ISO 13485 for software outsourcing company

Talja

Registered
#1
Hello everyone,

Is there someone who has experience with implementing ISO 13485 in software outsourcing company?

Due to specific of work there are plenty of limitations and bottlenecks that cant be established in our company per requirements from the standard and I would like to consult how those issues were solved by others.

Would appreciate any help.
 
Elsmar Forum Sponsor

yodon

Staff member
Super Moderator
#2
We are a contract R&D shop doing both hardware and software and we're registered to 13485... I might be able to relate what we've done to the problems you're facing.

By and large, considering your "product" being "service" helps to keep things properly framed. It does get strange in some places.
 

Talja

Registered
#3
Hi yodin, :bigwave:
I would be more than happy if you could help me in finding some good quality literature, web resource that should help me to map the processes we have to requirements for medical devices QMS.

In our company there is no experts in this field and I am pioneer in this process.

The biggest pain I have is Infrastructure, Environment and Control of Production and service Provision. As there is no actually the real manufacturing process, we have offices, buildings and hardware with network infrastructure. How it should be mapped in order to cover requirements from iso?
 
#4
Thanks for replying!
So, we are outsourcing software development company. We have different clients that outsource development, testing, etc. mostly from USA and Europe. So we decided to certify 800people who works in healthcare domain in our company. But the challenge is that all projects are very different, some of the has shared responsibility with clients, some of them only responsibility on the client side and we act as augmentation of their teams.

The are main question that I have now:
1) how we have to create a medical device files for ~ 70 different projects?
2) how we can establish FMEA risk management, as usually we do not have whole picture of the product, we only contribute.
3) For the Control of Production and service Provision we decided to decribe the flow how the projects are working from the signing the contract and getting some basic requirements to closure of the project. Not sure if this is right way...

Can you advise something?Will appreciate your help ;)
 
A

Access2hc

#5
very strange that your clients (whom i assume are all doing medical devices) are not imposing their requirements on your company.. (different type of concern :)

1. medical device file - one per product group, not necessarily per project
2. you have the part of the SRS/SDDS that was provided to you or you've created, you definitely have the code. therefore just do your part
3. control of production here does not mean the coding. (the code is the product). do you provide copies of your software in USB, CDs, in which you would have to replicate the software? if yes, then that becomes production.

Cheers,
Ee Bin
Access2hc
 

yodon

Staff member
Super Moderator
#6
Apologies, this apparently slipped through the cracks...

Thanks for replying!
So, we are outsourcing software development company. We have different clients that outsource development, testing, etc. mostly from USA and Europe. So we decided to certify 800people who works in healthcare domain in our company. But the challenge is that all projects are very different, some of the has shared responsibility with clients, some of them only responsibility on the client side and we act as augmentation of their teams.

The are main question that I have now:
1) how we have to create a medical device files for ~ 70 different projects?
*You* don't - that's the responsibility of the device manufacturer. Access2hc touched on this: your customers should be driving what's required from you. You can facilitate this by doing your work in compliance with, say, IEC 62304, providing (documentation) deliverables that are suitable for inclusion in the medical device file. This should all be worked out in the contract between you and your clients. (Again, you can help by understanding the standard and working through the process of defining who provides what).

2) how we can establish FMEA risk management, as usually we do not have whole picture of the product, we only contribute.
Indeed, you cannot! This has to be a collaborative effort with your customer. 62304 (and IEC 60101-1 section 14 for PEMS if applicable) define some generic risks that need to be addressed as part of risk management for the software aspects but you'll still need to work collaboratively to ensure things line up.

3) For the Control of Production and service Provision we decided to decribe the flow how the projects are working from the signing the contract and getting some basic requirements to closure of the project. Not sure if this is right way...
Agree generally with Access2hc's response and especially in terms of your limited responsibilities in this matter. Your customer, though, needs to define how they control matters to ensure the device production incorporates the correct version of the software. Again, though, that's out of your scope.
 
R

Rlizyani

#7
ISO 13485 also requires developers to look closely at every decision made during the process of design and development. This process includes minimizing waste during testing anddevelopment as well as improving risk management
 

Lokus200

Starting to get Involved
#8
I think for software development companies it is better to have a Software Development Procedure to cover 62304, this should come in addition to general Design and Development Procedure.
 
Thread starter Similar threads Forum Replies Date
J Implementing an ISO 13485 QMS Software ISO 13485:2016 - Medical Device Quality Management Systems 6
S SOP for ISO 13485:2016 Quality related Software validation ISO 13485:2016 - Medical Device Quality Management Systems 9
Q Is that any difficulty to do software DFMEA and PFMEA in ISO 13485? ISO 13485:2016 - Medical Device Quality Management Systems 5
R ISO 13485 Software validation procedure and Quality Objectives Monitoring wanted Document Control Systems, Procedures, Forms and Templates 1
T Software Validation Certificate (ISO 13485:2016) ISO 13485:2016 - Medical Device Quality Management Systems 19
C Software validation (4.1.6 ISO 13485:2016) ISO 13485:2016 - Medical Device Quality Management Systems 20
O ISO 13485 for software company - Selecting suppliers ISO 13485:2016 - Medical Device Quality Management Systems 3
R CNC Software Validation requirements as per ISO 13485:2016 Other ISO and International Standards and European Regulations 8
P QMS software recommendations for a small ISO 13485 company Quality Manager and Management Related Issues 5
S What is the clause in ISO 13485 for SAP Software Validation? ISO 13485:2016 - Medical Device Quality Management Systems 3
A Process Validation of QMS Software ISO 13485: 2016 Cl. 4.1.6 ISO 13485:2016 - Medical Device Quality Management Systems 26
A ISO 13485:2016 - Validate our use of software that impacts on the QMS ISO 13485:2016 - Medical Device Quality Management Systems 8
K ISO 13485:2016 Self Certification for Class I (annex 9) Stand-Alone Software? ISO 13485:2016 - Medical Device Quality Management Systems 3
H ISO 14971 vs. IEC 62304 vs. 98/79/EC vs. ISO 13485 (Software Medical Device) ISO 14971 - Medical Device Risk Management 1
S Software Validation – Clause 4.1.6 of ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 12
K ISO 13485 requirements for Stand Alone Medical Device Software (Class II a) ISO 13485:2016 - Medical Device Quality Management Systems 1
F How to Align a Software Consulting/Contract Firm to ISO 13485+14971 & 62304 ISO 13485:2016 - Medical Device Quality Management Systems 1
R ISO 13485 Software Validation Requirements - Help needed ISO 13485:2016 - Medical Device Quality Management Systems 4
K Are ISO 13485 & ISO 14971 applicable to Healthcare IT software? ISO 13485:2016 - Medical Device Quality Management Systems 3
M Problems implementing ISO 13485 for Software-Only Medical Device Manufacturers? ISO 13485:2016 - Medical Device Quality Management Systems 4
F ISO 13485 & FDA Requirements - What kinds of software require validation? ISO 13485:2016 - Medical Device Quality Management Systems 2
T Quality Compliance Software to meet ISO 13485 QMS and 21 CFR 820 Requirements Quality Assurance and Compliance Software Tools and Solutions 3
A ISO 13485, Document Control and Software Validation ISO 13485:2016 - Medical Device Quality Management Systems 9
R Help for implementing ISO 13485 (provision of software to Hospitals) ISO 13485:2016 - Medical Device Quality Management Systems 4
S Nonconforming Material and CAPA ISO 13485 compliant software suggestions? Nonconformance and Corrective Action 7
K Evaluation of software life span - ISO 13485 IEC 62304 - Medical Device Software Life Cycle Processes 6
G Software for Medical Devices and ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 5
P Guidance on ISO 13485 Section 7.5.2. about Software Validation ISO 13485:2016 - Medical Device Quality Management Systems 15
K Software validation question - Contract Manufacturer - ISO 13485 implementation ISO 13485:2016 - Medical Device Quality Management Systems 2
J MRP / ERP Software Systems - Small medical laser manufacturing company - ISO 13485 Quality Assurance and Compliance Software Tools and Solutions 6
Q Looking for Best ISO 13485/FDA QSR Quality System Development Software Quality Assurance and Compliance Software Tools and Solutions 4
N Quality Compliance Officer - ISO 13485, London Job Openings, Consulting and Employment Opportunities 0
E ISO 13485 QMS certification as a Supplier ISO 13485:2016 - Medical Device Quality Management Systems 8
T ISO 13485:2016 Clauses related to process matrix ISO 13485:2016 - Medical Device Quality Management Systems 3
J Can signed agreements over-ride review of every "contract" under ISO 13485:2016? ISO 13485:2016 - Medical Device Quality Management Systems 2
Q EN ISO 13485:2016/AC:2018 - AC:2018 being stated in the applicable harmonized standard listing Other ISO and International Standards and European Regulations 1
J Leveraging another company's ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 5
J New Job Position - Achieving ISO 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 4
A Scope of ISO 13485 certificate ISO 13485:2016 - Medical Device Quality Management Systems 1
A ASL requirement when the supplier is certified for ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 6
M ISO 13485-2016 online certification ISO 13485:2016 - Medical Device Quality Management Systems 3
S Thoughts on managing ISO 9001, 13485, IATF 16949 and 17025 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 33
S Supplier Management ISO 13485: 2016- Which supplier needs to fill in a self assessment form? ISO 13485:2016 - Medical Device Quality Management Systems 6
J Possible to get ISO 13485 certified with only OEM Product? ISO 13485:2016 - Medical Device Quality Management Systems 4
D Definition of equipment for ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
M ISO 13485:2016 Complaint Definition Clarity Customer Complaints 2
D Rules for Paper Forms outside of an eQMS - 3 Questions (ISO 13485) Document Control Systems, Procedures, Forms and Templates 9
S Qualification question - ISO 13485 - Setting up a small lab Reliability Analysis - Predictions, Testing and Standards 2
K ISO 13485 clause 8.5.2 'Any necessary CA shall be taken without undue delay' ISO 13485:2016 - Medical Device Quality Management Systems 11
J How much to charge for helping a startup company with initial ISO 13485 certification? Consultants and Consulting 3

Similar threads

Top Bottom