Exclusion 4.2.3 Medical Device File

DarisS

Starting to get Involved
Hello,

I tried to search past thread on that topic, but I guess I still need to learn how to use the Search function as the result was " The following words were not included in your search because they are too short, too long, or too common: 4, 2, 3".

Anyway... Our company is manufacturing products that are then integrated into medical devices by other companies. We are Tier 2 on the supply chain. We provide the product to a company that will do a sub assembly and that company will then ship the subassembly (containing our product) to the medical device manufacturer that will integrate the sub assembly on its medical device.

As a matter of fact, we are not manufacturing "Medical Devices" but only a product that will be integrated into a medical device.

From there, can we exclude paragraph 4.2.3 Medical device file from our quality management system and certification scope? The exclusion explanation being "As we do not manufacture medical devices, we do not have Medical Device files, but we have product development and production records"

Thanks in advance,
Best Regards,
Daris
 

yodon

Leader
Super Moderator
From there, can we exclude paragraph 4.2.3 Medical device file from our quality management system and certification scope? The exclusion explanation being "As we do not manufacture medical devices, we do not have Medical Device files, but we have product development and production records"

I would probably NOT exclude that. I would probably frame it exactly like you described. "We don't have overall responsibility for it but here's where / how we contribute to it..."
 

Hi_Its_Matt

Involved In Discussions
The thread @Sidney Vianna posted covers this well, and @yodon's advice is spot on. Don't exclude it, but describe how your organization's work feeds into a medical device file, and explain the parts you are responsible for.

From Clause 1 of 13485:2016 (emphasis mine)
If any requirement in Clauses 6, 7 or 8 of this International Standard is not applicable due to the activities undertaken by the organization or the nature of the medical device for which the quality management system is applied, the organization does not need to include such a requirement in its quality management system. For any clause that is determined to be not applicable, the organization records the justification as described in 4.2.2.
The standard itself says you can only claim non-application of requirements in clauses 6, 7, and 8.

Side note: I find Elsmar's built in search to be not that great. I usually default to googling what I am looking for along with "site:elsmar.com" in my query. Google help: refine web searches
 

Ronen E

Problem Solver
Moderator
I second everything Matt said (including the website search). Great post.

As an "oldie" (sort of) in this business I want to add some historical context, on top.

The application of ISO 13485 by ANY org who IS NOT a medical devices Manufacturer is an abomination that has been baptized in the 2016 edition, under market forces pressure. ISO 13485 was written and initially updated with Manufacturers in mind. To them, it all made sense. Then, a trend started, and later gained momentum (I'm not sure exactly when; probably sometime between 2005-2010 or so), of all sorts of orgs in the medical devices manufacturing supply chain, who weren't Manufacturers per-se, seeking ISO 13485 certification; mostly under market pressure - I guess initially just a vague hype and then more and more under explicit client requirement. Of course, initially it was quite awkward for everyone (not the least, certifying bodies, who must have scratched their heads quite a lot at that time), and we had more than a few discussions here at Elsmar, initiated by people from orgs who first said "Yes sir, we'll get 13485 certified!" and only later asked themselves what it involves... Then, over the years, sharp edges wore down and precedents were created, and gradually everyone in the industry became more comfy with all of it. But the essence remained: ISO 13485 was never intended to suit EVERYONE in the medical devices supply chain!... Anyway, when the time came to prepare what became ISO 13485:2016, the practice of "come one, come all, we must not let the apples fall" (Dr. Seuss) became industry standard, and the necessary wording was added to "kind of" allow it within the standard. Sadly (or not - it's in the eyes of the beholder), the cake has been eaten while being kept whole (what kind of business systems standard it would have been if we allowed everyone to mix and match everything in it???), and this is why only clauses in sections 6, 7 and 8 are allowed to be "N/A"ed. Does it makes perfect sense? No. Did it keep the standard's authors content, while letting everyone in the industry party on? Probably it did. So everyone is relatively happy, including us, who get to keep having this kind of lovely discussions in Elsmar :)
 

DarisS

Starting to get Involved
I second everything Matt said (including the website search). Great post.

As an "oldie" (sort of) in this business I want to add some historical context, on top.

The application of ISO 13485 by ANY org who IS NOT a medical devices Manufacturer is an abomination that has been baptized in the 2016 edition, under market forces pressure. ISO 13485 was written and initially updated with Manufacturers in mind. To them, it all made sense. Then, a trend started, and later gained momentum (I'm not sure exactly when; probably sometime between 2005-2010 or so), of all sorts of orgs in the medical devices manufacturing supply chain, who weren't Manufacturers per-se, seeking ISO 13485 certification; mostly under market pressure - I guess initially just a vague hype and then more and more under explicit client requirement. Of course, initially it was quite awkward for everyone (not the least, certifying bodies, who must have scratched their heads quite a lot at that time), and we had more than a few discussions here at Elsmar, initiated by people from orgs who first said "Yes sir, we'll get 13485 certified!" and only later asked themselves what it involves... Then, over the years, sharp edges wore down and precedents were created, and gradually everyone in the industry became more comfy with all of it. But the essence remained: ISO 13485 was never intended to suit EVERYONE in the medical devices supply chain!... Anyway, when the time came to prepare what became ISO 13485:2016, the practice of "come one, come all, we must not let the apples fall" (Dr. Seuss) became industry standard, and the necessary wording was added to "kind of" allow it within the standard. Sadly (or not - it's in the eyes of the beholder), the cake has been eaten while being kept whole (what kind of business systems standard it would have been if we allowed everyone to mix and match everything in it???), and this is why only clauses in sections 6, 7 and 8 are allowed to be "N/A"ed. Does it makes perfect sense? No. Did it keep the standard's authors content, while letting everyone in the industry party on? Probably it did. So everyone is relatively happy, including us, who get to keep having this kind of lovely discussions in Elsmar :)


Hello Ronen E,
Thanks for the historical reminder. That's exactly what happened to us. We were "forced" by a customer (one of those big names in the US Medical Device industry) that just gave us the choice of being certified or not getting any more orders from them.

It has to be noted that in that company we wrote on our quality manual that the Medical Device file clause 4.2.3 was excluded and we've been certified for more than 10 years without having anyone argue about it...
In the meantime I changed company and on the one that I'm working now, we have not excluded clause 4.2.3, but we do not explain what we are doing to fulfill that 4.2.3 requirement. That's why I thought about excluding it from the scope, but as everyone mentioned that we can only exclude clauses in section 6, 7 and 8, I will add as proposed by the Elsmar members a statement explaining how we keep records of our products design and manufacturing operations.
 
Last edited by a moderator:
Top Bottom