When you first enter the medical packaging industry, you’ll frequently hear about ISO 11607. But what does it mean, and why do you need to know about it? Here, we share the top six things you need to know about ISO 11607.
What is ISO 11607?
Let’s break it down. ISO is short for the International Organization for Standardization, is a worldwide federation of national standards bodies. ISO is an independent, non-governmental organization. The numbering, 11607, differentiates which standard you are discussing. In this case, 11607 refers to the requirements for packaging for terminally sterilized medical devices. This standard determines the basic requirements for sterile medical packaging or technically known as sterile barrier systems (think design verification, sealing considerations, and aseptic presentation).
ISO 11607 is a widely recognized standard used to comply with government regulation, for example, in the United States, 21 Code of Federal Regulations (CFR), and in Europe, Medical Device Regulations (MDR). Therefore, it is important as part of this industry you understand ISO 11607 inside and out.
There are two parts to ISO 11607, both equally important.
ISO 11607 – 1: Requirements for materials, sterile barrier systems, and packaging systems. You can think of Part 1 of ISO 11607 as the early stages of the sterile packaging design and development process. It addresses design, materials, and appropriate test methods.
ISO 11607 – 2: Validation requirements for forming, sealing, and assembly processes. Part 2 focuses on the manufacturing process used to package sterile medical devices. You have a design in mind, now what? Part 2 provides requirements for developing and validating a repeatable and reproducible process for forming, sealing, and assembly.
For more, visit Design and Testing Methodologies.
The difference between should and shall.
ISO 11607 is written using "shall" in its legal form. This means that when "shall" is used; the directive is mandatory. However, when "should" is used, it is a guideline on what you can do. Read carefully as this. One word makes a big difference.
Parts of ISO 11607 are up for interpretation.
ISO 11607 leaves many portions up for interpretation. The language was written as such because each medical device company is responsible for interpreting standards and developing its own quality system. Since every company and device are different, a one size fits all approach does not work. Allowing leeway based on individual situations lets you and your organization determine what is best to ensure a safe and effective product. How a guideline is applied also becomes your responsibility. Interpreting standards can get sticky when decisions are human-directed because they are subjective. Whether by an in-house team or reviewing authorities, how a standard is interpreted can vary greatly, depending on that person's level of experience in applying the standard at hand. To help companies achieve or maintain compliance, ISO published ISO TS 16775 in 2014. The document is a how-to resource for compliance with ISO 11607. While ISO TS 16775 offers practical industry guidance, it does not account for the newest revision of the standard, and a revision is expected later this year.
Variable data vs. attribute data.
Variable and attribute data are used when verifying and validating a sterile barrier system and process. The type of data collected combined with quality attributes and risk tie into the number of samples required for testing. Variable data is acquired through measurement, in the case of packaging, think seal strength (ASTM F88) or burst strength (ASTM F1140). Attribute data is pass/fail data that does not give you a numerical output. This data type is primarily collected for sterile barrier systems using the dye penetration test (ASTM F1929) and bubble test (ASTM F2096).
The two data types are used in conjunction to verify and validate sterile barrier systems and processes.
- The “Grandfather” Rule.
One of ISO’s organizational practices is to conduct thorough reviews of its standards every five years to identify potential updates. This means that every five years, there could be significant revisions made to ISO 11607. When changes are made, companies are expected to conduct a gap analysis of procedures and products to ensure that they comply with the ISO revisions. Remediation efforts must be performed if gaps are found. “Grandfathering” an existing product under revised standards is not allowed without significant justification and a thorough risk assessment.
If your organization does not complete a proper gap assessment, you risk:
Product being placed on hold until compliance is achieved
Recall of the device(s) on the market
Halt of new product approvals across all product lines
All of these can lead to a reduction in revenue, which can prevent patients from getting potential lifesaving procedures.