Hello Anon,
Depending on the type of standard, there may be an associated date where the new standard applies, but in most cases it is not a "compliance date" but more the previous version is no longer valid. So by default the new or current version then becomes the standard used because the previous version has been replaced and no longer valid. Quality management system standards, e.g. ISO 13485, ISO 9001, ISO 14001, typically have a 3 year transition date - again meaning the previous version at some date is no longer valid. However, in most cases ISO, IEC, and other standards do not have a transition period meaning when a new standard is published, such that the previous version is no longer valid, e.g. recent ISO 14971. Now this does mean generally there is a "transition period" understood by industry to allow movement of companies to follow the new standard - such as it would be impossible for any company to transition say 10 risk management files from one day to the next. This is why it is important to first have a regulatory intelligence program to identify when new standards, regulations, or guidance are published. Then the process should have an impact assessment as sometimes changes to the standards might only be administrative or may require full testing again. Based on the assessment, a Quality Plan (or Project Plan ) or possibly just a change notification would be done for the company to transition to new standard.
There are two other points to raise as well. The first is while many standards do not publish a transition period or a date where the new revision should be followed, there are regulatory agencies who publish dates for conformity such as the US FDA's recognised standards list. This means when premarket submissions are sent to FDA, the content of the submission can still follow the previous version up to 'X' date which would be published in the FDA's recognised standards database. (Unfortunately, the FDA's database is really the only one kept up to date and other countries will "publish" transition dates though not consistently.) The second point is using the term "compliance date" for a standard is not necessarily appropriate because most standards there is no regulatory requirement for compliance. Standards are that: standards - meaning they are "state of the art", performance, safety, standardised methodologies, etc. Any organisation can claim conformity to a standard or following a standard, but unless the regulatory requirement specifically states: you must follow X standard, then the presumption is the company is claiming conformity to the standard. No where in FDA requirements does it say you must comply with ISO 14971 (at least I am not aware of any specific call-out) - it is a recognised standard for companies as state of the art, best practice, standardised methods can follow the standard to ensure current processes are being used. In FDA guidance documents and other information they will cite ISO 14971 as the standard to be used but when submitting a premarket submission if you choose to not claim conformity to ISO 14971 that is your decision - then FDA has to determine if your products, processes, and activities around risk management are sufficient.
------------------------------
Richard Vincins RAC
Vice President Global Regulatory Affairs
------------------------------
Original Message:
Sent: 21-Jul-2020 15:21
From: Dan O'Leary
Subject: International Standards - Published date vs Compliance date?
You need to make a distinction between the standards organizations and the regulators. As a general rule, the standards organizations don't set compliance dates. An exception seems to be ISO TC 210 which published recommendations for ISO 13485:2016. I don't know of a case where an applicable regulator didn't adopt the recommendation. However, FDA doesn't recognize ISO 13485:2016.
Every country (or region) has a standards body. They may adopt a standard as a notional (or regional) standard, but that doesn't bind the regulators. For example, ANSI/AAMI ISO 13485:2016 is a national standard in the US.
Another good example is ISO 14971:2019. For ISO purposes, the prior version ISO 14971:2007, became obsolete on the date of publication.
The FDA will accept declarations of conformity to either ISO version until December 25, 2022. After that date, only ISO 14971:2019. The US national standard is ANSI/AAMI ISO 14971:2019.
Health Canada publishes a list of recognized standards, but they have not updated it in years. However, the Canadian national standard is CAN/CSA 14971:2019.
The EU has a two-tiered system (standardization and harmonization). EN ISO 14971:2019 is the regional standard adopted by CEN. However, it is not harmonized to any directive or regulation. EN ISO 14971:2012 is harmonized to the MDD, IVDD, and AIMD.
The conclusion is that know the current version from the standards bodies doesn't inform you of the regulator's decision. You need to determine that separately.
------------------------------
Dan O'Leary CQA, CQE
Swanzey NH
United States
Original Message:
Sent: 21-Jul-2020 10:15
From: Anonymous Member
Subject: International Standards - Published date vs Compliance date?
This message was posted by a user wishing to remain anonymous
Hi all,
I am revising our process that monitors and manages changes to external standards, and I'm struggling to understand if any of the standards organisations distinguish between the published date of a new/revised standard and any subsequent "compliance date" (i.e. when the standard comes into force/takes effect). Does anyone know of such a distinction? Any known examples of standards/organisations where this is the case would be very much appreciated.
Thank You