Let's talk about your project today

Non-compliance is a non-option! Your Complete PLM Approach to ISO 13485:2016

The number of medical devices recalled from the market nearly doubled in the decade leading up to 2012. Why is this? As medical devices became more and more advanced, regulations lagged behind. But, over the last five years, the medical device industry’s focus on quality has matured from a reactive approach to one of incorporating quality throughout the product lifecycle.

For instance, in 2011 the FDA instituted the Case for Quality following an in-depth review of device quality data and feedback from both FDA and industry stakeholders. Today, the Case for Quality helps to ensure that medical device OEMs are meeting the highest levels of device quality and safety throughout the product lifecycle.

But it’s not just the FDA that’s making strides towards increased quality. The International Organization for Standardization (ISO) in February of 2016 released its long awaited revision to ISO 13485, the global standard for medical device quality management systems (QMS). Replacing its previous 2003 version, the new revision places a much greater emphasis on QMS throughout the complete product lifecycle.

While over the next three years, ISO 13485:2003 and ISO 13485:2016 will coexist, medical device OEMs need to start making the transition now to fully comply with the new standard by 2019. Let’s go over some of the revision’s new updates and what needs to be considered throughout each phase of the product lifecycle.


It’s never too early to begin thinking about the regulatory implications of a new or updated medical device. We have written before about three key considerations in putting together your regulatory strategy. But, when we consider the updates to ISO 13485:2016 in particular, a few notable changes will affect your processes in these early stages of the product lifecycle.

To begin, ISO 13485:2016 now applies to all organizations and partners used in any part of the product development process – no longer just the manufacturer whose name is on the final product. This is part of the regulation’s reinforcement of a risk based approach to your organizations QMS processes. Risk management methods and techniques are now required to be applied to all QMS processes, even outsourced ones.

ISO 13485:2016 also places a greater emphasis on product usability as a design input. While specific usability requirements can be discerned from other standards including the recently revised IEC 62366-1:2015 (for high usability medical devices), medical device OEMs need to be able to prove that product usability and safety requirements can be verified or validated. For connected medical devices, this is even trickier as ISO 31485:2016 also wants medical device OEMs to show that the usability and safety requirements are met while the product is interfaced or connected to others.


The good news in the Development Phase is that ISO 13485:2016 now increases the linkage with other regulatory requirements, particularly in the required regulatory documentation. This should ease some of the burden in regulatory submissions for both ISO 13485:2016 along with any accompanying standards.

The revised standard also fills in some of the gaps ISO 13485:2003 had with regards to design and development changes and provides more clear instructions on how to comply. The new standard asks OEMs not only to establish processes to control changes and to evaluate their significance and impact, it now also expects you to maintain a file for each medical device or family of medical devices that documents these changes.

But the additional requirements don’t end there. The new standard also expects OEMs to establish processes for product handling, storage, measuring, revalidation and traceability in addition to product verification, validation, monitoring, inspection and testing requirements inherent in the old version of the standard. But, again, some of these are overlapping with what other standards require.


Finally, the last and longest phase of the product lifecycle, the Fulfillment Phase. We briefly touched on the revision’s emphasis of risk based thinking. This is inherent throughout ISO 13485:2016, but also in the sections that detail purchasing and supplier monitoring.

The old section on purchasing is now divided into four sections that provide a lot more detail into the “HOW” of selecting and monitoring suppliers. All purchased products need to go through a risk assessment for OEMs to consider the effect these products have on the safety and performance of your medical device. Similarly, supplier performance must also be considered for risk. If a supplier underperforms or updates their product, what does that mean for your medical device? Both old and new standards required you to establish a record of supplier evaluations, but with the new standard you are asked to record all supplier monitoring and re-evaluation processes.

Corrective action is another area that was expanded with the regulation update. ISO 13485:2016 requires OEMs to investigate the delivery of all nonconforming products to determine if corrective action is needed and if suppliers or other vendors need to be notified. Documenting all corrective and preventative action and implementing corrective action without delay is now a requirement.

Complying with all of these changes might seem like a daunting task, especially when you consider that this is by no means an exhaustive list of updates. But, there are experts who help guide you through the transition. With the right QMS and partners in place along with early planning and implementation, you can help ensure that your organization is ready by 2019.


Ready to take a new approach to product development?

Logic PD can help you manage the complete product lifecycle from ideation to end of life.