Maintaining international regulatory standards is a real challenge, even for the most astute medical device organizations.
Recently, the FDA issued a warning letter to Henan Kangdi Medical Devices Co. Ltd. that accused the company of inadequate product testing. The company was then required to provide a comprehensive and independent review of its procedures, equipment, laboratory practices, and analyst competencies.
The worse part is that this was only a small part of the complete list of requests that Hanan Kangdi Medical Devices Co. Ltd needed to fulfill.
What does this all mean for your own medical device company?
We'll take a look at international medical device regulations vs. FDA 21 CFR so that you can make the small adjustments needed to secure and maintain compliance.
International Medical Device Regulations vs. FDA 21 CFR: 4 Key Differences Your Medical Device Company Needs to Know
It's been a little more than a year since the FDA announced that it wanted to unite 21 CFR 820 regulations with ISO 13485. While these revisions are excellent for standardization, they have also caused some confusion for manufacturers.
Unfortunately, the FDA hasn't released any information on what manufacturers can expect. But with risk-based approaches playing such an integral role in ISO 13485, we can make some reasonable assumptions on the forthcoming changes.
1. Risk-based approach
As you know, ISO 13485 requires users to think about risk during every step of the manufacturing process. As such, the swift implementation of safety requirements should be a top priority.
Moreover, you will need to document these requirements and any relevant risks during the design procedure. And you should also document risk management outputs as valid design control inputs and integrate elements for safe operation into your design processes.
FDA regulations do not place as much emphasis on the risk-based approach. However, the FDA does mention risk analysis as it relates to the design control process. As the risk-based approach becomes the standard, you can expect to see risk as a central part of the revisions found in CFR Part 820.
2. Training standards
It's your responsibility to make sure that your company meets FDA and ISO guidelines for training. You need to be clear on who needs to be trained, what they need to learn, and how often they need training.
Both the FDA and ISO 13485 require training. However, regulations do not specify the type of training that is required for specific roles inside your organization.
As you can imagine, this has led to some confusion about what constitutes a training exercise and how to document it properly. When it comes to training, the biggest difference between the two regulations is that ISO 13485 requires you to evaluate the effectiveness of actions taken and maintain a meticulous record of education, training, skills, and experience.
The key takeaway from both of these regulations is that your employees should be “trained to adequately perform their assigned responsibilities.”
What does this all mean for your own medical device company?
The currently accepted interpretation is that you only have to train your employees on the basic skills and knowledge that they need to perform the duties assigned for their job role—and, of course, make sure to document it all. Creating standards for every position within your company is crucial for FDA and ISO compliance.
RELATED READING: The 7 Fastest Ways to Fail an ISO Audit
3. Explicit vs. implicit guidelines for device history records
The FDA requires medical device manufacturers to create and maintain a device history record (DHR). Your DHR should include all the documentation for the lifecycle of your device—from the time it’s manufactured to post-sale. Establishing a DHR is typically one of the last steps in the process of compliance.
Some of the ISO 13485 guidelines are more implicit than the FDA’s, meaning they are a little vague and open to interpretation. Paper records can be used for your QMS, but we strongly recommend you invest in an eQMS to manage your DHR to ensure you’re complying with some of the more implicit guidelines.
Qualio was developed with medical device manufacturers in mind, and we have built-in features to help you maintain FDA and ISO compliance. By utilizing Qualio as your eQMS, your company will be ready for FDA 21 CFR Part 820 & 11 and ISO 13485 & 14971 audits.
RELATED READING: The 6 Most Common Warnings for FDA 21 CFR 820 Noncompliance
4. Level of scrutiny of your QMS
ISO 13485 certification is a necessity for medical device manufacturers, and every tiny little detail of your QMS will be scrutinized for compliance. The FDA has its own requirements for a QMS, but ISO 13485 requirements are more detailed and thorough.
In order to prepare for the ISO audit, you can do the following:
- Use an eQMS instead of a paper-based system.
- Hire an experienced consultant to help you establish your eQMS.
- Create and define all job roles with requirements for training, education, background, and experience.
- Employ internal auditors that are specifically trained in Part 820.
A paper-based QMS can quickly become a nightmare of unorganized documents that leaves you wasting valuable time searching for the documents you need. Qualio can help you create documents with ease using the built-in templates or customizing your own.
“My favorite thing is how Qualio keeps us in a constant state of audit readiness.”— Deb Glancy, Director of Quality from Dimension Therapeutics (ULTRAGENYX)
What to ask before you invest in an eQMS
Don’t invest in the first eQMS you find on impulse. Take the extra time to assess the unique needs of your company and compare your options.
There are some specific questions you need to ask yourself before choosing an eQMS provider. We are so confident that Qualio is the best solution for your medical device company that we have prepared a free guide to help you know what to look for in an eQMS.
Download your copy of our free guide today and learn what to ask before investing in eQMS software: 12 Questions to Ask Before You Buy an eQMS.