3. Medical
Devices
āmedical deviceā means any instrument, apparatus, appliance, software, implant, reagent, material
or other article intended by the manufacturer to be used, alone or in combination, for human
beings for one or more of the following specific medical purposes:
ā diagnosis, prevention, monitoring, prediction, prognosis, treatment or alleviation of disease,
ā diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or disability,
ā investigation, replacement or modification of the anatomy or of a physiological or pathological
process or state,
ā providing information by means of in vitro examination of specimens derived from the human
body, including organ, blood and tissue donations,
and which does not achieve its principal intended action by pharmacological, immunological or
metabolic means, in or on the human body, but which may be assisted in its function by such
means. The following products shall also be deemed to be medical devices:
ā devices for the control or support of conception;
ā products specifically intended for the cleaning, disinfection or sterilisation of devices as referred
to in Article 1(4) and of those referred to in the first paragraph of this point.
MDR EU 2017/745 ā Article 2(1)
4. EU Medical
Device
Regulation
ā¢ Three Medical Device Directiveās
ā¢ Came into force in 1993, last updated in 2007
ā¢ Now outdated with current technology
ā¢ Directives replaced with MDR and IVDR 2017
ā¢ Come into force in May 2020 for MDR and May
2022 for IVDR
ā¢ No āgrandfatheringā all deviceās new and old
must comply with new regulations
5. Device
Classification
ā¢ MDR
ā¢ Class I; Class I (Sterile); Class I (Measuring);
ā¢ Class IIa; Class IIb;
ā¢ Class III
ā¢ IVDR
ā¢ Class A
ā¢ Class B
ā¢ Class C
ā¢ Class D
6. Device Class
Examples
Class I ā Wheelchairs
Class I (Sterile) ā Sterile Bandages
Class I (Measuring) ā Urine collection bottles
Class IIa ā IV Administration Sets
Class IIb ā Infusion Pumps
Class III ā Pacemakers
7. New Devices
added to
scope
Products without an intended medical purpose
ā¢ Contact lenses or items to be introduced into
the eye
ā¢ Body Modification via surgically invasive means
ā¢ Dermal or mucous membrane fillers
ā¢ Liposuction, lipolysis or lipoplasty equipment
8. Borderline
Devices
Grey Area
Devices that could be considered as a Medicine or
incorporate medicinal products; if there is doubt
the medicines directive takes precedence.
Its usually best to get the MHRA to decide where
these devices fall under classification.
9. General
Requirements
ā¢ The General Requirements found in Annex I of
MDR
ā¢ These are the safety principles that medical
device manufacturers need to demonstrate
evidence against to show conformity
ā¢ The principles are broad to cover all types of
devices, so some may not be applicable to your
device
ā¢ Conformity is usually demonstrated though
applying consensus standards (ISO, EN, BS,
ANSI)
10. Commonly
used
Consensus
Standards
ā¢ ISO 13485 ā Quality Management
ā¢ ISO 14971 ā Risk Management
ā¢ ISO 62366 ā Usability Engineering
ā¢ ISO 10993 ā Biological Evaluation
ā¢ ISO 15223 ā Symbols for labelling
ā¢ EN 62304 ā Software Life Cycle
ā¢ ISO 60601 ā Electrical Safety
ā¢ ISO 11607 ā Packaging for terminally sterilized
medical devices
11. Risk
Management
ISO 14971
ā¢ Risk Management plays the most important
part of the Design, Manufacture and Post
Market activities
ā¢ This must be demonstrated through application
of risk management principles through out the
life cycle of the medical device
ā¢ Using ISO 14971 standard satisfies the
requirements of MDR
12. Verification
and Validation
ā¢ To demonstrate that your devices design inputs
meet the design outputs a manufacturer has to
perform verification and validation.
ā¢ There may be specific standards that apply to
your device to demonstrate verification and
validation testing
ā¢ If your device has electronics then ISO 60601
ā¢ If your device is supplied sterile then ISO 11607
may apply
ā¢ If your device is software or incorporates
software then EN 62304 may apply
13. Biological
Evaluation
ISO 10993 Series of Standards
ā¢ If your medical device has patient contact either
directly or indirectly a biological evaluation in
line with ISO 10993 will be required
ā¢ Chemical characterisation testing and Biological
testing maybe required depending on how
much toxicological evidence is already available
14. Clinical
Evaluation
ā¢ All medical devices require a Clinical Evaluation,
this must be reported inline with MEDDEV 2.7/1
Revision 4.
ā¢ This is a report that critically evaluates the
clinical information available for your device or
similar devices
ā¢ Clinical Trial (if required) information would be
included in this report.
15. Labelling
ā¢ Labelling must be included with all medical
devices
ā¢ It must contain recognised symbols in line with
ISO 15223-1
ā¢ It must contain the CE mark and designated
Notified Body Number (if relevant)
ā¢ Must contain any warnings or contraindications
identified from risk management activities
16. UDI (Unique
Device
Identifier)
ā¢ The Unique Device Identifier is a new addition
for MDR
ā¢ It is to allow for full traceability of medical
devices
ā¢ It is a barcoded format with details of the
device inputted onto a EU database by the
manufacturer
ā¢ First Part of the Code will identify the device
and manufacturer (Static) and the second part
of the code will identify the batch or serial
numbers (Dynamic)
18. Post Market
Surveillance
ā¢ Post Market Surveillance Plan
ā¢ Vigilance
ā¢ User feedback
ā¢ PMCF (Post Market Clinical Follow Up)
ā¢ PSUR (Periodic Safety Update Reports ā Class IIa
upwards)
19. Technical File
ā¢ Device Description
ā¢ Labelling
ā¢ Design and Manufacturing
ā¢ General Requirements Checklist
ā¢ Risk Management
ā¢ Verification and Validation
ā¢ Biological Evaluation
ā¢ Clinical Evaluation
ā¢ Post Market Surveillance
20. Notified
Bodies
ā¢ Notified Bodies (NB) are registered with
Competent Authorities (MHRA) to issue CE
mark certificates to Medical Device
manufacturers, for Class I (measuring) Class I
(Sterile), Class IIa, Class IIb and Class III devices.
ā¢ Certificates are issued for 3 years with an
annual surveillance audit
ā¢ Notified Bodies also perform unannounced
audits (if the manufacturer does not let them
perform the audit they loose their certification)
21. CE Marking
ā¢ Manufacturers of Class I devices self-certify and
do not need a NB assessment of their technical
file to apply the CE mark to their devices. They
will need to register with a EU Competent
Authority
ā¢ Manufacturers of Class I M/S and Class II
upward devices need to have their CE mark
certificated by a NB. The CE mark will need to
be displayed on the device followed by the NBs
designated number
22. Brexit
ā¢ Draft legislation has been issued UK MDR 2002
(as amended by the UK MDR 2019)
ā¢ Regulation will be the same as MDR and IVDR
ā¢ Manufacturers outside of the UK who sell into
the UK will need to apply a CE mark equivalent
ā¢ Manufacturers outside of the UK will need a UK
Authorised Representative with a registered
address in the UK
ā¢ Manufacturers in the UK will need a EU
Authorised Representative with a registered
address in a member country
ā¢ There will be a transition period as per the
Brexit withdrawal agreement
23. No Deal Brexit
ā¢ All UK registered NB CE mark issued certificates
will become invalid from the 29th March 2019
ā¢ Currently only BSI can transfer their issued CE
marks over to their Netherlands registered
office
25. What is ISO
13485:2016?
ISO 13485: 2016 is an internationally agreed standard that sets out the
requirements for a quality management system specific to the medical device
industry.
The standard is divided into the following sections:
1. Scope
2. Normative references
3. Terms and definitions
4. Quality management system (requirements)
5. Management Responsibility
6. Resource management
7. Product realization
8. Measurement, analysis and improvement
Clauses 4 ā 8 are auditable
26. Who is the
standard
relevant to?
ISO 13485: specifies requirements for a quality management system where an
organization needs to demonstrate its ability to provide medical devices and
related services that consistently meet customer and applicable regulatory
requirements. (ISO)
Organisations for which the standard is relevant may be involved in one or more
stages of the life-cycle of the device, including the following:
- Design and development;
- Production;
- Storage and distribution;
- Installation;
- Servicing;
- Provision of technical support;
- Provision of components/raw materials for medical devices;
- Sterilisation services;
- Calibration/maintenance services;
- Quality management system services.
27. Is the
standard
mandatory?
The standard is not mandatory.
The decision to certify to the standard will be
based on the following:
- Customer requirements (tendering);
- Internal requirements ā see also benefits of the
standard;
- Regulatory compliance (for legal manufacturers
of medical devices) ā see link to MDR
28. Link to MDR
EU/2017/745
ā¢ The new MDR provides greater detail than the
MDD for the requirements of a quality
management system (Article 10)
ā¢ 13 requirements are listed
ā¢ All but one of them can be linked to a relevant
clause in ISO 13485:2016
ā¢ Exception ā Strategy for regulatory compliance
29. Benefits of
implementing
the standard
ā¢ It is the most effective standard covering the
requirements of a QMS stated in the new MDR;
ā¢ Certification to ISO 13485:2016 provides confidence
to the Notified Body that systems are compliant
with MDR requirements;
ā¢ Enhanced reputation;
ā¢ Greater tendering success;
ā¢ Assurance for customers that the product and
service will be of the required standard;
ā¢ Effective control of processes/less waste;
ā¢ Enhanced customer satisfaction;
ā¢ Continual improvements.
30. ISO 9001:2015
V ISO 13485
ISO 9001:2015 is the most recognized standard for quality
management; however ISO 13485:2016 is the most suitable
standard for medical device organisations.
The main differences between 9001 and 13485 are:
- 9001 is not product specific (Several inclusions in the
13485 standard, specifically related to medical devices);
- Regulatory requirements are addressed in ISO
13485:2016;
- ISO 13485 mandatory documentation is more onerous
than 9001;
- 9001 requires the monitoring of customer
satisfaction/13485 demands that information is
monitored to ensure customer requirements are met;
31. Mandatory
Documentation
ISO 13485:2016 requires considerably more mandatory documentation than ISO 9001
Mandatory documentation includes the following:
- A medical device file;
- Quality manual;
- Quality Policy
- Quality objectives
- 23 procedure requirements
- Records and miscellaneous requirements
In addition to mandatory documentation, the organization must also maintain
documentation specific to the control of the organizationās processes and to comply with
relevant regulatory requirements.
The complexity of the documentation is relative to the process it refers to the controls
needed.
NB: Documentation is not mandatory if the company can justify an exclusion or non-
applicable process.
32. Process
Approach &
PDCA
The standard is based on a āprocess approachā to quality management.
A āprocessā can be defined as any activity that converts an āinputā to an āoutputā.
An output of one process often becomes an input of another process.
A process approach to quality management involves the management of the
interaction of processes to achieve the desired outcome.
There is a requirement in the standard to determine this interaction of
processes.
The āPlan, do, check, actā system is also incorporated within the system.
Plan ā procedures/work instructions/objectives
Do - performance
Check ā audits/data analysis/measuring and monitoring/management review
Act ā Improvements/new objectives/corrective actions
33. Risk
Management
Risk management is in fundamental concept of ISO
13485:2016 and is referenced numerous times within
the standard.
Section 4.1.2 states āThe organization shall apply a
risk-based approach to the control of the appropriate
processes needed for the quality management system.
Previous revisions of the standard focused risk
management on product alone, but the 2016 standard
requires additional risk management of processes,
ensuring ārisk-basedā decisions are applied throughout
product realization.
34. Scope,
Exclusions and
Non-Applicable
clauses
The scope of the Quality Management System must
be defined within the Quality Manual and
justifications stated for any exclusions or non-
applicable clauses.
When defining the scope, it is not permittable to
exclude or claim N/A for any activities that are part of
the product realization process.
Exclusions are limited to design and development
activities only.
Non-applicable clauses are limited to clauses 6,7, and
8 only
35. Management
Commitment/
Management
Rep
An effective system requires commitment from āTopā management. (Clause 5.1)
The standard requires management to provide evidence of this commitment by:
- Communicating to the organization the importance of meeting customer and applicable
standards;
- Establishing the quality policy;
- Ensuring quality objectives are established;
- Conducting management reviews;
- Ensuring the availability of resources
Top management must also appoint a management representative for the QMS with the
following responsibilities:
- Ensuring processes needed for the QMS a documented;
- Reporting to top management on the effectiveness of the QMS and need for
improvement;
- Ensuring the promotion of awareness of applicable regulatory and QMS requirements
throughout the organization.
- (Typically the Management rep will be responsible for document compilation and
control, coordinating management review, the audit schedule, and corrective
actions/complaints)
36. Certification
process
- Appoint a Notified Body (4 in the UK ā BSI,
LRQA, SGS, UL)
- Prepare all documentation
- Implement system
- Stage 1 Notified Body Audit (Document review)
- Stage 2 Notified Body Audit (Full system review)
- Allocation of certificate following successful
audit (3 year validity)
- Annual surveillance audits
37. Getting
started!
- Confirm responsibilities for the QMS (Top Management, process owners, auditors)
- Appoint Management Representative with knowledge and skills to implement system;
- Agree Quality Policy in compliance with 5.3 of the standard, stating the overall aims of
the organization and providing a framework for establishing objectives;
- Agree initial objectives, including goals, measures and strategy for achievement;
- Confirm and compile processes necessary for effective management of the system,
including relevant mandatory procedures;
- Confirm system for generating relevant mandatory records is in place;
- Compile Quality Manual in compliance with clause 4.2.2, including an interaction of
processes;
- Review documentation against the requirements of the standard (clauses 4 ā 8) ā
compliance matrix?
- Implement system (awareness, training)
- Check effectiveness of system (audits/management review)
38. Patient Guard
Patient Guard can provide support for your
organization, offering the following service:
- Compilation and implementation of QMS
documentation;
- 13485:2016 training and awareness;
- Internal and supplier audits;
- Coordination and support with Notified body audits;
- Complaint and vigilance support;
- Management representative responsibilities.
- MDR/IVDR Transition services
- Qualified Person