There are big changes coming up in the regulation of European medical devices, with anyone who sells medical devices in the European markets likely to be affected. Ineffective processes and regulations are likely to be weeded out, with changes likely to be applied across the board.
One area that is under review is the auditing process for ISO 13485 management systems. As yet, there is no definitive guidance on exactly what the changes are likely to involve, but it is expected that, in addition to the standard scheduled audits, unannounced audits are also likely to be a thing of the future.
It is thought that planned ISO audits are likely to continue as they currently stand, but that businesses could also be subject to unscheduled, unannounced audits of their ISO 13485 systems. That would ultimately mean more auditing for businesses, and more telling results, but how would it work? One suggestion is that unannounced audits will take place alongside scheduled audits during a device’s medical validity certificate, while another is that an unannounced audit could spell out a lack of need for a scheduled audit in the following year. Whatever the eventual decision, there are some big questions around what the changes will mean, and how they will work.
For example, what if the company is on shut-down at the time of the unannounced audit, or the quality manager is not around? Will the company still pass an audit in cases like this? Another question mark hangs over the cost implications. Additional audits equal additional cost, which at the moment is being met by device manufacturers, but will this still be the case? Will it be the manufacturers who are responsible for paying the unannounced audit costs, or the suppliers of these devices? Plus, will there be enough auditors to take on the extra checks that will be needed? This is particularly relevant as some sources are claiming that the unannounced audits will require two auditors, an ISO 13485 management system auditor and a technical specialist, meaning that the process could well become even more complicated than first thought, in an area that already has plenty of existing complications.
These planned changes will only apply to ISO 13485 organisations, ISO 9001 companies need not worry. If the predicted changes to the auditing process go ahead, a lot of work will need to be done to make the process as efficient as possible, something that is already seen as an issue with planned audits. Those who supply to medical device manufacturers or who are ISO 13485 certified should stay alert.
