Controlled Environments

The Medical Device Regulation (EU 2017/745) and in-vitro Diagnostic Medical Device Regulation (IVDR 2017/746) require that manufacturers control contamination and ensure devices are safe and effective ](Annex I, General Safety and Performance Requirements)](https://eur-lex.europa.eu/eli/reg/2017/745/oj/eng#anx_I). For sterile devices, manufacturers must demonstrate environmental controls appropriate for maintaining sterility.

The EudraLex EU GMP guidelines Vol. 4 Annex 1 can also be applied to the medical device industry.

Under 21 CFR 820 (Quality System Regulation), manufacturers of sterile medical devices must validate and control production processes, including environmental conditions. CFR 21 part 820.70 production and process controls is particularly relevant to controlled environments. FDA inspectors expect evidence of cleanroom qualification, monitoring, and maintenance.

Manufacturers must align their controlled environment practices with internationally recognised standards.

Workplace environment control is stipulated in ISO 13485:2016 - Medical devices — Quality management Systems, requirement 6.4 Contamination control.

Cleanroom and controlled environment standards

• ISO 14644-1:2015:Classification of air cleanliness by particle concentration
• ISO 14644-2:2015:Monitoring to provide evidence of cleanroom performance
• ISO 14644-3:2019:Test methods for cleanrooms
• ISO 14644-4:2001:Design, construction, and start-up
• ISO 14644-5:2004:Operations
• ISO 14644-7:2004:Separative devices (clean air hoods, glove boxes, isolators)

Sterile device and manufacturing standards

• ISO 13485:2016:Quality management systems for medical devices (includes environmental control requirements)
• ISO 14698-1:2003:Biocontamination control, general principles and methods
• ISO 11737-1:2018:Determination of bioburden on medical devices
• ISO 11135:2014:Sterilization of health care products :Ethylene oxide
• ISO 11137:2015:Sterilization of health care products: Radiation

Specific technical guidelines including VDI 2083, 3803, 6022, IEST RP-CC006.3, VOB/C

• Process Controls:
• Quality Assurance (QA)
• Equipment Management
• Software Validation
• Supplier Management
• Supply Chain
• Quality Management Systems (QMS)

European Union

Medical Device Regulation (EU 2017/745)

• (Annex I, General Safety and Performance Requirements)

in-vitro Diagnostic Medical Device Regulation (IVDR 2017/746)

• (Annex I, General Safety and Performance Requirements)

EudraLex EU GMP guidelines Vol. 4 Annex 1

US FDA

21 CFR 820 (Quality System Regulation):

• CFR 21 part 820.70 production and process controls International Standards:

ISO 13485:2016 - Medical devices — Quality management Systems, requirement 6.4 Contamination control.

Cleanroom and controlled environment standards:

• ISO 14644-1:2015: Classification of air cleanliness by particle concentration
• ISO 14644-2:2015: Monitoring to provide evidence of cleanroom performance
• ISO 14644-3:2019: Test methods for cleanrooms
• ISO 14644-4:2001: Design, construction, and start-up
• ISO 14644-5:2004: Operations
• ISO 14644-7:2004: Separative devices (clean air hoods, glove boxes, isolators)

Sterile device and manufacturing standards:

• ISO 13485:2016: Quality management systems for medical devices (includes environmental control requirements)
• ISO 14698-1:2003: Biocontamination control, general principles and methods
• ISO 11737-1:2018: Determination of bioburden on medical devices
• ISO 11135:2014: Sterilisation of health care products: Ethylene oxide
• ISO 11137:2015: Sterilisation of health care products: Radiation

Specific technical guidelines including VDI 2083, 3803, 6022, IEST RP-CC006.3, VOB/C

Acceptance Criteria: The predefined standards and specifications that a device must meet during testing and evaluation to be deemed suitable for its intended use and to comply with regulatory requirements.

Adverse Event: Any untoward medical occurrence in a patient or clinical investigation subject administered a medical device, which does not necessarily have to have a causal relationship with this treatment.

Audit: A systematic, independent examination of a manufacturer’s processes, procedures, and products to ensure compliance with regulatory standards and quality requirements. Also see Internal Audit.

Authorised Representative: A natural or legal person appointed by a manufacturer to act on their behalf in carrying out specific tasks related to conformity assessment and regulatory compliance.

Biomedical Engineer and Technician: Personnel that maintain and repair medical devices to ensure their proper functionality.

Change Control: The systematic process of managing and documenting modifications to a device or its manufacturing process to ensure that all changes are assessed, approved, implemented, and tracked in compliance with regulatory standards and quality management systems.

Cleanroom: A controlled environment with a low level of pollutants, such as dust, airborne microbes, aerosol particles, and chemical vapours used in manufacturing and scientific research.

Compliance: Adherence to regulations, standards, and guidelines set forth by regulatory authorities.

Controlled Environment: A workspace where environmental conditions such as temperature, humidity, and particulate levels are regulated to ensure product quality and process integrity.

Corrective Maintenance: The process of diagnosing and repairing faults or failures to restore the device to its proper functioning condition. Design Transfer: The process of transitioning a product’s design from development and manufacturing into production while ensuring all specifications and requirements are met.

Distributor: A natural or legal person in the supply chain, other than the manufacturer or importer, who makes a medical device available on the market.

Economic Operator: Any person or entity engaged in the production, distribution, import, export, or supply of medical devices.

Enterprise Resource Planning (ERP) Systems: Integrated software platforms that manage and automate core business processes across an organisation, facilitating the flow of information and improving efficiency.

Equipment Management: The systematic process of acquiring, maintaining, calibrating, and retiring equipment to ensure it remains suitable for its intended use and complies with quality and regulatory requirements.

FDA Approval: The process by which the U.S. Food and Drug Administration (FDA) officially recognises that a medical device is safe and effective for its intended use.

Good Manufacturing Practices (GMP): Regulations that require manufacturers to ensure products are consistently produced and controlled according to quality standards.

International Medical Device Regulators Forum (IMDRF): A global regulatory collaboration focused on harmonising medical device regulations to facilitate patient access to safe and effective devices. This organisation was formerly the Global Harmonization Task Force (GHTF).

ISO 13485: An international standard that specifies requirements for a quality management system (QMS) specific to the medical devices industry.

ISO 14971: An international standard for the application of risk management to medical devices.

Lifecycle Management: The process of overseeing a product, service, or system from its initial development through its growth, maturity, and eventual decline or disposal, ensuring optimal performance and resource utilisation at each stage.

Manufacturer: A legal entity that designs, produces, assembles, or labels a medical device with the intention of placing it on the market.

Notified Body (NB): An organisation designated by a country authority to assess the conformity of certain products before being placed on the market, ensuring they meet applicable regulatory requirements and standards.

Process Controls: The tools and methods to monitor and manage medical device manufacturing processes.

Process Performance Qualification (PPQ) Studies:

• Installation Qualification (IQ): Verifying that equipment and installations meet the required specifications.

• Operational Qualification (OQ): Confirming that equipment and processes operate correctly under defined conditions.

• Performance Qualification (PQ): Demonstrating that processes perform effectively and reproducibly in real-world conditions.

Process Verification: Uses process controls to check individual manufacturing steps and components against specifications.

Process Validation: Ensures that the entire manufacturing process, supported by process controls, reliably produces products meeting all requirements.

Quality Management System (QMS): A formalised system that documents the structure, responsibilities, and procedures required to achieve effective quality management.

Quality Management System Regulation (QMSR): The U.S. Food and Drug Administration (FDA) regulation that aligns its medical device quality system requirements with ISO 13485:2016 to streamline global compliance and enhance device safety and effectiveness.

Quality System Regulation (QSR): Outlined in 21 CFR Part 820, the U.S. Food and Drug Administration (FDA) framework requires medical device manufacturers to establish and maintain a quality management system to ensure their products consistently meet applicable requirements and specifications.

Record: A documented piece of evidence detailing activities, decisions, or results, created and maintained to demonstrate compliance with regulatory requirements and quality management standards.

Regulation: The rules, laws, standards, and requirements set by regulatory authorities to ensure the safety, efficacy, and quality of devices intended for medical use.

Regulatory Authority: An official body overseeing and enforcing laws, regulations, and standards within a specific industry or sector to ensure compliance and protect public interests. Also known as a Regulatory Authority. Also see Competent Authority and Notified Body.

Risk: The combination of the probability of occurrence of harm and the severity of that harm.

Risk Analysis: The systematic use of available information to identify hazards and to estimate the risk.

Risk Assessment: The overall process comprising risk analysis and risk evaluation.

Risk Evaluation: The process of comparing the estimated risk against given risk criteria to determine the acceptability of the risk.

Risk Management (RM): The systematic application of management policies, procedures, and practices to the tasks of analysing, evaluating, controlling, and monitoring risk.

Safety: The condition of being protected from or unlikely to cause danger, risk, or injury.

Software Validation: The documented process of ensuring that software performs as intended for its specific use within a regulated environment.

Standard: A document that provides guidance, requirements, or specifications established by regulatory bodies, industry organisations, or international consensus groups.

Supplier: An entity or organisation that provides materials, components, or finished products used in the manufacturing, assembly, or distribution of medical devices.

Supplier Management: Overseeing and controlling the relationships and activities with external suppliers to ensure the quality, reliability, and regulatory compliance of sourced materials and components.

Supply Chain: Activities, processes, and entities involved in the sourcing, manufacturing, distribution, and logistics management of these devices from suppliers to end-users.

Traceability Matrix: A document that maps and links requirements throughout the development lifecycle, ensuring that each requirement is tested and validated, thereby demonstrating compliance with regulatory standards.

User: Any individual who operates or interacts with a medical device, including healthcare professionals, patients, and caregivers.

User Requirements: The requirements and preferences of the intended users, which must be considered and addressed in the device design. Also known as User Needs or Customer Specifications.

Validation: Confirmation by examining and providing objective evidence that the particular requirements for a specific intended use can be consistently fulfilled.