ISO13485/ISO9001 Convenient Document Management System

#1
Hello everyone,
I plan our future Doc Management System, we are working in electronics for industrial equipment and also plan to extend our business to Medical Device (we are a small company <20 persons). So our DMS must be ISO 9001 & ISO 13485 compliant ;)
During previous experiences in Medical Device companies I used eDMS software and/or a paper-based system with wet ink signature of the creator/checker/approver and archiving of each paper version. I am trying to find a way to avoid these kinds of systems. I have read the forum and the standards and I have thought of a solution that I want to share with you.
I am sure that this system can be ISO 9001:2015 compliant, also it seems to be compliant with ISO 13485 §4.2.4 & 4.2.5.
But I would like to have some feedback to know if it could be enough for an ISO13485 QMS.

Please find below a quick description of the solution (lifecycle/workflow; content of the documents; archiving):

Requirements: ISO 9001:2015 + ISO 13485:2016 + in EU (no FDA)

# Instruction documents life cycle (procedure; WI):
- Creation: redaction in a word template
- Review: check of the word document by other persons & feedback to author (review not documented)
-Approval: check & approve document by Doc Manager --> Doc Manager create a pdf and save it on a network folder with limited write access = doc approved
- Use & consultation: user can access the network folder (read only) to view the documents approved
- Archiving: obsolete documents are transferred on another network folder with restricted access (files are PDF with “obsolete” watermark)

# Instruction document template content:
- Document type; Doc Reference; Doc Title; Doc version; Approval date
- Information about the change since last version (no information about previous changes since obsolete revisions are stored)
- Author name
- Approver name & approval date
- Inscription “Uncontrolled copy when printed”

# Form template lifecycle:
- Some form templates are created in word and then transferred to PDF for use (print or PDF with editable fields)
- Other form templates are created in word/excel; so they can be use directly in word/excel (for calculations)
- Approval: check & approve document by Doc Manager --> Doc Manager save form on a network folder with limited write access = doc approved
- Archiving: obsolete documents are transferred on another network folder with restricted access (files are PDF with “obsolete” watermark

# Form template content:
- Document type; Doc Reference; Doc Title; Doc version; Approval date
- Author name
- Approver name & approval date

# Record archiving:
- Paper: archiving paper records during defined period
- Electronic: archiving in a not alterable format (PDF)

Any feedback is appreciated; I want to make sure to have a system compliant & try to make it as simple as possible for users.
 
Elsmar Forum Sponsor

MC Eistee

Starting to get Involved
#2
I just came across this thread looking for something else. I just give it a try in case you come back ;).

What you should do is challenge your requirements against 4.2.4 Control of documents within ISO 13485.
This chapter does have requirements like review, approve, re-approve (if needed) documents prior to issuing them. Make sure the current revision is available and changes between revisions are visible. At some stage these documents will also become records (thats what you mentioned within # Record archiving), so also have a look at 4.2.5

Just by looking at you requirements it does look like you meet ISO 13485. But better check it yourself again.

The big question (and this is why I stumbled over this thread) is how you approve your documents.
ISO 13485 only says documents have to be approved, but unlike 21 CFR Part 11 (that's not applicable to you) does specify how an approval has to be done. Also in the guidance document to ISO 13485 it only refers to other regulations that might have requirements on how an approval has to be done.

Does anyone have an idea on how an approval within a pure ISO 13485 environment might look like. For me it is similar to what @Remik mentioned. A specific action that is traceable to a specific person (like an ok button within a workflow) but unlike 21 CFR Part 11 without reauthenticating yourself again with Username + Password with every signature.

What are your thoughts on this?
 

MC Eistee

Starting to get Involved
#3
Just to bring this topic up a little bit.

Does anyone have an idea on how an approval within a pure ISO 13485 environment might look like? For me it is similar to what @Remik mentioned. A specific action that is traceable to a specific person (like an ok button within a workflow) but unlike 21 CFR Part 11 without reauthenticating yourself again with Username + Password with every signature.

@yodon and @Remik , have you got an idea about it?
 

yodon

Staff member
Super Moderator
#4
Indeed, there's nothing specific in 13485 to drive any particular solution / method so I think it would depend on any regional legislation. I am not aware of anything the EU has like Part 11 for devices. There is "Annex 11" but it's for medicinal products and doesn't go to the extent of Part 11. I don't really know about other jurisdictions. The requirements from Annex 11 for electronic signatures seem to lay a decent foundation:

Electronic records may be signed electronically. Electronic signatures are expected to:
a. have the same impact as hand-written signatures within the boundaries of the company,
b. be permanently linked to their respective record,
c. include the time and date that they were applied.


Implementing that foundation would seemingly put you in a defensible position in the absence of country-specific requirements.
 
Thread starter Similar threads Forum Replies Date
R ISO9001 & ISO13485 QMS for 2 types of products ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
W Setting up from scratch - Looking for help (ISO9001 / ISO13485) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
E Career Plan - ISO13485 Lead Auditor Course/IRCA certified ISO9001 Lead Auditor Course Professional Certifications and Degrees 4
K Internal Auditor Qualifications ? ISO13485 vs. ISO9001 ISO 13485:2016 - Medical Device Quality Management Systems 8
D Plastic Injection Molding: ISO9001 or ISO13485? Manufacturing and Related Processes 10
D In-house Internal Auditor (ISO9001 & ISO13485) Training & Course Contents Training - Internal, External, Online and Distance Learning 5
R Please help me to convert from ISO9001 to ISO13485 ISO 13485:2016 - Medical Device Quality Management Systems 10
J Upgrading ISO9001 to ISO13485 - Relationship of ISO9001 to ISO13485? Registrars and Notified Bodies 7
K Seeking a Comparison Guide - ISO9001 vs. ISO13485 ISO 13485:2016 - Medical Device Quality Management Systems 3
A Document "Correspondence IATF 16949 vs ISO13485" available? IATF 16949 - Automotive Quality Systems Standard 0
O ISO13485 implementation - Are internal audits expected before stage 1 audit? Design and Development of Products and Processes 3
K ERP System Software Validation - ISO13485 2016 4.1.6 Design and Development of Products and Processes 8
N Can a (class I) medical device be manufactured in a GMP certified site with no ISO13485? EU Medical Device Regulations 18
V Iso13485 certification vs CE technical audit ISO 13485:2016 - Medical Device Quality Management Systems 3
A ISO13485:2016 name and ownership changes questions ISO 13485:2016 - Medical Device Quality Management Systems 2
D ISO13485:2016 7.5.6 Process Validation Responsibilities ISO 13485:2016 - Medical Device Quality Management Systems 1
D Customer Audit Finding ISO13485:2016 7.6 ISO 13485:2016 - Medical Device Quality Management Systems 7
CPhelan Do you require MDSAP for CE Marking of a Medical Device or is ISO13485:2016 with clinical data sufficient? CE Marking (Conformité Européene) / CB Scheme 5
R How to improve a Validation program and procedures to FDA (21 CFR part 820) & ISO13485 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 3
S PPT for ISO13485:2016 Employee Training (Request) ISO 13485:2016 - Medical Device Quality Management Systems 0
Q ISO13485:2016 4.2.4 Control Of Documents - Lifetime of the Medical Device ISO 13485:2016 - Medical Device Quality Management Systems 2
S Nonconformance to a Note in ISO13485 clause 6.2 Human Resources Effectiveness ISO 13485:2016 - Medical Device Quality Management Systems 13
C ISO13485 exclusions for design and automation company ISO 13485:2016 - Medical Device Quality Management Systems 2
S ISO13485 2016 - What the upshot is of failing to upgrade on a medical diagnostic device ISO 13485:2016 - Medical Device Quality Management Systems 1
M ISO13485 Documentation packs (manual, procedures, forms etc) ISO 13485:2016 - Medical Device Quality Management Systems 3
H ISO13485:2016 Measurement System - Methods General Measurement Device and Calibration Topics 4
C ISO13485/9001 clause 6.3 (Infrastructure) ISO 13485:2016 - Medical Device Quality Management Systems 3
G ISO13485:2016 Cl. 7.5.1 - Production and Service Provision - Medical Device Repairs ISO 13485:2016 - Medical Device Quality Management Systems 3
M Looking for Cross reference of AS9100:2016 to ISO13485 AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 1
M ISO13485:2016 - Exemption vs. Not Applicable ISO 13485:2016 - Medical Device Quality Management Systems 16
K Implementing ISO13485:2016 in the Middle of a New Device Project ISO 13485:2016 - Medical Device Quality Management Systems 1
T ISO13485:2016 Clause 6.3 - Infrastructure ISO 13485:2016 - Medical Device Quality Management Systems 1
R ISO13485:2016 Clause 4.2.3 - Changes in Technical File Requirements ISO 13485:2016 - Medical Device Quality Management Systems 18
T ISO13485 cert expired - Product still CE Marked CE Marking (Conformité Européene) / CB Scheme 1
V Revised ISO std vs ISO13485:2003 - Help Please!!! ISO 13485:2016 - Medical Device Quality Management Systems 4
C Is there a strong market out there for ISO13485 certification? ISO 13485:2016 - Medical Device Quality Management Systems 11
B Must a Design Outsourcing Company have ISO13485? ISO 13485:2016 - Medical Device Quality Management Systems 3
L ISO13485 past practice labeling vs customer requirement Other ISO and International Standards and European Regulations 2
S CMDCAS ISO13485 - Bilateral agreement with SAI global to conduct Certification Audits ISO 13485:2016 - Medical Device Quality Management Systems 7
quality1 Multiple Quality Standards - AS9100 and ISO13485/9001 Cross Reference Matrix Quality Manager and Management Related Issues 3
C ISO13485 Incoming Receiving Parts Verification ISO 13485:2016 - Medical Device Quality Management Systems 13
Q ISO13485 Section 7.5.1.1 and 7.5.2.1 for a Distributor ISO 13485:2016 - Medical Device Quality Management Systems 2
B Outsource Production Line need ISO13485 Certificate ISO 13485:2016 - Medical Device Quality Management Systems 1
somashekar Clause 7.5.5. as in the text and in the Annex B (ISO13485:2003) ISO 13485:2016 - Medical Device Quality Management Systems 1
U Do we have to have foreign legal documents? (ISO13485 4.2.3 document control) ISO 13485:2016 - Medical Device Quality Management Systems 3
0 Medical Device Distribution Centre and Implementing ISO13485 ISO 13485:2016 - Medical Device Quality Management Systems 1
C Writing a Sterilization Procedure when the Process is Subcontracted - ISO13485 Quality Management System (QMS) Manuals 1
J ISO13485 Certification Scope - Registering a Subset of our Products ISO 13485:2016 - Medical Device Quality Management Systems 9
J ISO13485 Clause exclusions for a Medical Software Company ISO 13485:2016 - Medical Device Quality Management Systems 9
P How to streamline different documents in a multi plant ISO13485 QMS ISO 13485:2016 - Medical Device Quality Management Systems 8
Similar threads


















































Top Bottom