ISO13485 application: May Subcomponents or Non-Medical Products be Excluded?

Eamon

Involved In Discussions
#1
I am working for a small company accredited to ISO 13485. Until this point, all of our products have been final, end-user products. All of our existing quality procedures, including a risk management checklist and FMEA, assume a final end-user product (as does ISO 14971).

We are going to supply a sub-component to be integrated into another company's product. The client company will be responsible for safety testing, regulatory approvals and risk management, although we will be supporting these activities as required.

Within our current procedures, the risk analysis would seem to be the most problematic, since it is directly mandated by ISO 13485. It seems to be impossible to evaluate risk without detailed knowledge of the end product's intended use, which we don't have full access to in this case. And it would seem to be a duplication of effort since the manufacturer of the end product is responsible for this in any case.

Since we are not going to be ultimately responsible for some of these activities, I am wondering whether we should revise our procedures so that certain products can be excluded from the scope of ISO 13485.

Alternately, I am wondering what sort of risk analysis can be done with incomplete knowledge of the full context of the end use of the component we're designing.

I know answers have been posted which touch on these issues, but I'm particularly interested in knowing what sort of language would go into our procedures to allow the exclusion of certain products from the full ISO 13485 process. I am assuming that the procedure for excluding a product would be covered in the Quality Manual as given by 4.2.2 (a): "the scope of the quality management system, including details of and justification for any exclusion and/or non-application (see 1.2)". I have seen a post in this forum (which I'm not currently able to link to) which implies that a product could be excluded from the scope of ISO13485, but what criteria would typically allow this and how would such an exclusion typically be handled by quality system procedures?

Would an exclusion be justified as a matter of holding, in certain cases, that "regulatory requirements permit exclusions of design and development controls" (in section 1.2)? Can this clause be applicable on a product-by-product basis? Does anyone work with a quality manual which allows specific products to be excluded from the full ISO 13485 process?

Any thoughts from anyone who has considered this issue before would be most appreciated.
 
Elsmar Forum Sponsor

somashekar

Staff member
Super Moderator
#2
Re: ISO13485 application: can subcomponents or non-medical products be excluded?

We are involved in both medical devices and optic modules manufacturing for other requirements such as security systems etc. These have been clearly defined in our scope of manual as ISO 13485 scope and ISO 9001 scope, and likewise addresed in the system management. Our cert also clearly indicates these.
 

DannyK

Trusted Information Resource
#3
Re: ISO13485 application: can subcomponents or non-medical products be excluded?

If your subcomponent is considered a medical device, you cannot exclude it from your system.
The best way to deal with this issue is to have a responsibility matrix, which will detail what your company and your customer are responsible for each different application.

You still should be able to provide risk management, but some of the information could reference the customer's risk management since you may not have alll the technical information.
 

Marcelo

Inactive Registered Visitor
#4
Re: ISO13485 application: can subcomponents or non-medical products be excluded?

In relation to the risk management side of your question, as you point out ISO 13485 and ISO 14971 are focused on risk management of the final, medical device product, and in this way the applicable risk management is completely tied to the final product intended use.

I think there´s two point to consider gere. First, products (systems) are made of sub-systems. The device manufacturer has to take into consideration the individual risks of subsystems (they have to identify all hazard situations related to the device) to know the overall risk of the system. In this case, a lot of these sub-systems risks really have in principle nothing to do with the end-user or patient, meaning they´re could be sub-systems from any other kind of equipment. In this way, a component or sub-system could be risk managed without know the final product intended use. I would suggest, for simplicity´s sake, to define the intended use of your component or subsystem, and then manage risks related to them.

This approach is in concordance with the second point, which is a trend in the medical device industry called "system parity" (quality system or risks management system) in which manufacturers have to rely on the quality system or risk management system of their supplier, and even incorporate some of them, to complete it´s own quality or risk management sytem. Here is a link on quality and other systems parity.
 
Last edited:
T

treesei

#5
Re: ISO13485 application: can subcomponents or non-medical products be excluded?

We mainly make components for other device OEMs. We make a small quantity of own finished device. It is true that w/o sufficient info of the finished device the risk assessment of the component cannot be done to the same level for a finished device. Many times, the requirements for the quality system of a component supplier are laid by the OEM and often they are in between 9001 and 13485. For example, if the OEM owns the design, then you will be exempt from 13485's design control requirements. You can reflect such exempt in your quality manual. This "modified 13485" approach may be cheaper than putting your sub-component business under a separate 9001. ANd the customer may like it better.
 
Thread starter Similar threads Forum Replies Date
M ISO13485:2016, MDSAP and Internal Audits ISO 13485:2016 - Medical Device Quality Management Systems 8
A When will ISO13485 Update be Released? EU Medical Device Regulations 1
J Do Software Subcontractors need to be ISO13485 compliant in the EU? EU Medical Device Regulations 3
A Is it mandatory to obtain ISO13485 certificate prior to CE marking? EU Medical Device Regulations 8
M Address change for a company with CE/ISO13485 EU Medical Device Regulations 2
A Document "Correspondence IATF 16949 vs ISO13485" available? IATF 16949 - Automotive Quality Systems Standard 0
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
K ERP System Software Validation - ISO13485 2016 4.1.6 Design and Development of Products and Processes 8
N Can a (class I) medical device be manufactured in a GMP certified site with no ISO13485? EU Medical Device Regulations 18
V Iso13485 certification vs CE technical audit ISO 13485:2016 - Medical Device Quality Management Systems 3
A ISO13485:2016 name and ownership changes questions ISO 13485:2016 - Medical Device Quality Management Systems 3
D ISO13485:2016 7.5.6 Process Validation Responsibilities ISO 13485:2016 - Medical Device Quality Management Systems 1
D Customer Audit Finding ISO13485:2016 7.6 ISO 13485:2016 - Medical Device Quality Management Systems 7
CPhelan Do you require MDSAP for CE Marking of a Medical Device or is ISO13485:2016 with clinical data sufficient? CE Marking (Conformité Européene) / CB Scheme 6
R How to improve a Validation program and procedures to FDA (21 CFR part 820) & ISO13485 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
S PPT for ISO13485:2016 Employee Training (Request) ISO 13485:2016 - Medical Device Quality Management Systems 0
qualityegghead ISO13485:2016 4.2.4 Control Of Documents - Lifetime of the Medical Device ISO 13485:2016 - Medical Device Quality Management Systems 3
S Nonconformance to a Note in ISO13485 clause 6.2 Human Resources Effectiveness ISO 13485:2016 - Medical Device Quality Management Systems 13
C ISO13485 exclusions for design and automation company ISO 13485:2016 - Medical Device Quality Management Systems 2
R ISO13485/ISO9001 Convenient Document Management System Document Control Systems, Procedures, Forms and Templates 3
S ISO13485 2016 - What the upshot is of failing to upgrade on a medical diagnostic device ISO 13485:2016 - Medical Device Quality Management Systems 1
R ISO9001 & ISO13485 QMS for 2 types of products ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
M ISO13485 Documentation packs (manual, procedures, forms etc) ISO 13485:2016 - Medical Device Quality Management Systems 3
H ISO13485:2016 Measurement System - Methods General Measurement Device and Calibration Topics 4
C ISO13485/9001 clause 6.3 (Infrastructure) ISO 13485:2016 - Medical Device Quality Management Systems 3
G ISO13485:2016 Cl. 7.5.1 - Production and Service Provision - Medical Device Repairs ISO 13485:2016 - Medical Device Quality Management Systems 3
M Looking for Cross reference of AS9100:2016 to ISO13485 AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
M ISO13485:2016 - Exemption vs. Not Applicable ISO 13485:2016 - Medical Device Quality Management Systems 16
K Implementing ISO13485:2016 in the Middle of a New Device Project ISO 13485:2016 - Medical Device Quality Management Systems 1
T ISO13485:2016 Clause 6.3 - Infrastructure ISO 13485:2016 - Medical Device Quality Management Systems 1
R ISO13485:2016 Clause 4.2.3 - Changes in Technical File Requirements ISO 13485:2016 - Medical Device Quality Management Systems 18
T ISO13485 cert expired - Product still CE Marked CE Marking (Conformité Européene) / CB Scheme 1
V Revised ISO std vs ISO13485:2003 - Help Please!!! ISO 13485:2016 - Medical Device Quality Management Systems 4
C Is there a strong market out there for ISO13485 certification? ISO 13485:2016 - Medical Device Quality Management Systems 11
B Must a Design Outsourcing Company have ISO13485? ISO 13485:2016 - Medical Device Quality Management Systems 3
L ISO13485 past practice labeling vs customer requirement Other ISO and International Standards and European Regulations 2
S CMDCAS ISO13485 - Bilateral agreement with SAI global to conduct Certification Audits ISO 13485:2016 - Medical Device Quality Management Systems 7
Q Multiple Quality Standards - AS9100 and ISO13485/9001 Cross Reference Matrix Quality Manager and Management Related Issues 3
C ISO13485 Incoming Receiving Parts Verification ISO 13485:2016 - Medical Device Quality Management Systems 13
Q ISO13485 Section 7.5.1.1 and 7.5.2.1 for a Distributor ISO 13485:2016 - Medical Device Quality Management Systems 2
W Setting up from scratch - Looking for help (ISO9001 / ISO13485) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
B Outsource Production Line need ISO13485 Certificate ISO 13485:2016 - Medical Device Quality Management Systems 1
somashekar Clause 7.5.5. as in the text and in the Annex B (ISO13485:2003) ISO 13485:2016 - Medical Device Quality Management Systems 1
U Do we have to have foreign legal documents? (ISO13485 4.2.3 document control) ISO 13485:2016 - Medical Device Quality Management Systems 3
0 Medical Device Distribution Centre and Implementing ISO13485 ISO 13485:2016 - Medical Device Quality Management Systems 1
C Writing a Sterilization Procedure when the Process is Subcontracted - ISO13485 Quality Management System (QMS) Manuals 1
J ISO13485 Certification Scope - Registering a Subset of our Products ISO 13485:2016 - Medical Device Quality Management Systems 9
J ISO13485 Clause exclusions for a Medical Software Company ISO 13485:2016 - Medical Device Quality Management Systems 9
P How to streamline different documents in a multi plant ISO13485 QMS ISO 13485:2016 - Medical Device Quality Management Systems 8
D FDA Guidance on Interim Use of ISO13485 for Medical Device Manufacturer ISO 13485:2016 - Medical Device Quality Management Systems 3

Similar threads

Top Bottom