|
In a direct relation to documents control, we will deal now with the records control requirements. The ISO 13485 Standard requires a definition of what records we must preserve as part of our quality system. Within the documents control we define what is a document and the method to manage it in various aspects: versions control, editions, distribution, elimination etc. Now we must define what are the documents included within the quality management system and how we would behave with them during the processes.
ISO 9001
| ISO 13485
| The organization must maintain records in order to prove his conformity to the standard's requirement and to demonstrate the quality management's effectiveness. The standard requires that the records would remain legible, identified and retrievable. The ISO 9001 Standard requires, also maintaining a procedure that describe the documents under the QMS and how one must handle them referring identification, retrieval, storage, protection, retention and disposal.
| The organization must maintain records in order to prove his conformity to the standard's requirement and to demonstrate the quality management's effectiveness. The standard requires that the records would remain legible, identified and retrievable. The ISO 13485 Standard requires, also maintaining a procedure that describe the documents under the QMS and how one must handle them referring identification, retrieval, storage, protection, retention and disposal. | | | The ISO 13485 Standard requires that the records would be retrievable for at least the life time of the medical device and in any case not less than two years from the date of product or other period if required by any regulations.
|
The reason for the additional requirement is that if, in any case, you would have to trace back any information about the medical device, and you would have all the documents that are relevant to the realization process for at least the life time of the medical device. These are medical devices we are dealing here. People's life could be dependent on these devices! You must have all the information about this device for any case.
Other requirements are same as the ISO 9001 Standard: TYPES OF RECORDS If you would brows your records I believe that you might be able categorize them according to the next division (more or less): - Quality guide and policy
- Quality procedures – documents describing the procedures within the quality management system.
- Process diagrams, procedures and work instructions - a definite method to perform activity or a process.
- Specifications – documents that specify requirements for product realization.
- Quality plans – documents which define the procedures and resources required to accomplish a project, a product a process or an agreement.
- A record – a document that declares results or present evidence for activities taken.
The level of documnetation is specified with the next pyramid: 
A SHORT EXPLANATION ABOUT THE RELATION BETWEEN RECORDS AND THE QUALITY SYSTEM Why is it so important to define which records to control? Let's presume that tomorrow's morning one of your customers will complain about aa medical device that you provided - let us hope that it would never happens. In order to examine if he is right or not, you must approach your records and investigate. Then, and only then, you may get the true story about the medical device.
The documentation is our statement of defense. Let's wish that we would never have to use it. But, if tomorrow morning we find ourselves in an organizational trouble or if any question arises, the documentation would be our savior.
But how on earth, from all the documentation that lay around the organization, we would know what is relevant to our quality management system? Well, the relation can be measured in various levels: - First, you must distinguish whether the document takes part within the medical device realization process. If there are records in the organization that don’t take part in the product realization process – they are not considered as part o the quality management system. Plain as that.
- Whether the document provides any aspect of product (or service) designing, developing or planning - it is part of the quality management system. For example – specifications, plans and product portfolio. These are quality plans. A record which defines the procedures and resources required to accomplish a project, a product, a process or an agreement. It defines also when it would be done and by whom.
- A documentation of a working process. For example – measurement form for a production line or a review form after an equipment installation. The ISO 9001 Standard does not require preservation of all forms or records but it is recommended to examine for every record of any working process, if recording and saving it would bring added value to your organization. Again, You must not preserve any form, but think twice before you dismiss any records.
- The record provides evidence for a requirement. That means every record that documented a performance for a requirement. In other words evidence for achieving the quality plans.
Any document that answers these definitions would be considered as quality record and therefore must be recorded and must achieve the ISO 13485 Standard requirements. What are the requirements? Nothing special. Actually the requirements are pretty much standard: - A legible documentation – that it would be possible to read the information recorded at any time.
- Identification of records – that it would be possible to attribute a record to its origins. How to attribute? It depends on your organization.
- Retrieval of records – that it would be possible to trace any record at any given moment for at least the life time of the medical device and in any case not less than two years from the date of product or other period if required by any regulations. That meanspreservation of records.
The ISO 13485 Standard require that all the definition above would be documented within a written procedure. Again, this is not a recommendation but a requirement. You must maintain a written procedure to define what records are included within your quality system. As if it is not complicated enough, the ISO 13485 Standard requires that you would document some of his requirements. The Standard has some requirements that must be documented. You must maintain records for these requirements: you must plan, maintain, fill out, and preserve (not in this order). Which requirements?
I will make a list but before that I would like to give a tip: if you would brows the ISO 13485 Standard you would notice a note that repeats constantly: see 4.2.4
This note actually directs you to paragraph 4.2.4 within the standard: Control of records. Still obscured? Any paragraph that ends with that note means that you must maintain a record. Go brows.
But as I promised I would try to make it easier on you and make a list of all requirements for records: Clause
| Description
| Document Type
| 5.6.1
| Management review
| Record
| 6.2.2 (e)
| Competence, awareness & training
| Record
| 6.3
| Maintenance
| Record
| 7.1 (d)
| Planning of product realization
| Record
| 7.1
| Risk management
| Record
| 7.2.2
| Review of requirements related to product
| Record
| 7.3.2
| Design & development inputs
| Record
| 7.3.3
| Design & development outputs
| Record
| 7.3.4
| Design & development review
| Record
| 7.3.5
| Design & development verification
| Record
| 7.3.6
| Design & development validation
| Record
| 7.3.7
| Control of design & development changes
| Record
| 7.4.1
| Supplier evaluations
| Record
| 7.4.2
| Purchasing information
| Record
| 7.4.3
| Verification of purchased product
| Record
| 7.5.1.1
| Batch records
| Record
| 7.5.1.2.2
| Installation activities
| Record
| 7.5.1.2.3
| Servicing activities
| Record
| 7.5.1.3
| Sterilization parameters
| Record
| 7.5.2.1
| Validation (process)
| Record
| 7.5.2.2
| Validation (sterilization)
| Record
| 7.5.3.2.1
| Product traceability
| Record
| 7.5.3.2.2
| Consignee name & address
| Record
| 7.5.4
| Customer property
| Record
| 7.5.5
| Preservation of product
| Record
| 7.6
| Calibration (as found)
| Record
| 7.6
| Calibration (corrected)
| Record
| 8.2.2
| Internal audits
| Record
| 8.2.4.1
| Product release
| Record
| 8.2.4.2
| Product inspection & testing
| Record
| 8.3
| Nonconformances (authorization)
| Record
| 8.3
| Nonconformances (nature)
| Record
| 8.4
| Analysis of data
| Record
| 8.5.1
| Customer complaints (investigations)
| Record
| 8.5.1
| Customer complaints (no action)
| Record
| 8.5.2
| Corrective action
| Record
| 8.5.3
| Preventive action
| Record
|
| Clause | Description
| Document Type
| 4.2.2
| Quality manual
| Manual
| 4.2.3
| Control of documents
| Procedure
| 4.2.4
| Control of records
| Procedure
| 7.3.1
| Design & development planning
| Procedure
| 7.4.1
| Purchasing process
| Procedure
| 7.5.1.2.3
| Servicing activities
| Procedure
| 7.5.2.1
| Validation of computer software
| Procedure
| 7.5.2.2
| Validation of sterile processes
| Procedure
| 7.5.3.1
| Product identification
| Procedure
| 7.5.3.1
| Returned product identification
| Procedure
| 7.5.3.2.1
| Product traceability
| Procedure
| 7.5.5
| Preservation of product (processing)
| Procedure
| 7.5.5
| Preservation of product (shelf-life)
| Procedure
| 7.6
| Control of monitoring & measuring devices
| Procedure
| 8.2.1
| Feedback system
| Procedure
| 8.2.2
| Internal audits
| Procedure
| 8.3
| Control of nonconforming product
| Procedure
| 8.4
| Analysis of data
| Procedure
| 8.5.1
| Issue & implementation of advisory notices
| Procedure
| 8.5.2
| Corrective action
| Procedure
| 8.5.3
| Preventive action
| Procedure
|
The method mentioned requires you to: - Define how any record shall be identified
- Where every record shall be stored
- Protection level for every record. That means who is responsible for the record and what must he do with the record.
- Where one can locate any record throughout the organization.
- Who and where is responsible for the record.
View our article about the ISO 13485 Management's Responsibility requirements
|
