According to ISO 13485 standard it can be used by organizations involved in one or more stages of the life-cycle of a medical device, including design and development… Furthermore, it can also be used by suppliers or other external parties providing product (e.g. raw materials, components, subassemblies…) to such organizations. The supplier or external party can voluntarily choose to conform to the requirements of ISO 13485 or can be required by contract to confirm.
In case the product cannot be unambiguously defined to be a medical device or any of the related products identified in the ISO 13485 but the manufacturer still wants to certified against ISO 13485 – is this acceptable or not?
And more generally can ISO 13485 be used for certification purposes in the voluntary field outside the proper scope of the standard?
March 2017
Supplier or external party shall demonstrate the intention of its “product” (item such a device, part incorporated in a device, raw material etc.) or service in the context of an application or use of a medical device.
- CAB (certification body) has to perform a contract review considering the elements stated in this answer (see below) including the national interpretation of medical devices performed by the national regulatory authorities (apply list of medical devices or family of medical devices). .
- Activity or product shall fall into the definition of (ISO 13485:2016 – 3 Terms and definitions – 3.11 medical device (see also source GHTF/SG1/N071:2012, 5.1 and 5.2 ( note GHTF/SG1/N071:2012 5.2 is not mentioned in ISO 13485:2016. Therefore, ISO 13485:2016 is not fully clear in the non-regulated field of IVD.
The supplier or external party seeking certification according to ISO 13485:2016 shall justify all not applicable clauses of ISO 13485:2016. The CAB shall critically audit the reason for not applying the requirements. Certification bodies shall always avoid certifying when it has some indication that a standard is applied in a way to only pretend compliance in the medical device field and in reality, it does not fit the encountered activity. The contract review of the supplier or external party shall always include an investigation of the purpose of the use of the ordered “product” or service.
Conclusion: If no clarity is reached the supplier or external party should better be certified against ISO 9001:2015 only. Therefore, there shall be no certification outside the proper scope of the standard ISO 13485:2016. The only difficulty lies in the evaluation of the boundary of the scope of the standard ISO 13485:2016 as it will contain some arbitrary components and perhaps some national particularities.