For Medical Devices and IVDs

ISO standards help medical device manufacturers and the medical industry comply with the evolving ‘State of the Art’, international best practices, streamline processes, and improve patient safety and satisfaction. These standards improve risk management and help businesses fulfil legal and industry standards. There are numerous ISO standards in place, but we’ve constructed this paper to give you an overview of the most common standards for the MedTech industry.

* Please note that the standards below are listed numerically and not by importance.

ISO and IEC

The International Organisation for Standardisation (ISO) is an independent organisation that has created thousands of global standards for a variety of products and businesses.

The International Electrotechnical Commission (IEC) sets standards for all electrical, electronic, and related technology. Essentially, ISO controls materials and processes while IEC focuses on product manufacturing and testing.

A wide range of business and technological categories are covered by these standards, including medical devices, IVDs, and the electronics and software that go along with them. ISO standards are usually voluntary, consensus-based documents that provide guidance on particular aspects of technology and manufacturing. Medical regulatory bodies frequently use ISO as a benchmark for regulatory compliance since it is widely regarded as the gold standard.

ISO standards are crucial for medical device manufacturers because they not only help produce high-quality medical devices but also help manufacturers to stay in compliance with regulatory requirements. A large number of ISO standards are accepted by regulatory bodies like the US Food and Drug Administration (FDA) or have been harmonised with rules in different countries, like the European Union.

Therefore, it’s essential to comprehend the most popular IEC and ISO standards for medical equipment if you want to stay in compliance with international laws.

Harmonised Standards

The European Union (EU) was founded with the intention of creating a single market to make commerce easier and allow it to occur freely among the member states. To do this, it was necessary to standardise the products and harmonise the laws among the member states. For products, processes, systems, and services, harmonised standards were created that included direction, specifications, and recommendations from internationally recognised standards like ISO and IEC.

In order to assist manufacturers and other stakeholders, including other economic operators or conformity assessment bodies, the European Commission requests that the European Standard Organisations develop various standards. This is done to demonstrate that the products, services, or processes comply with the relevant EU laws.

A harmonised standard is released and made available for use after being declared officially in the Official Journal of the European Union (OJEU).

Harmonised standards, often known as EN standards, are crucial to CE marking. They can be used to demonstrate adherence to the fundamental requirements of European directives.

Most Common Standards for MedTech

(Harmonised) EN ISO 11737-1:2018 Sterilization of health care products – Microbiological methods

Part 1: Determination of a population of microorganisms on products. This document specifies requirements and provides guidance on the enumeration and microbial characterisation of the population of viable microorganisms on or in a health care product, component, raw material, or package.

(Harmonised) EN ISO 11737-2:2019 Sterilization of health care products – Microbiological methods

Part 2: Tests of sterility performed in the definition, validation, and maintenance of a sterilisation process. This document specifies the general criteria for tests of sterility on medical devices that have been exposed to a treatment with the sterilising agent which has been reduced relative to that anticipated to be used in routine sterilisation processing. These tests are intended to be performed when defining, validating, or maintaining a sterilisation process.

EN ISO 13408-6:2021 Aseptic processing of health care products – Part 6: Isolator systems

This document specifies the requirements for and provides guidance on the specification, selection, qualification, bio-decontamination, validation, operation, and control of isolator systems related to aseptic processing of health care products and processing of cell-based health care products.

(Harmonised) EN ISO 25424:2018 Sterilization of health care products – Low temperature steam and formaldehyde 

Requirements for development, validation, and routine control of a sterilisation process for medical devices.

(Harmonised) EN ISO 14160:2021 Sterilization of health care products

Liquid chemical sterilising agents for single-use medical devices utilising animal tissues and their derivatives – Requirements for characterisation, development, validation and routine control of a sterilisation process for medical devices (ISO 14160:2020)

ISO 9001 Quality Management Systems – Requirements

This standard specifies requirements for a quality management system when an organisation needs to demonstrate its ability to consistently provide products and services that meet customer and applicable statutory and regulatory requirements and aims to enhance customer satisfaction through the effective application of the system, including processes for improvement of the system and the assurance of conformity to customer and applicable statutory and regulatory requirements.

All the requirements of ISO 9001:2015 are generic and are intended to be applicable to any organization, regardless of its type or size, or the products and services it provides.

(Harmonised) ISO 13485 Medical Devices – Quality Management Systems – Requirements for Regulatory Purposes

This standard specifies the quality management system (QMS) criteria for medical device manufacturers. It aims to ensure the safety and effectiveness of devices by providing a framework for the design, development, production, and maintenance of the device.

This is a globally recognised standard which is widely used for organisations to implement a risk management process.

ISO 14971 Medical Devices – Application of Risk Management to Medical Devices

This standard specifies the terminology, principles, and process for risk management of medical devices, including software as a medical device and in vitro diagnostic medical devices. The process described in this standard intends to assist manufacturers of medical devices to identify the hazards associated with the medical device, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls.

Medical device companies must have risk management processes that comply with ISO 14971 if they want to sell their device(s) internationally. We all want our medical devices to be safe and risk-free and ISO 14971 helps manufacturers meet those expectations.

ISO 15223 Medical devices — Symbols to be used with information to be supplied by the manufacturer

This standard has two parts. Part 1 specifies the general requirements and symbols which must be used to show information supplied for a medical device. These symbols can be placed on the packaging of the medical device, its accompanying information, or on the device itself.

Part 2 specifies a process for developing, selecting, and validating symbols for inclusion in part 1.

(Harmonised) ISO 10993 Biological Evaluation of Medical Devices

This standard consists of 23 parts and involves the biocompatibility of medical devices.

Due to the fact that these devices frequently come into direct contact with patients, manufacturers have an obligation to safeguard both patients and healthcare professionals from biological risks. It is imperative to prevent any adverse short- or long-term effects that can result from an unfavourable contact between a medical device and a patient’s cells, tissues, or bodily fluids.

The ISO 10993 standard gives a framework for evaluating the biocompatibility of medical devices in order to guarantee patient safety.

(Harmonised) ISO 11135 Sterilization of health-care products — Ethylene oxide

This standard specifies requirements for the development, validation, and routine control of an ethylene oxide sterilisation process for medical devices in both industrial and health care facility settings. It also considers the similarities and differences between the two applications.

ISO 11137 Sterilization of health care products — Radiation

This standard has 3 parts. The first part specifies the requirements for development, validation, and routine control of a sterilisation process for medical devices. Whereas parts 2 and 3  relate to dosimetry and its use in the above.

This standard is limited in scope to medical devices, but it’s helpful as it offers guidance that may be applicable to other products.

ISO 11607 Packaging for terminally sterilised medical devices

There are 2 parts to this standard. Part 1 specifies requirements and test methods for materials, preformed sterile barrier systems, sterile barrier systems and packaging systems that are intended to maintain sterility of terminally sterilised medical devices until the point of use.

Part 2 specifies processes which include forming, sealing and assembly of preformed sterile barrier systems, sterile barrier systems and packaging systems.

(Harmonised) IEC 60601 Medical Electrical Equipment

This standard consists of many parts and subsections which all relate to either general or particular requirements for basic safety and essential performance of medical electrical equipment. Every country has a different version and devices must comply with the standards that apply in each market.

IEC 62304 Medical Device Software– Software Life Cycle Processes

This standard defines the life cycle requirements for medical device software. The set of processes, activities, and tasks described in this standard establishes a common framework for medical device software life cycle processes.

Regulatory bodies commonly use this standard to ensure the safe design, development, production, and maintenance of software used in medical devices.

IEC 62304 provides manufacturers with guidance for identifying risks that could arise from software failure, developing safety-related processes throughout the software lifecycle, as well as providing customers with a method for maintaining and monitoring the software.

(Harmonised) ISO 17664 Processing of health care products — Information to be provided by the medical device manufacturer for the processing of medical devices

This standard has 2 parts and specifies requirements for information provided by the medical device manufacturer for the processing of critical or semi-critical medical devices (i.e. a medical device that enters normally sterile parts of the human body or a medical device that comes into contact with mucous membranes or non-intact skin) or medical devices that are intended to be sterilised.

The 2 parts cover both critical and non-critical medical devices. Note that the standard doesn’t define processing instructions but specifies the requirements that will help manufacturers to provide detailed processing instructions.

Other Useful Standards

It’s well worth noting that guidelines and ISO standards are being formulated on how the environmental impact should be assessed for medical devices. But currently we are using crossover guidance from other industries and their applicable ISO standards to outline the way forward.

There is no telling at this stage whether the risk management and the quality management ISOs for medical devices will be updated with sustainability guidance or ISO standards that are currently in circulation. But it is safe to say it’s worthwhile for manufacturers to start familiarising and strategically planning around the guidance that is available.

Below is an overview of some other standards which may well be of interest and are also well used in the MedTech industry.

ISO 140001:2015 Environmental management systems

This document specifies the requirements for an environmental management system that can be used to enhance an organisations environmental performance. It’s intended for use by an organisation seeking to manage its environmental responsibilities in a systematic manner that contributes to the environmental pillar of sustainability.

ISO 50001 – Energy management

For organisations committed to addressing their impact, conserving resources, and improving the bottom line through efficient energy management. Designed to support organisations in all sectors, this ISO standard provides a practical way to improve energy use, through the development of an energy management system (EnMS).

ISO 11073-1010 Health Informatics — Device interoperability — Part 10101: Point-of-care medical device communication — Nomenclature

Considered the ‘core’ standard in the 11073 series, this specifies the nomenclature for the information communicated between point-of-care medical devices and external computer systems. The primary emphasis is on acute care medical devices and vital signs information, but it also supports an object-oriented information model for medical device communication.

ISO 11073 Health Informatics itself is much larger and consists of numerous parts which specify point of care medical device communication. This group of standards addresses the interoperability of personal health devices (e.g. weighing scales, blood pressure monitors, glucose monitors, etc). The devices it covers are for personal (patient use) rather that hospital use.

ISO 14155 Clinical investigation of medical devices for human subjects — Good clinical practice

This standard addresses good clinical practice for design, conduct, recording and reporting of clinical investigations carried out in human subjects intended to assess the clinical performance, safety and effectiveness of medical devices in real-world settings

This standard doesn’t typically apply to in vitro diagnostic medical devices. However, there can be situations (dependent on the device and national or regional requirements) where specific sections and/or requirements of this document could be applicable.

ISO 15194 In vitro diagnostic medical devices — Measurement of quantities in samples of biological origin — Requirements for certified reference materials and the content of supporting documentation

This standard specifies the specifies the requirements for certified reference materials and their supporting documentation. It applies to certified reference materials classified as primary measurements standards, secondary measurement standards, and international conventional calibrators.

It also provides requirements on how to collect data for value determination and how to present the assigned value and its measurement uncertainty.

This standard doesn’t apply to reference materials that are parts of an in vitro diagnostic measuring system, although it is possible that many elements are helpful.

ISO 16142 Medical devices — Recognized essential principles of safety and performance of medical devices

This is a 2 part standard which includes the essential principles of safety and performance of medical devices, both IVD and Non-IVD. It identifies significant standards and guides that can be used in the assessment of conformity of a medical device.

This standard identifies and describes the six general essential principles of safety and performance to indicate a medical device is safe and performs as intended.

It’s intended for use as guidance by medical device manufacturers, standards development organisations, authorities having jurisdiction, and conformity assessment bodies.

ISO 18113 In vitro diagnostic medical devices — Information supplied by the manufacturer (labelling)

This standard has 5 parts and specifies requirements for information supplied by manufacturers of IVD instruments.

ISO 19001 In vitro diagnostic medical devices — Information supplied by the manufacturer with in vitro diagnostic reagents for staining in biology

This standard specifies the requirements regarding the information manufacturers must supply with reagents used for staining in biology. This standard applies to the manufacturers, suppliers, and vendors of the reagents, and its requirements are a prerequisite for attaining reproducible results.

ISO 20417 Medical devices — Information to be supplied by the manufacturer

This standard specifies the requirements for information supplied by the manufacturer for a medical device or accessory. It also includes the requirements for identification and labels on devices, accessories, packaging, marking, and accompanying information.

ISO 20916 In vitro diagnostic medical devices — Clinical performance studies using specimens from human subjects — Good study practice

This defines good study practices for clinical performance studies of in vitro diagnostic (IVD) medical devices. It covers planning, designing, conduct, recording, and reporting of clinical studies to assess the clinical performance and safety of IVD devices for regulatory purposes.

ISO 24971 Guidance on the application of ISO 14971

This document provides guidance on the development, implementation, and maintenance of a risk management system according to the ISO 14971. It gives further perspective on this subject for manufacturers. It provides information on the identification, assessment, and control of risks within the medical device lifecycle.

IEC 62366 Medical devices — Part 1: Application of usability engineering to medical devices

This standard specifies a process for manufacturers to analyse, specify, develop, and evaluate the usability of a medical device in relation to safety.

The usability engineering process (also known as human factors engineering) allows manufacturers to assess and mitigate risks associated with correct use and use errors.

It also links to ISO 14971 and the related methods of risk management as applied to safety related aspects of medical device user interfaces.

IEC 80001 Safety, effectiveness and security in the implementation and use of connected medical devices or connected health software

This specifies the requirements for applying risk management when connecting a health IT system within a health IT infrastructure. It addresses what must be done before, during, and after the connection to ensure safe, effective, and secure use.

Applying Standards to your Device(s)

Which standards are applicable depends on the device classification, product category, the technology deployed (example electrically powered) and device features. The list(s) above are by no means exhaustive and the standards that apply to a device will need a review of its classification, features, and its intended use.

It’s also vital to keep in mind that the U.S. and EU have different requirements for maintaining standards compliance. In the US, manufacturers are required to adhere to the same standard that was in place when the device was approved. Unless there have been design changes, there is no necessity to stay up to date when standards change. However, manufacturers in the EU are required to adhere to the most recent versions of the relevant standards as they become available. Regardless of when devices are certified, within the QMS processes the standards must be kept up to date, especially harmonised standards.

Clin-r+ recommendations

ISO standards are a ratified and agreed methodology that ensures the provision of quality and makes conformance to regulatory requirements easier. Compliance to ISO’s provides regulatory benchmarking against ‘State of the Art’, it may also confirm ‘well-established technology’ and it’s a verified method to prove safety and performance (proving your GSPR’s).

Applying ISO standards enhances overall performance and demonstrates safety and effectiveness whilst promoting trust and credibility. It also provides market access opportunities to Manufacturers who can also use their compliance certificates to gain market access and keep a competitive edge, for example by meeting sustainability standards to procurement requirements.

Clin-r+ supports manufacturers to ensure they are compliant with ISO and IEC standards. We make sure we’re up to date with regulatory requirements so you can be too. Should you have any questions or need professional assistance, CLIN-r+ has a wealth of experience to call upon. Get in touch!



Related Articles


Quality Management System (QMS)

A Medical Device Quality Management System (QMS) is a set of policies, processes, and procedures that a medical device manufacturer uses to ensure that their …

Read More →


Risk Management

Risk management in the medtech industry extends beyond product development and manufacturing to become an integral part of your product’s life cycle. Clin-r+ looks at …

Read More →

State of the Art literature reviews


State Of The Art Literature Reviews

Under MEDDEV 2.7/1 rev 4 regulations, literature reviews play an important role in several areas of the CER, including establishment of State of the Art …

Read More →