News

Understanding ISO Certifications: Important Information for all Healthcare Decision Makers

What does it actually mean when a medical device company claims they are ISO certified? ISO certifications serve as proof that a company meets quality management system (QMS) requirements, but not all certifications are created equal.

Thu Mar 03 2016By Lawrence Nguyen, Other Author

 

 

What does it actually mean when a medical device company claims they are ISO certified? ISO certifications serve as proof that a company meets quality management system (QMS) requirements, but not all certifications are created equal. This has led to ambiguity around what the certifications really prove about a company’s QMS and questions about working with third party vendors claiming to be certified.

The easiest ISO certification for a company to obtain is 9001:2008. In his article - “What is ISO Certification, and What Does It Mean?” - Gary Moore, B.Sc., MA, FASE, states that this certification establishes the criteria for an overall quality management system and can be applied to any company, regardless of the industry. Any organization, from a coffee shop to a zoo, can obtain 9001 certification to prove that it meets customer satisfaction requirements. If a medical device company is 9001 certified, it’s a good indicator that they adhere to standard business practices, but it does not prove that they are certified to manufacture or repair medical devices.

ISO 13485:2003, however, is much more specific to the medical device industry. Moore explains that ISO 13485 was designed to produce a QMS that demonstrates thorough objective evidence that a company can provide medical devices and related services that consistently meet both customer and regulatory requirements. While being 13485 certified does not fulfill the requirements of either the FDA or foreign regulators, the certification aligns an organization’s management system to the requirements of the FDA’s Quality System Regulation (QSR) requirements and a variety of other international regulatory requirements. Therefore, the 13485 certification creates a QMS that serves as a framework on which companies can build compliance to various regulatory and customer requirements.

 

For example, if a company wants to include ultrasound probe repair in the scope of its ISO certification, it must pass a detailed ISO 13485 audit by a certified independent third party. The auditor will focus on the elements of the QMS and relevant regulatory requirements related to probe manufacturing and repair. If the company passes its annual audit, it demonstrates that they are certified to be in compliance with the ISO 13485 standard.

The International Organization for Standardization (ISO) developed ISO 13485 as an international set of requirements to help manage medical device companies and serve as a baseline to measure their services against. Compliance by medical device companies is voluntary. However, ISO is not involved in the certification process. A third party accreditation firm that has been approved by the ANSI-ASQ National Accreditation Board (ANAB) performs an audit of the company seeking certification, which could take anywhere from a couple days to a month to complete. Audits are then performed annually to monitor the company’s progress.

Healthcare leaders can review a list of certified companies, including a scope of the services they provide, the certification they hold, and who certified them, on The Independent Association of Accredited Registrars’ website. This will give healthcare leaders a better idea of which accreditation firms are used most commonly and what the scope of each company’s certification entails.

For companies that manufacture or repair medical equipment, the 13485 certification is a good measurement of their abilities and the quality of the equipment that they produce. However, the same certification requirement is applied to all companies in the medical device industry even though some requirements are not applicable to all companies. If there are ISO requirements that aren’t applicable to a company’s services, the company is allowed to redact the irrelevant requirements from the scope of its ISO application. For example, not all ultrasound support companies repair the same parts. Some may repair only probes, while others will repair parts and transducers. Due to the ability to redact requirements from the scope of ISO audits, both companies can receive an ISO 13485 certification.

The fact that the scope of ISO audits and certifications can vary so widely presents a challenge for healthcare administrators seeking the best service providers to support their organization’s medical equipment. ISO certifications can be a great measurement of a company’s business processes and abilities, but if a company in the medical device industry claims to be ISO certified it’s important for healthcare leaders to look closely at the scope of its ISO certification claim.

In some cases, particularly when it comes to brokerage firms, ISO certifications may not be the best indicator of the company’s ability to provide high quality medical device parts and healthcare leaders should seek out another way to vet the company. Seeking information about the companies that conduct repairs for the brokerage firm, for example, can help determine whether the parts are being repaired correctly. Obtaining vendor references from other healthcare organizations is another good method for verifying the quality of a vendor’s services.

When it comes to ultrasound equipment support companies, healthcare leaders should also consider the length of the warranty they offer. Companies with a longer warranty are likely more confident about the equipment they are offering. Healthcare leaders should also ask if equipment is repaired using original equipment manufacturer (OEM) specified parts. Although there is no guarantee that the vendor will answer honestly, it is important for healthcare leaders to state that they expect OEM specified parts in order to ensure the highest level of quality.

When all is said and done, the best way for an organization to determine a part’s quality is to have their clinical engineer test it over and over again. Although testing and authenticating parts can be a tedious process, it is paramount to ensuring that medical equipment functions properly. Every individual component contributes to the overall performance of a machine so if one part is sub-par the entire machine will be affected and the quality of patient care may be adversely impacted.

Although ISO certifications can be incredibly confusing, it’s in the best interest of healthcare leaders to have a general understanding of what the various certifications represent and how they are applied to different types of companies. So take a few minutes, or hours, to review background materials on ISO and peruse the companies listed on The Independent Association of Accredited Registrars’ website. In the long run, it will greatly benefit the overall safety of your organization.

 

By Larry Nguyen, CEO & CTO of Summit Imaging.

 

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Please review our Privacy Policy for more details.
I Agree