There are estimated to be 5,300 to 5,600 medical device companies in the United States alone, each with new, cutting-edge technologies. However, as advanced as these devices must be, above all else, they must operate safely. The International Organization of Standardization (ISO) developed the standard ISO 13485, which provides guidelines around the quality management of medical devices.
Although ISO 13485 is helpful as a harmonized standard, there’s one catch. ISO is not a governing regulatory body like the FDA or others, which means they do not publish any audit findings or violations to the public from which other manufacturers can learn.
With more than 20 years of experience in the medical device industry, I’ve helped many medical device companies adopt ISO 13485. After many implementations, I’ve also seen my fair share of mistakes made by companies with regards to this standard. However, three, in particular, stand out as some of the most common, and also most avoidable. Check out the following three mistakes manufacturers often make when implementing ISO 13485 and how you can avoid them.
#1: Limited CAPA Understanding
There’s an important distinction that must be understood when it comes to your CAPA processes, with the key difference being between “corrective action” and “preventive action.” Unfortunately, many do not adequately understand the difference, which leads to poorly defined processes. Understanding CAPA is vital for the success of ISO13485 implementation. Below are the definitions as outlined in ISO 13485:
- Corrective Action: Eliminate the cause of nonconformities to prevent a recurrence.
- Preventive Action: Eliminate the causes of potential nonconformities to prevent their occurrence.
Any lack of understanding regarding these processes can lead to “death by CAPA,” which can occur if the execution goes poorly to the point that potential issues fail to be effectively prevented or eliminated.
Failure to properly implement CAPA processes is often the first mistake auditors look for when diving into device issues. You’ll often find that this is a key area that auditors will consider in their findings and can lead to a 483 observation or even warning letter if not built effectively. It’s very important to never skip over the building of effective CAPA processes within your QMS.
#2: Treating ISO 13485 Standards like a Checkbox
Many things in life have come to be treated like a to-do list, a check-the-box activity to complete a task before moving onto the next. Unfortunately, this has also grown to be the mindset with ISO 13485 processes. ISO 13485 has many “must-do” requirements, so it’s common for contract manufacturers to use this same mindset for achieving the certification title, strictly for the competitive advantage and not for the level of quality assurance that the 13485 framework offers.
A holistic approach should be taken during ISO 13485 implementation to emphasize quality from the start. Building a solid foundation centered around a quality assurance mentality will improve overall company culture and ensure these standards are met in all operations.
When organizations abandon the checkbox mentality and instead adopt a quality-first mindset throughout implementation, they often find themselves offering significant value to employees and customers.
#3: Failure to Perform Internal Audits
Many companies have approached me seeking help when they are about to lose their ISO 13485 certification. For example, one organization had undergone an audit in previous months before gaining its ISO 13485 certification, and the report cited two critical findings. The significant error being that the company had failed to conduct any internal audits. This meant that there was no insight into issues that existed within their products. The second issue is that since there was no insight into problems, no necessary changes had been made to their devices.
Internal audits are critical to success in the medical device industry and should be performed at least annually—if not more often. By diving into general processes, document management, and other areas within your QMS, a sense of accountability is created, and significant improvements and updates can be made to devices in a timely manner.
While these mistakes can be dire, they are also entirely avoidable. By dropping the checkbox mentality and ensuring accountability and understanding, the medical devices you produce will be safer and more effective for patients, and companies will drive a sense of value and quality assurance for ongoing success.