ISO 13485 and Class 1 Medical Device - FDA thinking

markl368

Involved In Discussions
#1
Some devices classified by FDA as Class 1, especially those that are exempt from general controls, are not necessarily considered to be devices under various global regulations. For example, feminine menstrual pads are Class 1 in the US, but they are not considered as medical devices in Canada or the EU. Nevertheless, these US Manufacturers are subject to FDA inspection.

Does anyone know if FDA will be looking for ISO 13485 audit reports to be submitted from these manufacturers under the MDSAP pilot program? Would the notified body simply provide a 13485 report as required but with a note that it is not subject to any specific regulatory plan?
 
Elsmar Forum Sponsor
M

MIREGMGR

#2
The point of MDSAP is to review a maker's quality system and product processes...not to review a particular product.

So, assuming that a maker in Brazil, Canada or Australia has products other than X and therefore qualifies locally as a medical device manufacturer, and has an ISO 13485 quality system, the audit of that quality system is sensibly consistent with the point of MDSAP.

The fact that one of the products of the Brazilian/Canadian/Australian maker is not regulated in their home market but is regulated in USA is irrelevant.
 

Ronen E

Problem Solver
Moderator
#3
those that are exempt from general controls
The above phrase is almost meaningless.

If a product is exempt from the General Controls, what's left? It's equivalent to saying that it's not a Medical Device in the FDA context.

Why would the FDA be interested in monitoring a device that has no regulatory obligations, as far as they're concerned?
 
I

isoalchemist

#4
Any Class device in the FDA requires at minimum general controls. It does get interesting in instances where one country regulates something and another doesn't.
 
G

gramaley

#5
There are three types of class 1 devices.

Class 1 devices not exempt from either 510(K) or cGMPs "General Controls".
Class 1 exempt from 510(K), but not exempt from cGMP.
Class 1 Exempt from both 510(k) and cGMP

I all cases, manufacturers must register their company, if they sell any of these to the US, get a listing number related to the "product code" and maintain a "Complaint File" in accordance with 820.198.

MDSAP will likely be aligned with a newer version of ISO 13485, but cannot reference ISO 13485. It will have to be like the QSR, which is a knock-off of the old ISO 13485. This would then allow regulators to manage the content solely, aside from the politics of a Standards Development Organization, and avoid conflicts with EU Regulations concerning Accreditation. Regulators want to be doing "accreditation" work, without being held accountable to international norms that govern "Accreditation Bodies" (e.g. ISO 17011).

Getting a new QMS that is aligned with ISO 13485:2015, but not violating copyright, to settle into an IMDRF document is one thing. Getting that transposed into law in all countries would seem impossible, but that is what would have to happen.

My biggest concerns with MDSAP are, will it cost more, and will it get me more. What I need is to have a certificate that all countries can participate in (especially Asia and Latin America). Europe just adopted the IAF intiaitive on Accreditation for ISO 13485, and the Pacific Accreditation Cooperation and Inter-America Accreditation Cooperation are planning to sign an international agreement to recognize ISO 13485. The IAF program for ISO 13485 program is the MDSAP for the rest of the world, and I see some countries, like Australia's Therapeutic Goods Administration are now already using it.
 

Ronen E

Problem Solver
Moderator
#6
Thanks for sharing your thoughts, Grant.

Regulators want to be doing "accreditation" work, without being held accountable to international norms that govern "Accreditation Bodies" (e.g. ISO 17011).
IMO you got it a little wrong. Not all regulators want to be doing "accreditation" work; the TGA for one doesn't. I wish it did, but at the moment it didn't really accredit any body. Many here advocate that Australia badly needs more bodies doing conformity assessment certification to the Australian regulations.

Further, I think that the problem is the opposite. When accreditation and certification are privatised, it all becomes a commercial game. At least when regulators "accredit" it is more likely to stay what it's meant to be - a more efficient system for the benefit of manufacturers and patients. I know that regulators are not always politics-free (and sometimes not even corruption-free) but I still prefer it to the free market approach, in this context. I think that an arrangement like in the EC (NBs) could have been the best of both worlds if Member States were not under-budgeting and actually doing their job in the equation. I feel that full global harmonization is a dream (nice one) that may not come true in my lifetime, and even if it did it would be based, first of all, on regulators negotiating and coming to agreements (one at a time), anyway. I don't believe it can be achieved in a "free market" style, through non-governmental orgs. Too much national power and pride are involved.

The IAF program for ISO 13485 program is the MDSAP for the rest of the world, and I see some countries, like Australia's Therapeutic Goods Administration are now already using it.
You got me confused here. The TGA is using what?.... :confused:

Cheers,
Ronen.
 
Last edited:
G

gramaley

#7
TGA has agreed to accept ISO 13485 certificates for regulatory submissions of IVDs, so long as the 13485 cert is issued under the IAF Multilateral Recognition Arrangment.

Google Search TGA and ISO 13485 IAF MLA and you'll see it.

Accreditation is regulated under European Law 765/2008. So operating any certification activities to any standard in Europe, has to be done by Member State appointed Accreditation Bodies (Operating under international norms for accreditation). Only one Accreditation Body is permitted to be recognized in each country in Europe, under the regulation. Most of them are operating under government ministries of trade, like our own NIST (which is a member of IAF and ILAC Mulilateral Recognition Arrangements.

Harmonization is pointless, unless it is followed by "Mutual Recognition". The two largest technical trade agreements on earth can be found at the IAF website and the ILAC website. Search ILAC MRA and IAF MLA.

They don't merely cover ISO 13485, they cover every testing labs, every QMS and are expanding now into Food Safety and Information Security. Accreditation is required under European Law for organizations that certify companies for greenouse gas emissions.

Regulators do not have experience with Accreditation (despite having said they do this). Up until recently, they never looked at ISO 17021 and certainly have ignored ISO 17011, which would have to be applied to themselves.

NEWS BREAK
The Europea cooperation on Accreditation (EA), which operates under regulation 765/2008, announced they will sign an agreement with the International Accreditation Forum, to add the IAF ISO 13485 program on accreditation to the scope of their multilateral recognition arrangement. This agreement permits IAF member assessment teams to provide an international assessment team to evaluate their region, to make sure they are using the IAF MD8 and IAF MD9, in concert with ISO 17011 and ISO 17021 in assessing CABs for competency, impartiality and providing consistency accross all accreditaiotn bodies and CABs. I got an email from the Chairman of the EA, Thomas Facklam announcing the intent of the EA to this effect.

Why does this matter?
How can you trust one ISO 13485 cert to be as good as another (see attached illustration).

There is a lot of reason to doubt that all certificates are created equal. There is no other way to create a single audit program that meets the WTO definition of being truly international (open to all countries). There are however conditions that all must rise to meet, and a surveillance system you didn't even know existed as a capstone over all certifications. That capstone isn't merely signatures on a page, saying "I will accept your cert if you accept mine", no, it is much more than that. The reason these MLAs work, is these organizations, IAF and ILAC, have assessment teams that work all over the world, on every continent, to make sure these Accreditation Bodies and CABs are operating to international norms.

Harmonization is here, but it means nothing without "recognition". "Recognition" is already here, and it is just a matter of time before regulators see its great worth, just as TGA has done, and Asia (AHWP) is moving in this direction too.

In the attachment, I used a completely foriegn ISO 13485 cert, an unheard of CAB, and a relatively unknown accreditation body to show how you can find reason to trust a cert you might have worried about. And FYI - SWEDAC is an Accreditation Body, and operates also as a Notifying Authority for all three medical device directives. They are "government".
 

Attachments

Marcelo

Inactive Registered Visitor
#9
Part of the problem in the discussion, as always, is to talk about certification (which is a business-focus activity since the beginning) and the link with regulatory requirements (which is a regulatory-focus activity). For example, Brasil already has the ISO 13485 certification scheme by INMETRO (the Brazilian accreditation AND certification body :p), but it?s not used by ANVISA in their regulatory requirements in general (only in the mandatory certification programs, which are more burdensome that usual), and even then, ANVISA still has it?s quality system requirements GMP requirements for high risk classes (which creates a double audit/inspection requirement).

Although at the moment ANVISA is counting even more on some INMETRO certification activities, it is still a problem. For example, ANVISA will publish in a while a regulation requiring that, besides being accredited by INMETRO (following international certification rules), the certification bodies and test houses will need to be "enabled" by ANVISA (think of this as a second layer of accreditation performed by ANVISA itself) for the certificates to be accepted in ANVISA regulatory submissions...this is because events from the past showed ANVISA the the certification scheme was not fulfilling their regulatory needs.
 
G

gramaley

#10
The SWEDAC accreditation does cover the base ISO 13485 standard.

"SP" is accredited to the Swedish version of the EN standard, which is based from ISO 13485:2003 standard. As you know, there is no difference between the EN 2012 standard and the base standard ISO 2003 standard, except for an Annex Z that shows what parts of the 93/42/EEC Annex II are covered or not covered by ISO 13485:2003.

The previous attachment was just an example of how international accreditation works. And we are only beginning to see the first "Signatory" to the IAF MLA which is the 35 members of the European Regional Group EA.

:topic:
I wanted to mention something I heard last week from a speaker operating out of the US Government as the US liaison to the European Union. WTO defines "international" as being open to all countries. So unless a program allows an equal opportunity to participate to all outside countries, it is not "International" under WTO's definition.


IMDRF isn't open to all countries, so it cannot meet that criteria as being truly international. Ironically, the Asian Harmonization Working Party" appears to far more "international", since AHWP is willing to include any regulatory authority that wants to join, and gives them an equal opportunity to participate. Latin American and Middle Eastern regulators have applied and joined AHWP!

IEC and ISO are open to all, as are IAF and ILAC that support a certificatation to the IEC and ISO standards.

For "Certified once, accepted everywhere" to be possible, "Everywhere" has to be invited to participate, AS EQUALS. Yes, it may creates massive buracracy and slows things down. I tell people that I went to the IAF because I needed a supertanker, to carry the weight of all ISO 13485 accreditations, I wouldn't settle for a row boat.

These "supertanker" organizations are the only way to carry such a load. ISO and IAF and IEC and ILAC carry the weight of "International" accredited certifications worldwide, not just to Canada, Brazil, or Europe. I am annoyed at what some people call "International", when they are not, and surprised by organizations like AHWP that are truly international, but are not viewed as such.
:topic:


Moving along:whip:
As the EA (which has 35 member countries) will now sign the "International" Accreditation Forum Multilateral Recognition Arrangement, that Swedish dental company will be allowed to receives an ISO 13485 certificate with the IAF MLA mark emblazened on it.

The EA has only recently agreed to sign this agreement, so we will not see the IAF mark appear immediately on ISO 13485 certs, probably until the company gets it next certificate. It takes time to move all the world into one single system, but it happen, even during Ronen's lifetime!

Coming Soon - Asia and the America's
The Pacific Accreditation Cooperation and Inter-American Accreditation Cooperation are planning to sign the agreement. African may not be ready for a little while longer, but South Africa or any other Accreditation can apply to the IAF MLA without going throug a "Regional Group" membership.


OTHER Breaking news ISO's "CERTO" database
ISO is creating a global certification database for all IAF based accredited certificates. So instead of tracking down all of this information yourself, at the CABs and ABs websites, you will go to ISO's "CERTO" databse

Only ISO certs operating under IAF accreditation will be entered into the database. You will see Food Safety QMS certs, Medical Device QMS certs, and others, all put their by the CABs that have been accredited by the IAF member ABs.

From what I have seen and heard so far, the CERTO database could be operational as soon as September! This was an enormous undertaking and ISO is determined to keep this as "not for profit". It will also start to clean up the world of all those organizations that trade certs like candy for cash.

If you want to read more about the IAF Initiative on Accreditation for ISO 13485, see the attachment. And Marcelo, I have another one of these IAF Handbooks in your native language, if you'd like.
 

Attachments

Last edited by a moderator:
Thread starter Similar threads Forum Replies Date
A ISO 13485 for Class 1 Medical Device ISO 13485:2016 - Medical Device Quality Management Systems 7
K Contamination Control - Class Is medical devices (Clause 6.4.2 ISO 13485:2016 (E)) ISO 13485:2016 - Medical Device Quality Management Systems 12
C ISO 13485 Requirement in Australia/NZ for class 1? ISO 13485:2016 - Medical Device Quality Management Systems 1
J ISO 14971 applied to ISO 13485? Low risk class 1 devices ISO 13485:2016 - Medical Device Quality Management Systems 5
F MDR ISO 13485 for Class I sw/hw company to be class II due dates ISO 13485:2016 - Medical Device Quality Management Systems 3
C Medical device manufacturing (class 2 ISO 13485:2016) - Is a Deviation allowed? Other Medical Device Related Standards 5
M ISO 13485 Required for CE Mark on Class I product CE Marking (Conformité Européene) / CB Scheme 1
B ISO 13485 certification advantages when I certify a Class 2a medical device CE Marking (Conformité Européene) / CB Scheme 12
K ISO 13485:2016 Self Certification for Class I (annex 9) Stand-Alone Software? ISO 13485:2016 - Medical Device Quality Management Systems 3
GoSpeedRacer Pre-Work and Study for ISO 13485:2016 Lead Auditor Class ISO 13485:2016 - Medical Device Quality Management Systems 1
K ISO 13485 requirements for Stand Alone Medical Device Software (Class II a) ISO 13485:2016 - Medical Device Quality Management Systems 1
Q Class I Technical File reviewed during ISO 13485 Certification Audit by NB CE Marking (Conformité Européene) / CB Scheme 10
N Extent of Product Traceability Required by ISO 13485 (Low Level Class I Devices) ISO 13485:2016 - Medical Device Quality Management Systems 3
Q ISO 13485 Contract Manufacturer & Class II Devices Other US Medical Device Regulations 1
C ISO 13485 Class 7 Cleanroom Requirements ISO 13485:2016 - Medical Device Quality Management Systems 7
B ISO 13485 Class I Medical Device Design Exclusion ISO 13485:2016 - Medical Device Quality Management Systems 10
T ISO 13485 Book and Training Class Recommendations wanted Training - Internal, External, Online and Distance Learning 4
S Medical Device Class IIa Nonsterile ISO 13485 Alternatives ISO 13485:2016 - Medical Device Quality Management Systems 3
B Class IIb Medical Device using Annex II route - Need to Update ISO 13485 Scope? ISO 13485:2016 - Medical Device Quality Management Systems 2
A ISO 13485 Risk Analysis - Class II Medical Device Engineering Changes ISO 13485:2016 - Medical Device Quality Management Systems 9
I Distributors for class II medical devices in US - Do we need ISO 9001 or ISO 13485 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
C CAP for Medical Device Class Is product - Slightly confused - ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
O ISO 13485 sample document or template - Class II medical device ISO 13485:2016 - Medical Device Quality Management Systems 16
Q Training Matrix - Job Class vs. Process Instructions - ISO 13485 Training - Internal, External, Online and Distance Learning 4
D ISO 13485 Certification - Class II product - Fluoride-free toothpaste - Records ISO 13485:2016 - Medical Device Quality Management Systems 1
LostLouie DHF linked to ISO 13485:2016? ISO 13485:2016 - Medical Device Quality Management Systems 4
B ISO 13485 Certificate Location / Scope ISO 13485:2016 - Medical Device Quality Management Systems 9
M ISO 13485 Supplier Question ISO 13485:2016 - Medical Device Quality Management Systems 13
M ISO 13485:2016 Identification & Traceability ISO 13485:2016 - Medical Device Quality Management Systems 4
K Clause 7.5.2 of ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 5
J ISO 13485 and new warehousing ISO 13485:2016 - Medical Device Quality Management Systems 2
A Applying for ISO 13485 certification ISO 13485:2016 - Medical Device Quality Management Systems 8
Ed Panek Auditor Feedback ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 12
S ISO 13485 certification training Training - Internal, External, Online and Distance Learning 1
Ed Panek ISO 13485 Reporting Requirements ISO 13485:2016 - Medical Device Quality Management Systems 4
B ISO 13485 Qualification of R&D Equipment Qualification and Validation (including 21 CFR Part 11) 1
J Recognised/reputable courses for ISO 13485 Section 7.3 (Design & Development)? ISO 13485:2016 - Medical Device Quality Management Systems 1
Q ISO 13485 certificate needed if I go for MDSAP certification? ISO 13485:2016 - Medical Device Quality Management Systems 3
K ISO 13485 Design Requirement with respect to "component" manufacturers ISO 13485:2016 - Medical Device Quality Management Systems 11
P Registrar Cancelled ISO 13485 Auditors multiple times? Registrars and Notified Bodies 1
rob3027 ISO 13485 justification for design and development exclusion for medical packaging ISO 13485:2016 - Medical Device Quality Management Systems 18
A Help understanding what it takes to implement a QMS that is ISO 13485 compliant ISO 13485:2016 - Medical Device Quality Management Systems 4
FuzzyD ISO 13485:2016 Customer Assessment OFI ISO 13485:2016 - Medical Device Quality Management Systems 2
M ISO 13485 consultants and auditors with design oriented focus ISO 13485:2016 - Medical Device Quality Management Systems 7
S Brexit ISO 13485:2016 + Corrigendum - What does a UKCA DoC require? EU Medical Device Regulations 2
Aliken Recommendation for the ISO 13485 certification company ISO 13485:2016 - Medical Device Quality Management Systems 7
ISO-tired ISO 13485: file structure overview ISO 13485:2016 - Medical Device Quality Management Systems 11
M PROBLEM IN SCOPE OF ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 6
S ISO 13485 signing of Procedures etc. ISO 13485:2016 - Medical Device Quality Management Systems 10
N ISO 13485 Scope Reduction Other ISO and International Standards and European Regulations 2

Similar threads

Top Bottom