Kristina Zvonar Brkic
November 24, 2020
Implementation, maintenance, training, and knowledge products for Information Security Management Systems (ISMS) according to the ISO 27001 standard.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
All required policies, procedures, and forms to implement an ISMS according to ISO 27001.
Train your key people about ISO 27001 requirements and provide cybersecurity awareness training to all of your employees.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance and training products for critical infrastructure organizations for the European Union’s Network and Information Systems cybersecurity directive.
All required policies, procedures, and forms to comply with the NIS 2 cybersecurity directive.
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Compliance and training products for personal data protection according to the European Union’s General Data Protection Regulation.
All required policies, procedures, and forms to comply with the EU GDPR privacy regulation.
Accredited courses for individuals and privacy professionals who want the highest-quality training and certification.
Implementation, training, and knowledge products for Quality Management Systems (QMS) according to the ISO 9001 standard.
All required policies, procedures, and forms to implement a QMS according to ISO 9001.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for Environmental Management Systems (EMS) according to the ISO 14001 standard.
All required policies, procedures, and forms to implement an EMS according to ISO 14001.
Accredited courses for individuals and environmental professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 14001 and the EMS using Advisera’s proprietary AI-powered knowledge base.
Implementation and training products for Occupational Health & Safety Management Systems (OHSMS) according to the ISO 45001 standard.
All required policies, procedures, and forms to implement an OHSMS according to ISO 45001.
Accredited courses for individuals and health & safety professionals who want the highest-quality training and certification.
Implementation and training products for medical device Quality Management Systems (QMS) according to the ISO 13485 standard.
All required policies, procedures, and forms to implement a medical device QMS according to ISO 13485.
Accredited courses for individuals and medical device professionals who want the highest-quality training and certification.
Compliance products for the European Union’s Medical Device Regulation.
All required policies, procedures, and forms to comply with the EU MDR.
Implementation products for Information Technology Service Management Systems (ITSMS) according to the ISO 20000 standard.
All required policies, procedures, and forms to implement an ITSMS according to ISO 20000.
Implementation products for Business Continuity Management Systems (BCMS) according to the ISO 22301 standard.
All required policies, procedures, and forms to implement a BCMS according to ISO 22301.
Implementation products for testing and calibration laboratories according to the ISO 17025 standard.
All required policies, procedures, and forms to implement ISO 17025 in a laboratory.
Implementation products for automotive Quality Management Systems (QMS) according to the IATF 16949 standard.
All required policies, procedures, and forms to implement an automotive QMS according to IATF 16949.
Implementation products for aerospace Quality Management Systems (QMS) according to the AS9100 standard.
All required policies, procedures, and forms to implement an aerospace QMS according to AS9100.
Implementation, maintenance, training, and knowledge products for consultancies.
Handle multiple ISO 27001 projects by automating repetitive tasks during ISMS implementation.
All required policies, procedures, and forms to implement various standards and regulations for your clients.
Organize company-wide cybersecurity awareness program for your client’s employees and support a successful cybersecurity program.
Accredited ISO 27001, 9001, 14001, 45001, and 13485 courses for professionals who want the highest-quality training and recognized certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Find new clients, potential partners, and collaborators and meet a community of like-minded professionals locally and globally.
Implementation, maintenance, training, and knowledge products for the IT industry.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Compliance, training, and knowledge products for essential and important organizations.
Documentation to comply with NIS 2 (cybersecurity), GDPR (privacy), ISO 27001 (cybersecurity), and ISO 22301 (business continuity).
Company-wide training program for employees and senior management to comply with Article 20 of the NIS 2 cybersecurity directive.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for manufacturing companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for transportation & distribution companies.
Documentation to comply with ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for schools, universities, and other educational organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for telecoms.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), ISO 20000 (IT service management), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, maintenance, training, and knowledge products for banks, insurance companies, and other financial organizations.
Automate your ISMS implementation and maintenance with the Risk Register, Statement of Applicability, and wizards for all required documents.
Documentation to comply with ISO 27001 (cybersecurity), ISO 22301 (business continuity), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and security professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 and the ISMS using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for local, regional, and national government entities.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), GDPR (privacy), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS) and ISO 9001 (QMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for hospitals and other health organizations.
Documentation to comply with ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the medical device industry.
Documentation to comply with MDR and ISO 13485 (medical device), ISO 27001 (cybersecurity), ISO 9001 (quality), ISO 14001 (environmental), ISO 45001 (health & safety), NIS 2 (critical infrastructure cybersecurity) and GDPR (privacy).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 27001 (ISMS), ISO 9001 (QMS), and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the aerospace industry.
Documentation to comply with AS9100 (aerospace), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for the automotive industry.
Documentation to comply with IATF 16949 (automotive), ISO 9001 (quality), ISO 14001 (environmental), and ISO 45001 (health & safety), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 (QMS) and ISO 14001 (EMS) using Advisera’s proprietary AI-powered knowledge base.
Implementation, training, and knowledge products for laboratories.
Documentation to comply with ISO 17025 (testing and calibration laboratories), ISO 9001 (quality), and NIS 2 (critical infrastructure cybersecurity).
Company-wide cybersecurity awareness program for all employees, to decrease incidents and support a successful cybersecurity program.
Accredited courses for individuals and quality professionals who want the highest-quality training and certification.
Get instant answers to any questions related to ISO 9001 and the QMS using Advisera’s proprietary AI-powered knowledge base.
The Medical Device Directive (MDD) was first published in 1993. Since then, it has remained unchanged, although different European standards and guidance (particularly MEDDEV) have been continuously updated during this almost 30 years. Very often, this was rather confusing for the manufacturers because they did not know which medical device regulations needed to be followed.
In addition, given how much medicine has advanced in the past 30 years, it is logical that the regulations that allow medical devices to be placed on the EU market should be adjusted accordingly. All of this has led to the creation of a new regulation for medical devices – the EU Medical Device Regulation.
The Medical Device Directive – MDD – (Directive 93/42/EEC) was published in 1993. Its intention was:
Devices that are in conformity with the relevant harmonised standards, or the relevant parts of those standards, are presumed to be in conformity with the requirements of the Medical Device Directive (MDD). Products conforming to the MDD must have the CE mark.
The directive was reviewed and amended by the 2007/47/EC, and a number of changes were made. Compliance with the revised directive became mandatory on 21 March 2010. On 5 April 2017, a new regulation on medical devices was adopted: the Medical Device Regulation – MDR – 2017/745.
Medical devices must comply with strict health and safety requirements set out in the legislation. “Harmonised standard“ means a European standard as defined in point (1)(c) of Article 2 of Regulation (EU) No 1025/2012. The list of currently valid harmonised standards is published by the Official Journal of the European Union and can be found on the following link: Official Journal of the European Union.
Due to the Covid-19 situation, the transition period for the EU MDR has been postponed. On 23 April 2020, Council and the Parliament adopted Regulation 2020/561 amending Regulation (EU) 2017/745 on medical devices, with regard to the dates of application of certain provisions. The start of the complete application of the MDR is scheduled for 26 May 2021.
In the MDR, no existing requirements have been removed, but the MDR adds new requirements. There are 23 articles in the MDD, while in the MDR there are 123 articles. In the MDD there are 12 Annexes, while in the MDR there are 17 annexes.
The scope of the new MDR has been changed: active implantable medical devices, ancillary medicinal products, and devices incorporating non-viable human tissues are now included. Also added are all devices for cleaning, sterilisation, or disinfecting (Article 2.1), reprocessed single-use medical devices (Article 17), and certain devices with no intended medical purpose (Annex XVI).
In the EU MDR, new stakeholders have been identified in the lifecycle of the medical device (in addition to the manufacturer), and the obligations for them have been defined in detail: authorised representative (Art. 11), importer (Art. 13), distributor (Art. 14).
There is one new class of medical device – reusable instruments (Ir) – which is a new sub-class for products that are reprocessed.
Classification rules have been changed – in the MDD there were 18 rules, while in the MDR there are 22 rules. Some rules have tightened and changed for some products, which has resulted in some devices being reclassified into higher classes. Rule 11 was changed, and now includes a rule that considers software to be a medical device. These requirements should be evaluated carefully to determine potential new classifications. If software can cause death or an irreversible deterioration of a person’s state of health, then it is in class III.
There are 4 new rules: Rule 19 – Devices incorporating or consisting of nanomaterial; Rule 20 – Invasive devices with respect to body orifices to administer medicinal products by inhalation; Rule 21 – Substances or combinations of substances that are intended to be introduced into the human body via a body orifice or applied to the skin and that are absorbed; and Rule 22 – Active therapeutic devices with an integrated or incorporated diagnostic function which significantly determines the patient management.
Medical devices that are classified under Rule 21 will have a different classification depending on different factors. They are classified as class III if the human body systemically absorbs them in order to achieve the intended purpose—that is, if they achieve their intended purpose in the stomach or lower gastrointestinal tract and the human body systemically absorbs them.
All devices incorporating or consisting of nanomaterial are classified as class III if they present a high or medium potential for internal exposure. Active therapeutic devices with an integrated or incorporated diagnostic function that significantly determines the patient management by the device, such as closed-loop systems or automated external defibrillators, are classified as class III.
The MDR now specifies that a person must be responsible for regulatory compliance, who this person can be, what knowledge is necessary, and what obligations and responsibilities this person has.
Requirements for clinical evaluation (Chapter VI, Annex XIV), clinical investigation (Chapter VI, Annex XV), and post-market surveillance system (Chapter VII, Annex III) are more detailed.
The MDR has established a unique device identification (UDI) system to adequately identify medical devices sold in the EU market. The intention of the UDI is to provide single, globally harmonised, positive identification of medical devices through distribution and use, requiring the labels of devices to bear a globally unique device identifier.
The MDR brings more strict requirements, but with the intention to prove medical device safety for both patients and users. Manufacturers must meet as many obligations and new regulations as possible so that both the device and the manufacturer comply with the MDR.
All manufacturers need to have implemented a Quality Management System and, since ISO 13485:2016 is the only Quality Management System standard on the list of harmonised standards published in the Official Journal of the European Union, it is expected for all manufacturers to have implemented this standard.
The requirements for technical documentation are described in much more detail, making it easier for the manufacturer in the preparation of the documents themselves and in the approach to defining the necessary tests.
To comply with all EU MDR requirements, use this helpful ISO 13485 & MDR Integrated Documentation Toolkit that provides all documents for medical device companies.
You may unsubscribe at any time. For more information, please see our privacy notice.