国际医疗器械设计与制造技术展览会

Dedicated to design & manufacturing for medical device

September 24-26,2025 | SWEECC H1&H2

EN | 中文
   

3 Ways to Prepare for ISO 13485/Part 820 Harmonization

In 2018, the U.S. Food and Drug Administration (FDA) began entertaining the idea of harmonizing its regulatory requirements for the medical device quality system regulation (QSR)—detailed in 21 CFR Part 820—with the requirements in ISO 13485. The resulting regulation would be called the Quality Management System Regulation (QMSR) and would require medical device manufacturers to develop a quality management system (QMS) that meets the standards of ISO 13485.

To date, the action has not been finalized but following a four-year delay, the agency is moving closer to harmonization. Once finalized, the FDA is proposing a one-year transition period from the publication of the final rule for device manufacturers to adapt to the new regulation. With the finalization rapidly approaching and a short transition timeframe, medical device companies are encouraged to begin preparing for compliance with the new regulation.

Reasoning for Harmonization

Part of the FDA’s mission is to continue improving medical device quality, safety, and effectiveness. Along the way, the agency strives to develop or adopt new approaches to regulatory processes that can alleviate the burdens experienced by manufacturers. With the harmonization, the agency intends to eliminate the redundancies involved in compliance with both the QSR and ISO 13485. In addition, the new QMSR will more closely align the U.S. with many of the other regulatory authorities around the world.1

Key Similarities and Differences

Over time, ISO 13485 has steadily evolved to resemble Part 820. Because much of Part 820 and ISO 13485 already align, the FDA doesn’t anticipate a difficult transition for the industry. That may be true for some organizations, as day-to-day operations for a medical device manufacturer might not be dramatically impacted by the change. It is likely that quality departments will mostly be affected by the harmonization.

The most noticeable difference is the ISO 13485 standard puts a greater emphasis on risk management activities and risk-based decision-making. Risk management for device manufacturers is the systematic practice of identifying, analyzing, evaluating, controlling, and monitoring risk throughout the product lifecycle to ensure the devices they manufacture are safe and effective. Part 820 addresses risk management activities, but only in the risk analysis requirement within design validation. In ISO 13485, risk is more thoroughly embedded in quality processes. Manufacturers will be expected to integrate risk management activities throughout their quality system and across the product lifecycle.2

Additionally, the FDA intends to adapt to some of the terms in ISO 13485—one of which is removing the term “device master record (DMR)” from the QMSR. This term is not used in ISO 13485 and the agency believes the requirements for this regulation are adequately covered in Clause 4.2.3 of the standard.

Along with the new QMSR, the FDA plans to revise its inspection policy known as the Quality System Inspection Technique (QSIT). The proposed rule cites that the new inspection approach would be similar to the current QSIT, but with adjustments reflecting changes to FDA QMSR regulations. Inspections would involve collection of information supporting observations noted during the inspection as well as those included on a Form 483.

1. Ramp Up Risk Management

The expanded risk management requirements entail a complex process that includes establishing more effective methods of risk analysis and assessment. To ensure product quality and efficacy, it will be essential for manufacturers to augment their current risk management processes. Manufacturers should plan on conducting a number of risk analyses to identify potential hazards with their product’s design in both normal and fault conditions. The risk analysis must also include hazards due to user error. All this involves shifting from a reactive to a proactive approach to risk management.

The guidances and standards have always left the “how” up to the companies regarding medical device design and development. However, a guidance published by the Global Harmonization Task Force encourages companies to embed risk management principles into their quality management systems.3 Some of the most common methods for assessing risk include a risk matrix, risk register, and a Failure Mode and Effects Analysis (FMEA). Risks are not always readily apparent, however—sometimes a deviation or functional discrepancy can be part of a larger risk or a new risk the manufacturer will need to monitor more closely. Therefore, companies need a practicable and effective risk management system in the organization that involves employing a systematic, data-driven approach to monitoring trends and identifying and mitigating risks.

Setting up an effective risk management system entails effectively aligning people, processes, and technology. This all starts with building a risk management plan that includes clearly defined, documented policies, such as a policy for risk acceptability. Best practices include establishing organization-wide collaboration, clarifying priorities, and empowering people in all areas to make decisions, including stopping production if necessary.

2. Pursue ISO 13485 Certification

According to the regulatory amendment, harmonization will not impact a company’s ISO 13485 certification status. The FDA will retain its inspectional authority. Inspections will not automatically grant certificates of conformance to ISO 13485, nor will having an ISO 13485 certificate exempt a company from FDA inspections. Still, given the QMSR will follow the guidelines in ISO 13485, earning a certification for the standard is highly recommended.

The ISO 13485 standard is designed to help companies create a roadmap to achieve and maintain the objectives outlined in the standard. In addition to ensuring consistent delivery of safe and quality products, the standard also includes measures for companies to pursue continuous improvement.

There are many advantages to obtaining an ISO certification. For example, a byproduct of having formalized processes and procedures is increased productivity. Staff have more clarity with the company’s vision, strategies, and their individual responsibilities. Business units are less likely to have competing priorities, resulting in higher efficiency. Certification is also a competitive differentiator. Many companies prefer to do business only with organizations that have ISO certification credentials.

3. Ensure Inspection Readiness

Digitizing quality management would simplify the transition to the updated requirements. A digital QMS is inherently paperless. This eliminates the time-consuming processes of tracking down paper documents and comparing copies to identify the most recent versions. Medical device companies using a digital QMS will be better prepared to comply with the QMSR. For example, documentation is key to passing any inspection. Effective document control is essential because it touches all other quality processes. Having all documents and reports up to date and in line with the new regulation will streamline regulatory processes and improve the chances for successful compliance.

Medical device manufacturing requires precision procedures to ensure compliance with stringent quality and safety guidelines. There are numerous details to scrutinize to avoid deviations and nonconformities, especially when the regulatory spotlight will be pointed more toward risk management. There needs to be a way to quickly identify and resolve issues up and down the supply chain with minimal delays. A modernized QMS can integrate with quality processes such as training management, corrective action/preventive action (CAPA), supplier management, and customer complaints. That said, it’s in a company’s best interest to know if there’s an opportunity for automation with quality management. The ability to integrate all quality processes improves communication, collaboration, and data sharing across all business units.

References
1 “Proposed Rule: Quality System Regulation Amendments – Frequently Asked Questions,” U.S. Food and Drug Administration (FDA), Feb. 2, 2022.
2 “Medical Devices; Quality System Regulation Amendments,” U.S. Food and Drug Administration (FDA), Feb. 23, 2022.
3 “Global Harmonization Task Force, Study Groups 1, 2, 3, and 4; New Proposed and Final Documents; Availability,” U.S. Food and Drug Administration (FDA), Jan. 25, 2006.
Article source:Medical Design Outsourcing

X