1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Looking to impress at new job

Discussion in 'ISO 13485 and ISO 14969 – Medical Devices QMS' started by Nikki, Aug 25, 2020.

  1. Nikki

    Nikki Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    268
    Likes Received:
    141
    Trophy Points:
    42
    Location:
    Maine
    I have recently taken on a part time position of Quality Manager at a small company that builds metal medical trays. The trays are held together with brackets and are used to contain medical tools for hospitals.

    The trays are FDA approved, but the company is not ISO certified. The owner would like to be ISO 13485 certified by the beginning of the year, to get additional business.

    From what I see, major organization is needed. They are a small company - 10 or so employees tops. The owner has been doing all the major ISO related work, but has not kept up on it.

    The company outsources almost everything! They provide specs for the metal parts to be cut, and then the parts arrive and they put them together, and ship them out. That's it.

    There is a lacking of documentation to say the least. When an order is prepared, all the parts are put on a movable cart. Nothing really stops someone from walking by and just grabbing one of the many pieces. The carts are identified with a single lot number. Nothing more.

    I think my biggest hurdle will be getting everyone to follow the process, as everyone just does what they do.

    They haven't done an internal audit in 2 years.

    How would you approach this challenge? What would you focus on first? Any comments are appreciated.
     
  2. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    What are the pain points (unplanned costs)? Even if they can't tell you they exist. How much time is stolen walking around looking for things?

    It's not really a case of people taking stuff from carts etc. It's the "hidden" things they do daily which waste money. Small companies tend to do it most of all. Either the boss/owner sees it but does nothing because they accept it or there's someone who knows what it is.
     
    Nikki likes this.
  3. John C. Abnet

    John C. Abnet Well-Known Member

    Joined:
    May 23, 2017
    Messages:
    709
    Likes Received:
    510
    Trophy Points:
    92
    Location:
    Upper Midwest- USA
    Good day @Nikki and congratulations on this new opportunity.

    You mention one of the concerns as they "...just do what they do".

    Does what they "do" work? A well integrated management system should support and sustain what they "...just...do".

    You will build more allies and keep extraneous burden out of the company if you consider a reverse engineer approach. In other words, instead of viewing the organization through the lens of the 13485 standard, view the standard through the lens of "...what they do".

    You may be surprised to see how much they currently "do", which meets the requirements of the standard.

    Remember, the management system should first and foremost, selfishly serve the organization, NOT the standard or the auditor.

    I would council that you consider this proposed approach. I would council you spend the first days/weeks simply listening and watching. Ask the team members what their greatest hurdles are . What are their recurring struggles? If you can HELP them instead of burden them, then you will truly "...impress at the job".

    Hope this helps.
    Be well.
     
    Nikki likes this.
  4. Nikki

    Nikki Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    268
    Likes Received:
    141
    Trophy Points:
    42
    Location:
    Maine
    Thank you, both! I intend to watch the process, document it, and then see where the gaps are between what they do and the standard.

    The owner mentioned that some medical companies over in the UK will not accept ISO certified suppliers from the states, if they do not use a specific Registrar. Have either of you ever heard of this? A special list of Registrars?
     
  5. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    Document what they do and work from there. Do not start creating procedures, based on your past experiences, for them to follow. It won't work. If there are gaps, sit down and address the gaps. Your looking for the easiest way to improve or comply. Keep it simple and don't add a bunch of extraneous stuff.
     
  6. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    I'm not certain of a specific list, however, I could see a case being made/justified why they think British parent CBs might be more acceptable - BSI, or NQA for example come to mind. BSI also has Notified Body status and it is commonly thought that to sustain the British "Kitemark" safety symbol, the organization must be registered by BSI, (turns out that's not true)
     
    Nikki likes this.
  7. yodon

    yodon Well-Known Member

    Joined:
    Aug 3, 2015
    Messages:
    198
    Likes Received:
    115
    Trophy Points:
    42
    One thing you'll want to focus on since they are outsourcing most everything, will be purchasing and in particular, Quality Agreements. In the Quality Agreement, be sure to spell out that they can't change anything (parts, process) without informing you.

    Absolutely! You will want to be sure to use only an accredited registrar. Things are very much in a swirl due to several events. Due to Brexit, a CB accredited by, say, UKAS may not be recognized in the EU after Brexit. (BSI had to open an office in the Netherlands [I think] in order to mitigate that.) And worse, if you want to get the product CE marked, you need a registrar that is designated under MDR and there are only a few (BSI and TUV are the more notable ones). This means that lead times are horrendous (many months for certification and even longer for CE marking). I know there is a list of accredited and designated registrars but I can't find it right now.
     
    Nikki likes this.
  8. Nikki

    Nikki Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    268
    Likes Received:
    141
    Trophy Points:
    42
    Location:
    Maine
    Update: I met with the owner and got a briefing on their processes. I was told that they keep telling customers they are ISO compliant, but they don't have ANY written procedures. That is NOT ISO complaint. Am I right?
     
  9. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    "ISO compliant" means everything and nothing. Which "ISO"? ISO 9001:2015 doesn't require any written procedures, but others do. Customers who never "test" what this organization means by that response, are foolish, IMHO.
     
  10. yodon

    yodon Well-Known Member

    Joined:
    Aug 3, 2015
    Messages:
    198
    Likes Received:
    115
    Trophy Points:
    42
    Agree with @Andy Nichols but would lean more towards the "means nothing" side. :)

    The FDA does not require a QMS compliant to anything but the QSR. The QSR *does* require written procedures. Were they to get (FDA) inspected, a big ol' 483 would seemingly be a given.

    13485 also requires written procedures.
     
    Andy Nichols likes this.
  11. Golfman25

    Golfman25 Well-Known Member

    Joined:
    Nov 6, 2015
    Messages:
    816
    Likes Received:
    402
    Trophy Points:
    62
    I wouldn't worry about "written" procedures and "compliance" at this point. That's kinda what I suppose you're there to do. I would just start documenting what they have -- process maps, flowcharts, etc. And go from there. Telling them they aren't really compliant won't get you anywhere.
     
  12. Lennart Ljungh

    Lennart Ljungh Member

    Joined:
    May 23, 2017
    Messages:
    8
    Likes Received:
    3
    Trophy Points:
    2
    Location:
    Gräddö, Sweden
    Was in a similar situation some years ago. I suggested a prestudy to identify three things:
    1. The business requirement and value for the company.
    2. The standard requirement.
    3. The status of current QMS.

    When we had this input the owner was prepared for next step. We did an estimate of the amount of work involved to get the QMS to the level of the standard. 9 months later we had the stage 1 audit for ISO 13485 with three minor deviations.

    My conclusion is that if a company leader/owner knows the business value he will be prepared to invest in relation to it.
     
  13. Nikki

    Nikki Well-Known Member

    Joined:
    Jul 31, 2015
    Messages:
    268
    Likes Received:
    141
    Trophy Points:
    42
    Location:
    Maine
    Andy do you know of any documentation that I could find where it would state NQA is acceptable for UK medical companies? I would like to provide such documentation to my GM so they are comfortable moving forward using them as a registrar.
     
  14. Andy Nichols

    Andy Nichols Moderator Staff Member

    Joined:
    Jul 30, 2015
    Messages:
    5,086
    Likes Received:
    2,553
    Trophy Points:
    112
    Location:
    In the "Rust Belt"
    Since NQA originated in the UK (as a division of the NICEIC) and is in the top 5 Certification Bodies there, you should have much convincing to do. https://www.nqa.com/en-my/resources/news/nqa-30
     
    Nikki likes this.