What is Product Review Requirements as per ISO 13485
The purpose of the requirements review related to the product is to make sure companies keep to a high standard when it comes to the products and services they offer to customers.
The customer has request, and you as MedDev company will try to make your product to include requested specifications, don’t you? Therefore, every medical device company has to define a system or method that will achieve relations with the customer and its requirements.
Accepting a Request from the Customer
The point is to clarify and understand the customer’s requirements, translate them into organizational terms, and ensure the organization can meet them. You, as a medical device company should judge those requirements through risk management, product specifications, regulation, and functionality. All these will be reviewed first, before any obligation to the customer.
There is a way to follow up on these objectives:
Accepting a request for a proposal or identifying a need → Reviewing the needs → Delivering a proposal to the customer → Accepting a confirmation, an order, or a contract → Documenting it → Recording and evidence of the review
The method for identifying customer needs and expectations shall begin by defining the organizations’ communication channels with customers:
- It may be that the requirements of the product would be delivered by the customer in the classic manner of the request for a proposal, a price quote, an order, a tender, or a contract
- The organization may determine the requirements based solely on surveys, market evaluations, or research
- It may be a joint venture between the customer and the organization
- The requirements may derive from postmarketing activities like customer complaints, advisory notices, or service feedback
This stage must not be documented (These requirements shall be documented once you review them) unless the organization determines that the details sent by the customer service as the records. However, I recommend maintaining records that the customer has submitted, since the next stages (the review and the answer to the customer) must be documented—through this also depends on the nature of the organization. For example, documenting requests for offers along with various parameters in commerce organizations may serve as a statistical database for later research.
Different regulations might apply to customers in different geographical locations or markets. The manufacturer must take responsibility.
Control and Review of Changes in Customer Requirements
There is a possibility that customers might change their minds and needs, the ISO 13485 Standard is aware of that. Because of this, organizations must maintain control over the realization and effectiveness of the requirements. Customer requirements have to be reviewed on several viewpoints that might affect the medical device. The review will determine whether the manufacturer is can provide the needed changes:
- Technical abilities
- Implications of risk controls
- Availability of resources
- Product characteristics or technical specifications
- Compatibility with regulatory requirements
The first step of the process is accepting a request for a change. The organization is required to combine the request for change and the method. Matter doesn’t need to be documented in a procedure, but documented requirements should be planned and provided. The documented requirement is intended to include a responsibility, which can be documented on the job description. Identifying the category and extending the change are the following steps. Here are several suggestions:
• Identification of the applicable organizational parties
• Identification of the product and the amount of the change
After the suggested identifications, the matter can be submitted for review. The organization should define the following:
- To whom must the changes be distributed
- What is to be evaluated
- Who approves the changes
- Who is responsible for the evaluation
- Which documentation is it necessary to review and update
The method will be planned by issue, and records of the review will be maintained. Initiated changes by the organization, such as changes in materials, packages, processes, human resources, transportation, or any other conditions that were agreed with the customer and to which the organization is committed, it is intended for the organization to get approval from the customer.
The main objectives of the review records are divided into two. One is for the maintenance of product requirements needed for later verification and validation. The other is for evidence of the review and as a proof of the ability of the organization to supply the product according to the requirements. Thus, the records are divided into two types:
- Documented product requirements – RFP, request for a price quote, product specifications, customer’s order (external document), customer approval, approved technical specifications, internal order, contractor agreements, quality, and package and delivery specifications
- Records of the review – production plans regarding orders, records of stocks or inventory, records of consignation, and contracts agreements
The ISO 13485 Standard refers to the subclause Control of Records and requires that records related to the review should be part of the organization’s quality management system and would be submitted to the records control process.