🔥 Find me at MedicalDevicesGroup.net 🔥
9 min reading time
As originally asked by Mark Driscoll, P.Eng., Ph.D.
Please share with me your experiences in acquiring the 13485 certification. More specifically, for a start-up medical device company, is it advisable to move through the process internally or hire external/experienced help? What are the expected time delays and costs of both?
A good quality system should fit like a tailored suit that allows you to move freely, not like a constricting straight jacket. As consultants, we write the quality system to fit the company. Most companies are quality-conscious and they already have most of the QS elements they need — they just need help knowing how and what to document.
Reading the standards and trying to understand what is required is one thing, but correct interpretation of the clauses (what is actually required) is another. For this reason I agree with everyone commenting that hiring a consultant for initial implementation is the way to go if finances can warrant it. In addition, a Quality System Manual (QSM) designed specifically for your company is mandatory and an experienced consultant can gear the QSM correctly to fit your company. It must include a company quality policy, an indication of all of your processes and the documentation that reflects them. Management Review Board meetings are required and must be reported on. Measurements must be taken and trending must be assessed. These items will be audited for initial implementation along with the normal items that we expect.
Annual internal audits which cover every clause in the ISO 13485, 2003 must must be conducted every year. They can be covered as a whole or in increments within the year. The company can audit itself, however, individual departments cannot audit themselves. A trained auditor from mfg. can audit QA/QC and QA/QC can audit mfg. This could save money if you have qualified people initially and will definitely save money in coming years.
An auditing body must be hired for implementation of the standard and to maintain it going forward. The implementation or Certification audit covers all of the clauses in the standard. Subsequent audits for the next 2 years will be Surveillance audits which cover only selected parts of the standard. Every 3rd year a Re-certification audit is conducted where all of the clauses in the standard are covered.
The annual audits by the ISO auditing body can run up to $15,000 annually. Consultant fees are negotiable and dependent on how much help you need to et started. You may want them to author your Quality Systems Manual and you may want to conduct your own internal audits which perhaps they review. A good notified body that we have had good relationships with is The National Standards Association of Ireland (NSAI). They will initially inquire about all of your processes and they will audit to those processes.
Dependent on resources and the manner you choose to to acquire implementation, the process can take anywhere from 6 months to a year.
If you have a friend or acquaintance in the neighborhood who works as an auditor, I suggest you approach him/her in order to co-audit a few times. That will be the most effective way to get the required experience and, as you are already willing to do internal audits free of charge to gain the experience, it should not adversely affect your lead auditor’s costing. As the audit will be able to cover more areas and you will (I believe) learn more from “tagging along” on an audit than you probably expect, I think that would be a “triple win” scenario.
Certification to ISO 13485 requires great dedication and expertise.
After certification to ISO 13485, the next steps are a quality control check, each year. It is necessary to have qualified employees. This process asks and requires continuous implementation and constant improvement.
Burrell (Bo) Clawson
Mark J Lewis
Grace Jing Yuan
Philippe R. Koninckx
Marked as spam