There seems to be an emerging debate on the necessity of selecting an ISO 13485-registered company to handle contract manufacturing needs. Let’s begin with the obvious: What do you manufacture?
If the answer is “medical devices,” then the path is clear: YES you need a 13485-certified company! You might not be “required” based on some regulatory loopholes, but here is the real scoop. If you and your company are responsible for the manufacture of a medical device (implantable or otherwise), why would you ever want to take the risk? If you’re manufacturing medical devices of any kind, your business is likely already a 13485 company, and you are (or should be) well aware of the benefits registration provides. You will also be well aware of the effort put into maintaining a certification—the audits, the surveillance meetings, the documentation. If you outsource, you should expect nothing less than the same efforts from your contract manufacturer, and you should expect to see similar benefits in the course of your project.
Avoid Litigation and Liability with a Registered Contract Manufacturer
Litigation and liability within manufacturing industry, and specifically within medical device field, has grown to a previously inconceivable level over the last decade. “It’s a jungle out there” doesn’t begin to cover the hazards of today’s true business environment. For the experienced and successful businesses, due diligence has ceased to be something that is “done” and has instead become as second nature as taking a breath. The traceability, design verification, materials validation, supplier controls, risk assessments and other benefits assured by a well-vetted, 13485-registered CM are an indispensable and integral part of operations in a well-prepared company.
What if you don’t manufacture medical devices? Do you still need the reliability and responsiveness a registered 13485 CM offers? Good question. Is it worth the additional cost so often paired with those certificates? Better question. Is there a way to have the best of both worlds? Maybe.
Registration for Non-Medical Contract Manufacturing
Let’s be practical. If you do not manufacture medical devices, then your CM selection pool broadens slightly. You may consider CMs that carry an ISO 9001 registration, and they may be enough to meet your needs without the additional (often costly) controls and traceability that accompany a 13485 registration. Perhaps the self-evaluation and process and documentation controls are enough to ensure your product realization goals and to get you to market on time with reliable conformity. You may not need risk management expertise, part/product serialization, or first article inspection. What if you could make sure that level of expertise was available ad hoc?
It’s a little known fact, and rarely pursued within the industry, but it is possible for a company to maintain dual ISO registration to multiple standards. Dual registration allows a CM to operate separate projects under separate standards and to leverage the appropriate project management tools from a diverse system to best meet customer requirements. It requires a level of acumen and assiduity for a company to meet the needs of multiple registrations, but those who accomplish it are able to offer an unrivaled spectrum of project options in the field of design, management and product realization.
When it’s time to shop the market for a contract manufacturer for your product, or even for new capital equipment to enable or improve production, it is clear and apparent that your CM should meet certain requirements:
- They must be able to meet your needs and your schedule.
- There must be a good business relationship and a level of comradery to facilitate communications.
- They need to be not just competent, but capable and prepared.
ISO registrations help to ensure these attributes and narrow the search. When you do choose, make sure you keep in mind there are ways to get more value for your dollar and more expertise. Don’t just grab the first ISO-registered CM you find. A fancy proposal and a desktop audit isn’t enough to properly vet a CM these days. Look for more than a certificate on a wall; ensure the certificate is issued from a reputable registrar and that the CM has a strong and consistent audit history. Ask the CM about how they handle customer audits, confidentiality, information security, business continuity and if their Quality Management System is available for customer review. It’s no longer a matter of what certificate a company holds, but how many, and how seriously they treat the program. It’s up to you to find the CM that is the best fit, at the best price with the most expertise. It’s about value and quality, of your product and the service you contract them to provide.