanko laadunhallintajärjestelmää?
Riippuen pakollisuudesta:
EU: ei tarvetta, osittain tai kokonaisuudessaan – riippuen
riskiluokituksesta
Luokka I: ei pakollinen, mutta vaaratilanneilmoitukset kylläkin!
Riippumatta pakollisuudesta:
Liiketaloudellisesti järkevä – johdetaanko yritystä vai määrääkö sattuma?
Fokuksessa ”from QMS to MS”
Päätelmä: oikein tehtynä erittäin hyödyllinen, kannattaa rakentaa alusta
alkaen, oikeassa järjestyksessä ja yrityksen lähtökohdista
Regulatiivinen strategia
ISO 9001:2008 NYT ISO 9001:2015
General quality management system standard – not enough for medical device
manufacturers
QMS standards
ISO 13485:2003/EN ISO 13485:2012 NYT ISO 13485:2016
Medical devices – Quality management systems – Requirements for regulatory purposes
Ed Kimmelman,
New Orleans, 2010
ISO 210 ja CEN/CENELEC TC 3
Incorporated by reference in the Canadian Medical Devices Regulations
Recognized by Australia as satisfying the quality management system
requirements of the Australian conformity assessment procedures
Harmonized within the Japanese QMS Ordinance for medical devices
Adopted as a European standard and harmonized under the medical devices directives. EN ISO 13485:2012 that is identical to ISO 13485:2003 with the revision of the European Foreword and Annexes ZA, ZB and ZC.
Incorporated into the Medical Device Single Audit Program (MDSAP)
”ISO 13485 kaikkialla”
Recognized standard by Health Canada
Note!! Any ISO 13485 certificate is not enough for Health Canada! The
certificate must by issued by a recognized registrar to fulfill CMDCAS
requirements!
Early warning 1! ISO 13485 not enough...
ISO 13485:2003
Recognized standard by the US FDA
Early warning 2: Still, strong emphasis on QSR!
US FDA has been very active in the revision process!
Several QSR (quality system regulation) features are integrated
into the new version!
Brazil
Pre-qualification requirement (inspection) for public tenders
I.e. factory inspections obligatory
EU and USA opposed strongly...
Early warning 3: inspection leaning on Brazilian regulations
Formal objection
ISO 13485 does not cover QMS requirements as set in the EU MD, AIMD and IVD Directives
EU other regulatory issues: standardization
Several harmonized standards in trouble since 2010
E.g.
“The date of cessation of presumption of conformity when applying EN 60601-1:2006 is
31.12.2017. However the Annex ZZ to EN 60601-1:2006 ceases to specify the
presumption of conformity with the Essential Requirements of Directive 93/42/EEC on
31.12.2015. As from 1.1.2016, only the clauses and sub-clauses of EN 60601-1:2006
corresponding to the clauses and sub-clauses referred to in Annex ZZ to EN 60601-
1:2006/A1:2013 provide presumption of conformity with the Essential Requirements of
Directive 93/42/EEC, to the extent indicated in the Annex ZZ to EN 60601-
1:2006/A1:2013.”
What in ... can this mean?
3rd Edition Paljon muutoksia! Oleellisia! Ennakoi osittain ISO 9001:2015 muutokset, mutta ei voinut huomioida ISO ylästruktuurien vaatimuksia! IMDRF ja US FDA QSR käsialaa mm. EN ei vielä
ISO 13485:2016/muutokset
Focus
Regulatory requirements
Risk management – ISO 14971:2007 ei tietenkään ollut olemassa 2003
Verification, validation, design transfer
Outsourced processes and supplier control
Feedback
Flexibility – more exclusion possibilities
ISO 13485:2016/muutokset
Scope
Added: storage and distribution ... (technical support)
Also suppliers, service providers (sterilization, calibration) who may
voluntarily chose to conform or by contract
Tärkeä: supply chain – identify and incorporate regulatory requirements
Läpi linjan: risk management focus, regulatory requirement focus 9 vs. 37
kertaa!,
”implement and maintain”, life-cycle
Linked processes: added value - customer focus!
Manufacturer’s responsibility for outsourced processes! Identify parties,
and monitor, maintain and control the processes within the QMS!
ISO 13485:2016/muutokset
Scope
Not only manufacturer!
Organizations can be involved in one or more stages in the product life
cycle:
Design, development
Production
Storage
Distribution
Installation
Servicing
Technical support
External suppliers, service providers
ISO 13485:2016/muutokset
New definitions
Authorized representative
Clinical evaluation
Distributor
Field safety corrective action
Field safety notice
Importer
Labelling includes now also electronic information and ”intended
purpose and proper use”
Life-cycle
Manufacturer
Additive note to definition of MD
Medical device software
Post market surveillance
Performance evaluation
Pre-clinical evaluation
Risk
Risk management
Sterile barrier system
ISO 13485:2016/muutokset
General requirements – some new issues
Roles (e.g. manufacturer, distributor) establish, document...
Establish process based on the different roles and responsibilities
Risk management (each process!)
Records to demonstrate conformance to the standard and with regulatory
requirements
Outsourced process: monitor/control vs. risk involved
Validation of software incl. production and services, determine and justify
the specific approach vs. risk
Requirements on personnel affecting product safety and quality:
competence, training, awareness, effectiveness of training vs. risk
ISO 13485:2016/muutokset
General requirements – some new issues
For each type or model...files with long list of required information
Control of documents
Documents of external origin
Secure risk of loss
Customer focus
Customer specs yes, but: meet regulatory requirements
ISO 13485:2016/muutokset
Quality policy
Add commitment to risk management
Management review
Predefined/documented intervals, rationale for frequency
Review output: input reviewed! QMS suitability
ISO 13485:2016/muutokset
Infrastructure and work environment
Several additions throughout: e.g. prevent mix up, orderly handling, maintenance of equipment, control of environment
Competence for temporary work ( ISO 14644, ISO 14698)
Additional section on sterile MDs; control of microbial/particulate matter, cleanliness during assembly/packaging
ISO 13485:2016/muutokset
Planning of product realization
Including customer-related processes
Risk management focus with documented procedures
Planning for verification, validation, monitoring, measurement…
Design and development planning
Traceability of design requirements vs. output
Resources needed including competencies
ISO 13485:2016/muutokset
Determination of requirements related to the product
Any user training needed to ensure safe and effective use
Review that applicable regulatory requirements are met
Communication with regulatory authorities as needed
Inputs, even usability (ISO 62366!), standards, ability to verify/validate
Review
ISO 13485:2016/muutokset
Design and development verification
Verification plan requirements, including methods, acceptance criteria, rationale for sample sizes
Also for connections and interfaces
Also of device interfaces
Design validation
To be done on production units or equivalents (document equivalency)
Validation records including traceability to input/output, acceptance criteria, rational for sampling siz and conclusions
ISO 13485:2016/muutokset
Control of design and development changes
Outputs of risk management
Regulatory compliance and approvals
Process to review changes throughout life-cycle, significance...
ISO 13485:2016/muutokset
Purchasing
Shall be in accordance with risk management activities
Supplier selection, criteria, evaluate and approve
Criteria for selection, (re-)evaluation consistent with risk management
Purchasing information to include as applicable product specifications
Verification activities of purchased product in line with risk management, supplier evaluation and link to change control
Suppliers to agree to prior notification of changes
ISO 13485:2016/muutokset
Control of production and service provision
Conforms to specifications – long list of controls (three new ones)
Servicing – analyze to see if shall be handled as complaint and as an input to improvements
Production processes and service provision
Validation in line with risk
Conditions triggering revalidation (including software)
Appropriate statistical techniques, rationale for sample sizes
ISO 13485:2016/muutokset
Identification and traceability
UDI when required
Returned products identified and distinguished (separated) from conforming products
Identify where the device has been delivered
Preservation of product
Long list of requirements on packaging, shipping, including validation
Sterile barriers and validation of changes prior to implementation
ISO 13485:2016/muutokset
Monitoring and feedback
Define feedback process and link to risk management, statistics
Validation of software applications used for monitoring/measurement
Link to risk management, improvement
Very long chapter on complaint handling added
timeliness, regulatory notification, procedures for reporting
Test equipment to be identified (Huom.! Test method validation)
ISO 13485:2016/muutokset
Control of non-conforming product
Controls, responsibilities/authorities for taking care of the non-conforming product
Escalation mechanism
Link to risk management
Rework
Form of correction, determine (potential) adverse effects, retesting
Analysis of data
Audits and service reports added
ISO 13485:2016/muutokset
Improvement
Post-market surveillance added as source of imoprovements needs
CAPA
Link to risk management
Link to management review
Check that CAPA is effective, no adverse effect
Timeliness
ISO 13485:2016/muutokset
Mitä kuuluu tehdä?
Hanki uusi standardi, tutki sitä!
Tee gap analyysi nykytilanteeseen
Toteuta tarpeelliset muutokset
Varmista muutosten haltuunotto sisäisesti
Neuvottele sertifioijan aikatauluista
Audit vs. 13485:2016
Milloin? Suositus: mahdollisimman heti, koska ”rutiini-asia”
verrattuna EU:n asetuksien tuomat muutokset!