Corrective Action (8.5.2) and Preventive Action (8.5.3) emphasize a systematic approach to identifying, analysing, addressing, and documenting actions to improve ISO 13485 and ensure product quality and regulatory compliance. These are essential components of the Quality Management System that aim to address nonconformities and prevent their recurrence or occurrence.

8.5.2 Corrective Action – Corrective action is to eliminate the causes of detected nonconformities to prevent their recurrence.

Key Requirements:

• Identification of nonconformities through various methods, such as internal audits, customer complaints, or process monitoring activities.
• Evaluation of the nonconformity to determine its impact on the quality and safety of the medical devices.
• Root Cause Analysis to identify the root cause of the nonconformity to prevent similar issues from recurring.
• Corrective Action on the root cause, to implement corrective actions to eliminate the nonconformity which involves revising procedures, retraining personnel, or modifying device design.
• Verification of the effectiveness of the corrective action to ensure it has addressed the root cause and prevented the nonconformity from recurring.
• Documentation of the corrective action process, including identified nonconformities, root cause analysis, corrective actions taken, and verification results, needs to be documented.

8.5.3 Preventive Action- focuses on proactive measures to prevent potential nonconformities from occurrence.

Key Requirements:

• Identification of potential nonconformities and assess the associated risks.
• Analysis of the causes of potential nonconformities using appropriate risk assessment methods.
• Preventive Action plan to eliminate the causes of potential nonconformities and ensuring actions are proportionate to the potential impact of the risks identified.
• Implementation of the preventive actions effectively and in a timely manner.
• Monitoring the implementation and effectiveness of preventive actions.
• Documentation of  the preventive actions, including risk identification, risk analysis, action plans, and monitoring results.

Review the preventive actions and their outcomes during management review meetings.