This article provides an IVDR checklist for updating your ISO 13485 quality system to comply with EU Regulation 2017/746.
Why I created an IVDR checklist?
Hundreds (if not thousands) of IVD manufacturers are currently updating their ISO 13485:2016 certified quality system from compliance with the In Vitro Diagnostic Directive (i.e. Directive 98/79/EC) or IVDD to the new EU In Vitro Diagnostic Regulation (i.e. Regulation 2017/746). Revision of technical files and the associated procedures for creating your technical files is a big part of these updates. However, there is much more that needs to be updated than just the technical documentation. Therefore, IVD manufacturers are asking Medical Device Academy to conduct remote internal audits of their quality system to identify any gaps. Usually, we conduct internal audits using the process approach to auditing, but this is one of the scenarios where the element approach and an audit checklist are invaluable.
If you would like to download our IVDR checklist for FREE, please fill in the form below.
How do you use an audit checklist?
An audit checklist is used by quality system auditors to collect objective evidence during an audit. This objective evidence verifies compliance with regulatory requirements or internal procedural requirements. If the auditor is unable to find supporting evidence of compliance, the auditor may continue to search for data or identify the requirement as a nonconformity. Typically the checklist is in four columns using a tabular form. The left-hand column lists each requirement. The next column is where the auditor documents records sampled, procedures reviewed, and personnel interviewed. In the third column, the auditor indicates what they were looking for in the records, procedures, or during the interview. Some of the information in the second and third columns can often be entered prior to starting the audit by reviewing audit preparation documents (e.g. procedures and previous audit reports). In the fourth column the auditor will enter the objective evidence for conformity collected during the audit.
How to create an IVDR quality plan
Most of the companies that are preparing for an IVDR audit by their notified body already have ISO 13485:2016 certification and they are using the self-declaration pathway for CE Marking under the IVDD. Under the IVDR, a notified body must now review and approve the technical file. The notified body must also confirm that their quality system has been updated to include the IVDR requirements. The Technical File requirements are found in Annex II and III; while most of the quality system requirements are found in the Articles. The quality system requirements include:
- a risk management process in accordance with Annex I – deviations from ISO 14971:2019 will be necessary)
- conduct a performance evaluation–including a post-market performance follow-up (PMPF). This requirement is defined in Article 52 and Annex XIII
- create and maintain a technical file in accordance with Annex II & III
- create and maintain a Declaration of Conformity in accordance with Article 17
- CE Mark the product in accordance with Article 18
- implement a UDI system in accordance with Article 24, 26, and 28
- record retention requirements for the technical file, Declaration of Conformity, and certificates shall be increased from 5 years to 10 years
- set-up, implement, and maintain a post-market surveillance system in accordance with Article 78
- document a procedure for communication with Competent Authorities, Notified Bodies, Economic Operators, Customers, and/or other Stakeholders
- update procedures for reporting of serious incidents and field safety corrective actions in the context of vigilance to require reporting within 15 calendar days
- update the product labeling to comply with Annex I, section 20
- revise the translation procedure to ensure translations of the instructions for use are available in all required languages of the member states, and make sure these translations are available on the company website
- create a procedure for utilization of the Eudamed database for registration, CE Marking applications, UDI data entry, and vigilance reporting
Which IVDR requirements are already met by your quality system?
Some companies also manufacture medical devices that must comply with Regulation (EU) 2017/745. For those companies, many of the above requirements are already incorporated into their quality system. In this case, you should still include all of the IVDR checklist requirements in your plan, but you should indicate that the requirement has already been met and audited previously.
Content related to our IVDR checklist
On Friday, April 1, 2022 @ 11 am EDT (8 am Pacific), Rob Packard will be Joe Hage’s guest speaker on the weekly MDG Premium Live video (please click on the link to register). The topic of the live presentation will be “How to create an IVDR quality plan.” #MedicalDevices #MDGpremium