Ensuring medical devices are maintained for safe patient use is imperative, which is why it is so important to understand how vendors approach medical device quality standards. We recently sat down with Heidi Drafall, Vice President of Quality at Agiliti, to talk about the growing difference between ISO certifications, how it impacts third-party independent service organizations, and why it should matter to clinical engineering teams.
Q: Are all third-party independent service organizations required to be ISO certified, and does it matter?
Heidi Drafall: Protecting patient safety starts with ensuring that the medical equipment used on patients is maintained and repaired to high quality standards. In-house clinical engineering teams do this every day to keep medical devices safe for patient use. Because patient safety is so important, when third-party independent service organizations are called upon to supplement an internal team, a risk-based approach should be utilized to ensure their services adhere to the latest industry quality standards.
Surprisingly, independent service organizations are not regulated by the FDA, nor are they required to adhere to quality standards that are specific to medical devices (e.g., ISO 13485:2016 and/or 21 CFR 820) like the Original Equipment Manufacturers (OEMs). Additionally, while some third-party service and equipment rental vendors boast an ISO certification, not all ISO standards are tailored specifically to the lifecycle management of medical devices. It can be confusing to understand the differences among the different certifications.
Q: What are some of the key differences between ISO 9001 and ISO 13485, and why do they matter?
HD: Missing from ISO 9001:2015 are requirements that are imperative to medical devices. In fact, it’s been over 20 years since ISO 13485 diverged from the generic ISO 9001. The gap between the two standards has grown to accommodate for the substantial changes in health care and the medical device industry over that time. Today, there are more than 80 key differences between ISO 13485 and ISO 9001.
ISO 13485 is continually updated to account for the evolving risks associated with medical devices. The latest iteration, ISO 13485:2016, includes requirements around the control of medical devices impacted by field corrective actions or recalls, the protection of confidential health information contained in medical device records, and the control of the work environment to promote contamination control. These standards are simply absent from ISO 9001:2015 because it is not focused on medical devices.
Q: What does all this mean for an in-house clinical engineering team?
HD: When it comes down to it, simply being ISO certified might not provide the quality and patient safety assurance a hospital requires of independent service organizations. As clinical engineering workloads increase, more in-house teams are relying on third-party service providers to supplement their own capabilities. It’s important to take the time to really understand the vendor’s quality standards and processes, and how they will apply those practices to your medical devices. It’s not just a business or cost decision. After all, it could be your family member on the receiving end of that medical device.
Q: What are some key quality practices in-house teams should look for when vetting an independent service provider?
HD: It’s important to uncover if the third-party vendor’s quality processes are based around rigorous, patient risk-based standards. Focus on their quality management system (QMS):
When taken in combination, these things can help an in-house team determine whether a service provider shares their same commitment to quality and patient safety. If they do, the in-house clinical engineering team can continue to deliver high-quality service without compromising patient safety when partnering with third-party service providers.
© 2020, TechNation Magazine. Site designed by MD Publishing, Inc.