Are the employees in your medical device company meeting the training and competency requirements of the ISO 13485 standard for quality management systems? ISO 13485:2016 addresses training and competency requirements in Section 6.2 Human resources of the standard: Personnel performing work affecting product quality shall be competent on the basis of appropriate education, training, skills and experience. The organization shall document the process(es) for establishing competence, providing needed training, and ensuring awareness of personnel. The organization shall: a) determine the necessary competence for personnel performing work affecting product quality; The requirements are relatively brief and non-prescriptive, so medical device companies are often left questioning exactly how they can meet the requirements. This article will explain what the international standard for medical device quality management systems require when it comes to training and competency of personnel, and what you need to do to comply.
b) provide training or take other actions to achieve or maintain the necessary competence;
c) evaluate the effectiveness of the actions taken;
d) ensure that its personnel are aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives;
e) maintain appropriate records of education, training, skills, and experience (see 4.2.5).
FREE DOWNLOAD: Get a copy of our customizable training matrix template by clicking here.
How to follow ISO 13485 training requirements
A training program that meets ISO 13485 requirements is something that often gets overlooked, especially in early stage medical device companies. It’s one of those things that can sneak up on you during an audit and result in a finding, so you’re much better to establish compliant training procedures early on.
Here are some key questions that companies ask when it comes to following ISO 13485 training and competency requirements:
What type of training is needed?
The ISO 13485 standard sidesteps giving any specific instruction as to what should be defined in a training procedure or how the training activities should be conducted. The short answer is that all personnel must be trained on the QMS policies and procedures respective to each person’s own job role and any specialized roles must have the appropriate training to perform it competently. This might include external training courses that are hosted by accredited third party firms.
You need to be able to show that appropriate training has been completed and have the records to prove it, so a robust training management system is a must-have. As part of this expectation, you need to document how you identify the skills, training, and/or experience needed by each person in each role.
Who needs to be trained?
Does everyone need to be trained on every part of your QMS? The short answer is no. But anyone who is responsible for following a set of processes and procedures must be trained on those same processes and procedures.
The key is that personnel must have the competency to adequately perform their own job function. If you have a quality inspector that is unaware of a change to your acceptance criteria because they haven’t received the necessary training, then noncompliance becomes a concern. More importantly, it could lead to serious safety ramifications for the patient.
ISO 13485 training requirements state how everyone involved in critical processes must be fully aware of the importance of their work and its impact on product quality or quality objectives. In short, everyone who is required to follow a process must be trained on it and any time there is an update to the process, follow-up training must be conducted.
How do we conduct training?
The “how” of training is left wide open for interpretation. It is up to your medical device company to determine this, placing an emphasis on the effectiveness of the training. The ISO standard requires that you must evaluate the effectiveness of your training - this could be as simple as requiring employees to take and pass a quiz on the subject.
Under ISO 13485, a risk-based approach is always highlighted. Therefore, the riskier the work, the more extensive training may be needed. The standard emphasizes “proportionate” training, conducting training whereas necessary and required without going overboard. The key here is that training must be sufficient enough to establish competency.
How to evaluate ISO 13485 training competency
Competency can be gained through education, certification, skills development, and experience. In accordance with ISO 13485, you need to ensure that your training methods are effective, in that it results in the competency of personnel to perform the necessary job functions specific to their roles.
Under Section 6.2 of the standard, the following statement is included with the Human resources requirements: “NOTE The methodology used to check effectiveness is proportionate to the risk associated with the work for which the training or other action is being provided.”
Establishing these checkpoints for evaluating effectiveness should be balanced against the risk of the policy, procedure, or task. It wouldn’t make sense to conduct a 2-day training seminar for a low-risk task, for example.
Training assessments and quizzes are common tools for evaluating competency. One great piece of advice is to keep your questions focused, avoiding any additional trivia that strays from the necessary information at hand while also ensuring that it’s rigorous enough to gauge the trainee’s comprehension of the material.
How else might you evaluate competency? Observations on-the-job (and as part of your internal auditing program) are also valid methods. For example, you might keep some sort of checklist for assessing the completion of an assignment.
At the very least, you must ensure that you’re keeping up-to-date and accurate records that show how and when you assessed competency. This will be paramount to your ability to maintain compliance with the ISO 13485 training requirements.
How to formalize QMS procedures that comply with ISO 13485 training requirements
Your QMS plays a key role in your ability to achieve and maintain compliance with ISO 13485 training requirements. In a nutshell, here’s what you need:
Defined training needs for each role in your organization
Training records for every procedure in your QMS
Training records for all individual personnel.
(Video) Training Procedure: "Mistakes to avoid and audit advice" [ISO 13485]You need to maintain objective evidence to prove your training is happening as required
Documented processes for how you established competence
Note: job descriptions themselves are not required to be kept as controlled documents, but a definition of the training associated with each job position does. Some roles may be able to be consolidated, along with their respective training requirements, especially for smaller sized companies.
The ease with which you are able to manage training records tends to come down to your choice of QMS solution. With legacy quality system tools, there are several associated pitfalls to look out for.
For example, training records are often kept in paper format by different team leads. In this case, any auditor that comes in and requests to see all of your training records for “X task” will likely lead to a mad scramble to locate which filing cabinet the record has been relegated to.
Besides accessibility and transparency of records, ensuring these are kept up to date presents a huge challenge to managers who are relying on physical copies of the training record (and their ability to remember where it was last placed).
Consider the alternative solution of a modern quality system, such as Greenlight Guru Training Management software. The medical device specific platform has a dedicated training workflow that simplifies compliance with ISO 13485 training requirements and automates activities that help users ensure competency among all necessary personnel.
FREE DOWNLOAD: Get a copy of our customizable training matrix template by clicking here.
Comply with ISO 13485 training and competency requirements with the best QMS software
The best way you can assure compliance with ISO 13485 training and competency requirements is by keeping accurate records that are instantly accessible and automatically updated within a robust electronic QMS solution.
Greenlight Guru’s dedicated Training Management Software goes a step further by including features specifically designed for the ease of those responsible for overseeing training for the company.
Training managers can easily trace any task or activity and provide records with objective evidence proving effectiveness and completion of employee training on processes, procedures, changes, and other QMS documentation - all within a single, closed-loop system.
Additional benefits offered through the Training Management workflow within Greenlight Guru include:
Automated training tasks and notifications on assigned training activities
Part 11 compliant sign-off, audit trails, and password requirements
Require a trainer sign-off to ensure training activities are effective
Personalized dashboard to view assigned and outstanding training activities
Easy to view tracking and status of assigned training tasks for Trainers by document level or by individual/group
Auto-generated training logs and records to provide objective evidence and traceability for training and compliance
Provide relevant attachments as supporting evidence of external training events.
Compliance with ISO 13485 training requirements has never been easier than now. Get your free demo of Greenlight Guru Training Management software →
Looking for a QMS solution to help you bring safer medical devices to market faster with less risk? Click here to take a quick tour of Greenlight Guru's Medical Device QMS software
FAQs
What does ISO 13485 say about training? ›
Under ISO 13485, a risk-based approach is always highlighted. Therefore, the riskier the work, the more extensive training may be needed. The standard emphasizes “proportionate” training, conducting training whereas necessary and required without going overboard.
What are the requirements of ISO 13485? ›- Quality Management System (QMS) ...
- Management responsibility. ...
- Resource management. ...
- Product realization. ...
- Measurement, analysis, improvement.
The ISO 13485 requirements were based on ISO 9001, the international gold standard for quality management systems. However, ISO 9001 offers a general set of requirements geared toward customer satisfaction and continual improvement that can be too subjective and/or difficult to measure for many medtech companies.
What are the 8 sections of ISO 13485? ›- 8.1 General.
- 8.2 Monitoring and Measurement.
- 8.3 Control of nonconforming product.
- 8.4 Analysis of data.
- 8.5 Improvement.
Providing training and development to employees allows employers to pinpoint the knowledge and skills they want their employees to have. Training and development programs can educate employees about new skills or provide updates on existing skills to enhance productivity.
What is the primary objective of ISO 13485? ›The primary objective of ISO 13485:2003 is to facilitate harmonized medical device regulatory requirements for quality management systems. As a result, it includes some particular requirements for medical devices and excludes some of the requirements of ISO 9001 that are not appropriate as regulatory requirements.
Is ISO 13485 mandatory for medical devices? ›So, depending on the service you are providing to the legal manufacturer an ISO 9001 might be sufficient. Whereas the service is specific to the medical device industry, ISO 13485 might be more appropriate to be implemented, but certainly not required.
What is the ISO 13485 standard? ›ISO 13485 was written to support medical device manufacturers in designing a QMS that establishes and maintains the effectiveness of their processes. It ensures the consistent design, development, production, installation and delivery through to disposal of medical devices that are safe for their intended purpose.
What are the main three ISO standards used in companies? ›- ISO 9001:2015, a standard for general organizational quality management systems (QMS), including vendor management. ...
- ISO 27001:2013, a standard for Information Security Management Systems (ISMS)
- ISO 14001:2015, a standard for Environmental Management Systems.
The ISO 13485 requirements encompass 8 clauses with supporting subclauses. The requirements to be applied to your quality management system (QMS) are covered in clauses 4-8.
How to comply with ISO 13485? ›
- Implementing a quality management system.
- Taking a risk management approach to product development.
- Validating processes.
- Complying with regulatory and statutory requirements.
- Establishing effective methods for product traceability and recall.
Elements and requirements of a QMS
The organization's quality policy and quality objectives. Quality manual. Procedures, instructions, and records.
When broken down, quality control management can be segmented into four key components to be effective: quality planning, quality control, quality assurance, and quality improvement.
What is the difference between ISO 13485 and MDR? ›The EU MDR regulation includes certain processes for medical devices that need to be in place, but the ISO 13485 standard is intended to be an all-encompassing set of inter-related requirements that form the internationally recognized best practices for a company that creates medical devices.
What are the 4 main objectives of training? ›From the point of view of the individual employee, there are three main aims of training: Improve the individual's level of awareness. Increase an individual's skill in one or more areas of expertise. Increase an individual's motivation to perform their job well.
How do you define training requirements? ›- Decide What You Are Trying To Achieve. ...
- Identify The Knowledge, Skills, And Abilities Needed To Meet Your Objectives. ...
- Figure Out What Employees Know. ...
- Talk To Employees. ...
- Talk To Managers. ...
- Decide On The Data Points That Are Valuable To Your Team.
- Overload Principle. Improvements are driven by stress. ...
- FITT Principle. ...
- Specificity Principle. ...
- Reversibility Principle. ...
- Rest, Recovery & Periodisation.
- Skills Gap Analysis. Before getting started, it's crucial to identify key areas that need attention. ...
- Set Objectives & Define Your Strategy. ...
- Invest in the Right Resources. ...
- Test, Measure, and Repeat.
- Identifying What Participants Need for Their Job. ...
- Matching Session Learning Objectives with Job Requirements. ...
- Assessing Performance During and Upon Completing the Training. ...
- Evaluating the Training Effort After a Period of Time.
The ISO 13485 certification supports medical device manufacturers in plotting a QMS that creates and maintains the efficacy of their processes. It ensures the consistent design, development, production, installation, and delivery through to the disposal of medical devices that are safe for their intended purpose.
What are management responsibilities ISO 13485? ›
Management has key responsibilities such as meeting on a regular basis, communicating to the organization, establishing QMS policies, making sure that objectives are established, conducting reviews, and also determining that resources needed to meet the QMS are available.
Why do you need ISO 13485 certification? ›ISO 13485 was written to support medical device manufacturers in designing a QMS that establishes and maintains the effectiveness of their processes. It ensures the consistent design, development, production, installation and delivery through to disposal of medical devices that are safe for their intended purpose.
How long does it take to get ISO 13485 certification? ›Implementation usually takes 4-6 months for companies with fewer than 50 employees. Larger firms with more than 50 employees and/or multiple locations require more written procedures and involve more people, so implementation usually takes 6-12 months.
What can be excluded from ISO 13485? ›As per clause 1 of the ISO 13485, only clause 7.3 Design and Development can be excluded from the scope of the quality management system if applicable regulatory requirements permit.
Are job descriptions required in ISO 13485? ›To ensure that employees have defined and documented responsibilities and authorities, the organization needs an organization chart, and written and signed job descriptions.
Does ISO 13485 require a quality manual? ›The quality manual for medical devices is a document required by ISO 13485, a quality management system designed for medical device manufacturers. If you are manufacturing medical devices for use in the U.S., your organization will need to prove compliance with FDA regulations.
What are the regulatory requirements for medical devices? ›The device classification regulation defines the regulatory requirements for a general device type. Most Class I devices are exempt from Premarket Notification 510(k); most Class II devices require Premarket Notification 510(k); and most Class III devices require Premarket Approval.
What is the difference between 9001 and 13485? ›ISO 9001 is the international standard which provides specifications for a quality management system which can be applied at any organization regardless of industry, product or service, or company size. ISO 13485 is a comprehensive management system specifically for the manufacture of medical devices.
What are the 4 types of standards? ›- Formal standards. ...
- Informal standards. ...
- Proprietary standards.
The most popular certificates are ISO 9001 (quality management), ISO 14001 (environmental management), ISO 45001 (occupational health and safety), ISO/IEC 27001 (information security), ISO 22000 (food safety), and ISO 13485 (medical device quality management).
What are the 5 quality procedures? ›
Quality procedures include: quality manual, procedure for the control of documents, procedure for the control of records, procedure for the performance of internal audits, procedure for the control of nonconformity, and procedure for the for integrating and controlling corrective action and preventive action.
Which of the following documents are mandatory required by the ISO 13485 standard? ›Documented Procedure and records of management review – clause 5.6. 1. Documented Procedure and records of training – clause 6.2. Documented Requirements for infrastructure and records of maintenance activities – clause 6.3.
How many quality management principles are identified in ISO 13485? ›According to ISO, the seven quality management principles are, in no particular order: Customer focus.
What does clause 4 of ISO 13485 cover? ›CLAUSE 4: QUALITY MANAGEMENT SYSTEM An organization shall establish and document their quality management system for medical devices, based on the requirements of ISO 13485. // There shall be focused attention on customers by expecting people and the organization to identify and meet these requirements.
How do you maintain knowledge of compliance requirements? ›- Audit all workplace policies and procedures. ...
- Understand your responsibilities and obligations as an employer. ...
- Invest in workplace safety management systems and accreditations. ...
- Go further than 'just ticking the box' for compliance.
- An initial compliance audit.
- Tracking of any previous violations and budget monitoring for compliance.
- Creation of a dedicated compliance team.
- Implementation of company policies and procedures.
- Efficient Policy Management system.
- Regular compliance training for all employees.
What are the four types of Quality Control? The four types of quality control are process control, control charts, acceptance sampling, and product quality control.
What are 4 points of quality assurance? ›The 4 stages in the quality assurance process are: Plan, implement, check, and adjust.
What are the three pillars of QMS? ›Each quality management system is made up of three pillars of technology: a document management system (DMS), a learning management system (LMS), and, once clinical trials begin, an electronic trial master file (eTMF).
What are the 7 key principles of quality? ›- Engagement of people.
- Customer focus.
- Leadership.
- Process approach.
- Improvement.
- Evidence-based decision making.
- Relationship management.
What are the 3 main objectives of quality control? ›
In such a system, there are 3 main objectives of quality control: enhance product quality and reduce risks, gain production efficiencies, and garner customer loyalty. These 3 objectives will be evident in any manufacturer with a robust and functional quality control program.
What are 5 pillars of Total quality system? ›Product, process, organization, leadership, and commitment--those are the five pillars of TQM.
Does ISO 13485 require risk management? ›ISO 13485 requires risk-based thinking regarding QMS processes (sub-clause 4.1. 2) and risk management with regard to patient/end-user safety in using the medical device (clause 7.1).
Is ISO 13485 mandatory in us? ›The short answer is no, ISO 13485 is not mandatory.
What does ISO say about training? ›The ISO training requirements are designed to improve the organization's quality. The standard needs employees to be trained with the knowledge and skill important to do their jobs with quality. Additionally, ISO training is required to verify that the training provided was effective.
Which ISO standard is for training? ›ISO - ISO 10015:1999 - Quality management — Guidelines for training.
What are the ISO regulations required to evaluate training effectiveness? ›Training effectiveness is one of the key requirements associated to Quality Management System according to ISO 13485. Having adequate methodologies for delivery of training and evaluate effectiveness of this training is a must for an organization that wants to claim compliance with ISO 13485 requirements.
How to train employees in ISO 13485? ›- Define the knowledge and skill needed for each employee to conduct their job.
- Deliver training or other learning activities to develop the required knowledge and skill.
- Provide a way to prove whether the training was effective (test for understanding)
The customer-supplier core must be surrounded by the 3 C's, commitment to quality, communication of the quality message, and recognition of the need to change the culture of the organisation to create total quality.
What are the four 4 key principles applied by the ISO when setting standards? ›- Respond to a need in the market. ISO does not decide when to develop a new standard, but responds to a request from industry or other stakeholders such as consumer groups. ...
- Based on global expert opinion. ...
- Developed through a multi-stakeholder process. ...
- Based on a consensus.
What is the importance of ISO training? ›
Achieving an ISO quality management certification can pay huge dividends for your business in improved efficiency, productivity and customer satisfaction. But the benefits of ISO go far beyond your operations to every aspect of the business, including sales and marketing, strategic planning and employee engagement.
What are the 8 principles of ISO? ›- Customer Focus. ...
- Leadership. ...
- Involvement of People. ...
- Process Approach. ...
- System Approach to Management. ...
- Continual Improvement. ...
- Factual Approach to Decision-Making. ...
- Relationship Management.
The Training and Learning Standards are statements that define the generally accepted practice to ensure the quality of training and learning activities.
How many hours of company training are required by the ISO annually? ›60 hour training/year for New Driver/Operator.
What are the 4 measuring training effectiveness? ›Evaluating Training Effectiveness
Post-training quizzes, one-to-one discussions, employee surveys, participant case studies, and official certification exams are some ways to measure training effectiveness.
- Set Goals. Before evaluating and assessing your employees' baseline knowledge, it's essential to set up some goals. ...
- Identify the Skills or Knowledge Needed to Meet Goals. ...
- Evaluate Employee Competencies. ...
- Track Valuable Data Points. ...
- Assess Current Training Resources. ...
- Custom Training.
- Assess.
- Motivate.
- Design.
- Deliver.
- Evaluate.