Regulatory Open Forum

This message was posted by a user wishing to remain anonymous

Hi RAPS Community,

We are an early stage medical device startup and have recently established our QMS in accordance with ISO 13485:2016 (although the QMS still being implemented and has not yet be certified).

We were initially aiming at the European market (hence our focus on ISO 13485, the MDR and CE marking), but we are now considering a change in direction and looking at going for FDA approval and marketing in the US first.

If we have a QMS that meets ISO 13485:2016 requirements is there anything that we would be missing from the FDA 21 CFR Part 820 QSR?  Also what requirements would we need to meet in terms of cGMP for our device?

Thanks in advance for your help and advice!

There are still some slight differences between ISO 13485:2016 and FDA QSR 21 CFR 820, though between the 2003 version and 2016 version these two are better aligned.  It is more about how review/audit/inspection is performed by the two groups as a Notified Body audit can be significantly different than an FDA inspection.

With that said, there are some differences such as FDA has a Device Master Record and ISO has a Medical Device File; while these have similar enough content, they both still need to be addressed.  QSR has sections on packaging and labeling which is not exactly specified in ISO though there are inferences such as traceability and sterile barrier systems.  It would be a good exercise for you to go through yourself mapping the differences as you are implementing a quality system so that you are completely aware.  With the ISO 13485:2016 there is bettern alignment with 21 CFR 820 such as customer complaints is now specified in ISO and some of the design control requirements.

------------------------------
Richard Vincins RAC
Vice President Regulatory Affairs
------------------------------

Original Message:
Sent: 07-Feb-2018 04:34
From: Anonymous Member
Subject: FDA QSR and ISO 13485

This message was posted by a user wishing to remain anonymous

Hi RAPS Community,

We are an early stage medical device startup and have recently established our QMS in accordance with ISO 13485:2016 (although the QMS still being implemented and has not yet be certified).

We were initially aiming at the European market (hence our focus on ISO 13485, the MDR and CE marking), but we are now considering a change in direction and looking at going for FDA approval and marketing in the US first.

If we have a QMS that meets ISO 13485:2016 requirements is there anything that we would be missing from the FDA 21 CFR Part 820 QSR?  Also what requirements would we need to meet in terms of cGMP for our device?

Thanks in advance for your help and advice!

Adding to Richard's comments, please see attached cross-reference and my comments below.

With the introduction of ISO 13485:2016, other than signature requirements, FDA 21 CFR 820 is arguably less stringent.

Signature requirements in FDA 21 CFR 820
820.30 Design controls (c) Design input
820.30 Design controls (d) Design output
820.40 Document controls
820.75 Process validation
820.80 Receiving, in-process, and finished device acceptance
820.120 Device labeling (b) Labeling inspection
820.90 Nonconforming product (b) Nonconformity review and disposition

Signature requirements in ISO 13485:2003 and ISO 13485:2016
None

Aspects of ISO 13485:2003 Not Addressed in FDA 21 CFR 820
Risk-based approach for all QMS processes, not just design
Quality manual (4.2.2)
Customer focus (5.2)
Human resources (6.2) - specific requirements to evaluate the effectiveness of training and other actions <g class="gr_ gr_669 gr-alert gr_gramm gr_inline_cards gr_run_anim Grammar multiReplace" id="669" data-gr-id="669">taken</g> 
Customer-related processes (7.2)

------------------------------
Sam Lazzara
Principal
MDQMS/MDQC
Fremont CA & Las Vegas NV (USA)
https://mdqc.blog/
------------------------------

Original Message:
Sent: 08-Feb-2018 04:32
From: Richard Vincins
Subject: FDA QSR and ISO 13485

There are still some slight differences between ISO 13485:2016 and FDA QSR 21 CFR 820, though between the 2003 version and 2016 version these two are better aligned.  It is more about how review/audit/inspection is performed by the two groups as a Notified Body audit can be significantly different than an FDA inspection.

With that said, there are some differences such as FDA has a Device Master Record and ISO has a Medical Device File; while these have similar enough content, they both still need to be addressed.  QSR has sections on packaging and labeling which is not exactly specified in ISO though there are inferences such as traceability and sterile barrier systems.  It would be a good exercise for you to go through yourself mapping the differences as you are implementing a quality system so that you are completely aware.  With the ISO 13485:2016 there is bettern alignment with 21 CFR 820 such as customer complaints is now specified in ISO and some of the design control requirements.

------------------------------
Richard Vincins RAC
Vice President Regulatory Affairs

Original Message:
Sent: 07-Feb-2018 04:34
From: Anonymous Member
Subject: FDA QSR and ISO 13485

This message was posted by a user wishing to remain anonymous

Hi RAPS Community,

We are an early stage medical device startup and have recently established our QMS in accordance with ISO 13485:2016 (although the QMS still being implemented and has not yet be certified).

We were initially aiming at the European market (hence our focus on ISO 13485, the MDR and CE marking), but we are now considering a change in direction and looking at going for FDA approval and marketing in the US first.

If we have a QMS that meets ISO 13485:2016 requirements is there anything that we would be missing from the FDA 21 CFR Part 820 QSR?  Also what requirements would we need to meet in terms of cGMP for our device?

Thanks in advance for your help and advice!

It depends on what type of establishment you are, i.e. specification developer, contract manufacturer, etc.  Your establishment type will drive aspects of  your QMS.  See 21 CFR 807 for definitions of establishment activities.

21 CFR 820 are the medical device cGMP regulations.  From my experience the main difference between the two (820 vs 13485) is the extent you have to go to, to demonstrate compliance.  However, there are requirements in 820 that are not carried over into 13485, e.g. 21 CFR 820.180(c) does not have a corresponding entry in ISO 13485.  There are several of these instances when you compare 820 to 13485.

------------------------------
William Coulston
Quality & Regulatory Affairs
San Antonio TX
United States
------------------------------

Original Message:
Sent: 07-Feb-2018 04:34
From: Anonymous Member
Subject: FDA QSR and ISO 13485

This message was posted by a user wishing to remain anonymous

Hi RAPS Community,

We are an early stage medical device startup and have recently established our QMS in accordance with ISO 13485:2016 (although the QMS still being implemented and has not yet be certified).

We were initially aiming at the European market (hence our focus on ISO 13485, the MDR and CE marking), but we are now considering a change in direction and looking at going for FDA approval and marketing in the US first.

If we have a QMS that meets ISO 13485:2016 requirements is there anything that we would be missing from the FDA 21 CFR Part 820 QSR?  Also what requirements would we need to meet in terms of cGMP for our device?

Thanks in advance for your help and advice!