Search the Elsmar Cove!
**Search ALL of** with DuckDuckGo including content not in the forum - Search results with No ads.

FDA plans to use ISO 13485 for Medical Devices Regulation

(I thought this news was posted in February when the news got out, but I could not find it here, thanks Sidney)

The big question is 'when?' I've not heard any plans / timelines.
Oh, there is some plans: FDA Considers Shift on Device Quality System Regulations | RAPS

There's even a formal, proposed rulemaking at (Reginfo is not working for me at the moment:

Harmonizing and Modernizing Regulation of Medical Device Quality Systems rule

Spring 2018 Unified Agenda of Regulatory and Deregulatory Actions
If the requirements for signatures go away (since 13485 does not require them) then 21 CFR Part 11 requirements for electronic signatures will not apply.

I am wondering if FDA will apply 13485 with some additional requirements like signatures and also include the exceptions that are currently in 820.180(c). I find it hard to believe 13485 will be applied verbatim without modification.

Sec. 820.180 General requirements.

All records required by this part shall be maintained at the manufacturing establishment or other location that is reasonably accessible to responsible officials of the manufacturer and to employees of FDA designated to perform inspections. Such records, including those not stored at the inspected establishment, shall be made readily available for review and copying by FDA employee(s). Such records shall be legible and shall be stored to minimize deterioration and to prevent loss. Those records stored in automated data processing systems shall be backed up.

(a)Confidentiality. Records deemed confidential by the manufacturer may be marked to aid FDA in determining whether information may be disclosed under the public information regulation in part 20 of this chapter.

(b)Record retention period. All records required by this part shall be retained for a period of time equivalent to the design and expected life of the device, but in no case less than 2 years from the date of release for commercial distribution by the manufacturer.

(c)Exceptions. This section does not apply to the reports required by 820.20(c) Management review, 820.22 Quality audits, and supplier audit reports used to meet the requirements of 820.50(a) Evaluation of suppliers, contractors, and consultants, but does apply to procedures established under these provisions. Upon request of a designated employee of FDA, an employee in management with executive responsibility shall certify in writing that the management reviews and quality audits required under this part, and supplier audits where applicable, have been performed and documented, the dates on which they were performed, and that any required corrective action has been undertaken.


Not out of the crisis
Staff member
Super Moderator
The way I'm reading this is that 21 CFR 820 will be modified to better match 13485 and reference it, but will still be the law.

Which doesn't affect part 11 - I doubt that's going anywhere.

Sidney Vianna

Post Responsibly
Staff member
Would this bring Certification Bodies/Registrars into the mix or would FDA still do its own thing?
Regulatory bodies can never relinquish their responsibilities to organizations they have zero control over, as the law would not permit that.

Nevertheless, as such oversight bodies also struggle for resources to monitor the whole (immense) supply chain, I can envision entities such as the FDA using market driven data (such as ISO 13485 certification status AND audit results) when using a risk-based approach to steer their inspection resources.

Another aspect of what I had envisioned when I started the poll/thread Should Regulatory Agencies require Accredited Certification in their Respective Areas
How does this move affect the FDA's commitment to MDSAP?

Is it likely a dead/redundant endeavour? ...or might (mandatory) MDSAP be the means by which the FDA transitions to an ISO 13485 framework?
It's easy to see the MDSAP is one of the reasons FDA is considering using 13485, and it's also being brewed as thew "future" of medical devices QMS auditing.
Top Bottom