johnjflynn42
Registered
My apologies if this has been answered elsewhere, I could not find an answer.
The company I work for (I am the Quality Manager) is ISO 9001:2015 and we are working towards our ISO 13485:2016 certification.
We are a Contract Manufacturer (no design responsibilities - it is an exclusion) of silicone injected molded products.
4.2.5 states (in part)
Records shall be maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system.
Records shall remain legible, readily identifiable and retrievable. Changes to a record shall remain identifiable.
The organization shall retain the records for at least the lifetime of the medical device as defined by the organization, or as specified by applicable regulatory requirements, but not less than two years from the medical device release by the organization.e organization.
Now - the question(s) I have regarding real world implementation of 4.2.5.....
Does this preclude using cloud based storage / software? (i.e. one drive)
How would you "maintain" one drive? We do not own or have control over it, especially over the lifetime of the medical product.
For companies that have cloud / web based QMS, does your auditor address this?
We have a local server, but several of our documents we use for quality / manufacturing are shared via one drive.
I am a former Navy Nuke and worked in the commercial nuclear industry for 20+ years, so I have a tendency to over complicate / overthink things so I would appreciate feedback and see what others have done.
Thanks.
John
The company I work for (I am the Quality Manager) is ISO 9001:2015 and we are working towards our ISO 13485:2016 certification.
We are a Contract Manufacturer (no design responsibilities - it is an exclusion) of silicone injected molded products.
4.2.5 states (in part)
Records shall be maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system.
Records shall remain legible, readily identifiable and retrievable. Changes to a record shall remain identifiable.
The organization shall retain the records for at least the lifetime of the medical device as defined by the organization, or as specified by applicable regulatory requirements, but not less than two years from the medical device release by the organization.e organization.
Now - the question(s) I have regarding real world implementation of 4.2.5.....
Does this preclude using cloud based storage / software? (i.e. one drive)
How would you "maintain" one drive? We do not own or have control over it, especially over the lifetime of the medical product.
For companies that have cloud / web based QMS, does your auditor address this?
We have a local server, but several of our documents we use for quality / manufacturing are shared via one drive.
I am a former Navy Nuke and worked in the commercial nuclear industry for 20+ years, so I have a tendency to over complicate / overthink things so I would appreciate feedback and see what others have done.
Thanks.
John