Firms urged to use ISO 9001 for biz, 13485:200x for FDA

Validation Times, July, 2001 by Ellen Beck

McLEAN, VA Companies hoping to still claim "ISO-certified" should comply with ISO 9001:2000 for business purposes, but ISO 13485:200x the new medical device quality systems (QS) standard for regulatory purposes.

While ISO 9001:2000 and ISO 9004:2000 9002 and 9003 have been eliminated and merged with 9001 to contain general elements applicable to medical device companies, it is ISO 13485, through its revision, ISO 13485:200x that will include both the needed ISO 9000:2000 standards and other regulatory requirements specific to devices, speakers told AAMI's standards conference here June 28.

Transition to ISO ends in '03

The transition to ISO 9001:2000 and ISO 9004:2000 ends in 2003, at which time all earlier ISO 9000 certifications will expire, speakers said. Device makers are being advised that while their customers may require ISO 9001:2000 certification, that alone will not pass muster with FDA.

That's because the agency has no plans to change ISO 13485 requirements so they mesh with ISO 9001:2000 into one single certification, said Kimberly Trautman, GMP quality systems expert for CDRH and a key player in the negotiations on new QS standards. In addition, European agencies support the ISO 13485:200x revisions and are actively working with FDA in this regard.

Edward Kimmelman, a consultant on regulatory affairs and quality systems, and former RA VP at Boehringer Mannheim, called the ISO 9000:2000 series more of a business document, which has "no direct relevance to regulation" so that while ISO 9000:2000 pleases the customer, ISO 13485:200x pleases the FDA.

ISO 13485:200x will have a new title: "Quality Management Systems Medical Devices System Requirements for Regulatory Purposes. ISO 9001:2000 requires companies actively assess customer satisfaction while ISO

13485:200x will encourage customer feedback on whether the company is meeting the customer's requirements.

Kimmelman said the customer satisfaction requirements in ISO 9001:2000 are "just not objective enough for use in a regulatory environment" and said the standard "has a lot of baggage associated with it."

Consultant Ed Kimmelman said firms may have to use ISO 9001 for customers and ISO 13485 for FDA... There also is the issue of what to do with ISO 13488, which had been a reference document for ISO 9002. This was eliminated in the ISO 9000:2000 series. There is work ongoing for an ISO 13488:200x, which would be the equivalent to ISO 9002:1994 for medical devices, but whether or not it will be included is uncertain, according to Kimmelman.

A working group currently is developing a briefing paper to gather advice on the subject and a decision is expected by October.