Requirements For Bodies Providing Audit and Certification of Healthcare Management Systems To The Core Standards For Safety

Download as pdf or txt
Download as pdf or txt
You are on page 1of 9

Joint Accreditation System of Australia and New Zealand

PROCEDURE NUMBER 31
ISSUE NO 4 DATED 06 February 2008

Requirements for bodies providing audit and certification of


healthcare management systems to the Core Standards for Safety
and Quality in Healthcare

Authority to Issue

Dr James Galloway
Chief Executive
with Authority of the Governing Board
PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

CONTENTS

0 INTRODUCTION.............................................................................................................................. 3
0.1 BACKGROUND ............................................................................................................................. 3
0.2 OBJECT AND FIELD OF APPLICATION .............................................................................................. 3
0.3 TRANSITION POLICY ..................................................................................................................... 4
1 SCOPE ............................................................................................................................................. 6

2 REFERENCES................................................................................................................................. 6

3 TERMS AND DEFINITIONS ............................................................................................................ 7

4 PRINCIPLES.................................................................................................................................... 7

5 GENERAL REQUIREMENTS.......................................................................................................... 7

6 STRUCTURAL REQUIREMENTS .................................................................................................. 7

7 RESOURCE REQUIREMENTS....................................................................................................... 7

8 INFORMATION REQUIREMENTS.................................................................................................. 7
8.1 CERTIFICATION DOCUMENTS ........................................................................................................ 7
9 PROCESS REQUIREMENTS.......................................................................................................... 8
9.1 GENERAL REQUIREMENTS ............................................................................................................ 8
9.3 SURVEILLANCE ACTIVITIES ........................................................................................................... 9
10 MANAGEMENT SYSTEM REQUIREMENTS FOR CERTIFICATION BODIES......................... 9

Issue No. 4 dated 06 February 2008 Page No. 2 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

0 Introduction

0.1 Background

0.1.1 Certification of healthcare management systems is a third-party conformity assessment


activity as defined in ISO/IEC 17000:2004, 5.5. Certification Bodies (CBs) are the third-
party conformity assessment bodies performing this activity.

0.1.2 This Procedure was developed by JAS-ANZ, on behalf of the healthcare organizations,
and sets down the requirements for certification bodies conducting audits against the
Core Standards for Safety and Quality in Healthcare (the Core Standards).

0.1.3 The Core Standards are designed to be used by healthcare organizations in isolation or in
combination with other assessment criteria such as ISO 9001:2000 as guided by AS
HB90.8.

0.1.4 Accredited certification bodies must appreciate that where their scope of accreditation
refers, either directly or indirectly, to requirements laid down by a regulatory authority, the
requirements of that regulatory authority, as amended from time to time, may be applied
by JAS-ANZ in addition to the requirements laid down in this Procedure.

0.1.5 This Procedure shall be subject to ongoing review by the JAS-ANZ Safety and Quality in
Healthcare Technical Committee as part of the normal ongoing programme development
cycle.

0.2 Object and field of application

0.2.1 ISO/IEC 17021 is an International Standard that sets out the requirements for bodies
providing audit and certification of management systems.

0.2.2 To facilitate the uniform interpretation and application of ISO/IEC 17021:2006 for audit
and certification of healthcare organizations, the JAS-ANZ Safety and Quality in
Healthcare Technical Committee has produced the normative criteria in this procedure.

0.2.3 Bodies seeking JAS-ANZ accreditation for healthcare management systems certification
shall satisfy the requirements of ISO/IEC 17021 and this Procedure.

0.2.4 The term “should” is used in this document to indicate recognised means of
meeting the requirements of the standard. A CB can meet these in an equivalent
way provided this can be demonstrated to JAS-ANZ. The term “shall” is used in this
document to indicate those provisions which, reflecting the requirements of the
relevant standard, are mandatory.

0.2.5 Accreditation to ISO/IEC 17021 and this Procedure attests to the necessary competence
and reliability of a conformity assessment body to provide audits and certification within
the scope of accreditation, for example to the Core Standards.

Issue No. 4 dated 06 February 2008 Page No. 3 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

0.2.6 All the major headings (numbers 1-10) of this Procedure have been reproduced from
ISO/IEC 17021.

0.2.7 This procedure does not diminish any of the requirements of ISO/IEC 17021. The clause
numbers in this procedure are prefixed with the letter ‘J’ to indicate mandatory criteria
developed by the JAS-ANZ Safety and Quality in Healthcare Technical Committee for the
certification of heathcare organization management systems based on the Core
Standards for Safety and Quality in Healthcare.

0.2.8 The text of ISO/IEC 17021:2006 is not included in this document and shall be referred to
separately.

0.2.9 References in this procedure to specific clauses of ISO/IEC 17021 shall be read to mean
reference to both ISO/IEC 17021 and the corresponding criteria in this procedure.

0.3 Transition policy

0.3.1 Accreditation

0.3.1.1 All new applicant CBs will be required to demonstrate compliance with JAS-ANZ
Procedure 31, Issue 4 before accreditation is granted.

0.3.1.2 For existing applicants and accredited CBs due to be assessed before 15 September,
2008, they shall be assessed against JAS-ANZ Procedure 31, Issue 3 and JAS-ANZ
Procedure 31, Issue 4, but any findings against the additional requirements of JAS-ANZ
Procedure 31, Issue 4 shall be raised as observations.

0.3.1.3 If the next assessment is due on or after 15 September, 2008, then the CB shall be
assessed against JAS-ANZ Procedure 31, Issue 4 and any deficiencies shall be reported
as nonconformities.

Issue No. 4 dated 06 February 2008 Page No. 4 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

0.3.2 Certification

0.3.2.1 CBs shall establish and implement a process for notifying all applicants and holders of
Private Sector Quality Criteria (PSQC) certification of the requirement for transition to the
Core Standards prior to 06 May 2008, with full implementation by no later than 06 August
2009.

0.3.2.2 From the date of publication of this procedure, all new applicant healthcare organizations
shall be required to demonstrate compliance with the Core Standards.

0.3.2.3 Healthcare organizations with certification (or ‘accreditation’) to the PSQC, shall be
required to commence internal verification of compliance with the Core Standards prior to
06 May 2008 that is, within three months from the date of publication of Issue 3 of this
procedure, and demonstrate full compliance with the Core Standards via a scheduled
surveillance visit prior to 06 August 2009 that is within 18 months from the date of
publication of Issue 3 of this procedure.

0.3.2.4 CBs shall maintain records to demonstrate, that by no later than 06 August 2009, all
existing PSQC certifications fully comply with the Core Standards.

0.3.2.5 This policy should not lead to additional audits if all parties promptly respond to this policy
advice from the date of publication.

Issue No. 4 dated 06 February 2008 Page No. 5 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

Conformity assessment – Requirements for bodies providing audit


and certification of management systems

1 Scope

1.1 Where some elements of the Core Standards are found not to be fully applicable in a
specific healthcare setting, for example in some community and health related services,
then the audit team competencies defined in this Procedure may need to be redefined to
suit that specific healthcare setting. Such variations are currently outside the scope of this
Procedure. Should the need arise; the competencies required for these specific
healthcare settings could be addressed through an Annex to this procedure.

1.2 Where the scope of certification is to include ISO 9001:2000 incorporating the Core
Standards for Safety and Quality in Healthcare, the CB shall have accreditation to, and
conform with, JAS-ANZ Procedure 10 and JAS-ANZ Procedure 31.

2 References

2.1 ASHB90.8-2000 - Healthcare services – Guide to ISO 9001:2000

2.2 Core Standards (the Core Standards) -Core Standards for Safety and Quality in
Healthcare: 7 September 2007 (the Core Standards) (we should insert a link to where
they live on the JAS-ANZ website

2.3 ISO 9001:2000 -Quality management systems – requirements

2.4 ISO/IEC 17000:2004 -Conformity assessment – vocabulary and general principles

2.5 ISO/IEC 17021:2006 -Conformity assessment – Requirements for bodies providing audit
and certification of management systems

2.6 ISO 19011:2002 -Guidelines for quality and/or environmental management systems
auditing

2.7 JAS-ANZ Procedure 10 -Requirements for bodies operating audit and certification of
quality management systems

2.8 Private Sector Quality Criteria (PSQC) developed by the Private Healthcare Industry
Quality and Safety (PHIQS) Committee and superseded by the Core Standards. as per
the Policy in this Procedure

Issue No. 4 dated 06 February 2008 Page No. 6 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

3 Terms and definitions

J.3.4 The following definitions also apply to this document:

Accreditation agencies In the healthcare sector, an accreditation agency is a term used to describe
a certification body which performs healthcare conformity assessments.

Certification body (CB) is a Conformity Assessment Body, as defined in ISO/IEC 17000,


which performs management systems certification. In the healthcare
sector, certification bodies are also sometimes referred to as ‘accreditation
agencies’.

4 Principles

5 General requirements

6 Structural requirements

7 Resource requirements

8 Information requirements

8.2 Certification Documents


J.8.2.3 Certification documents issued to healthcare facilities shall include a reference to the
Core Standards for Safety and Quality in Healthcare. For example, the management
system has been found to conform to the “Core Standards for Safety and Quality in
Healthcare” or, to “ISO 9001:2000 incorporating the Core Standards for Safety and
Quality in Healthcare”.

Issue No. 4 dated 06 February 2008 Page No. 7 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

9 Process requirements

9.1 General requirements


J.9.1.2.1 Where the scope of the application includes ISO 9001:2000 incorporating the Core
Standards for Safety and Quality in Healthcare, the CB shall ensure that the audit plan
provides for full consideration of the guidance contained in AS HB90.8-2000.
J.9.1.2.2 Each audit shall adequately cover all shifts to the extent required to determine whether the
findings and recommendations in the report are appropriate in the context of the hours of
operation.

J.9.1.3.1 The audit team may be one person, providing that person satisfies all of the requirements
of ISO/IEC 17021, clause 9.1.3 and the related criteria in this procedure.

J.9.1.3.2 Certification bodies shall retain records to demonstrate that for every onsite audit, at least
one member satisfies the lead auditor requirements. These records must also
demonstrate that all auditors (including the lead auditor) have current knowledge of:
a) the issues for consumers of the healthcare service including the concepts of patient
rights, dignity, privacy and confidentiality; and
b) management practices and quality systems in the relevant healthcare setting.

J.9.1.3.3 Team members with appropriate technical expertise shall be directly involved in auditing
all of the Core Standards. To gain sufficient technical expertise, such team members
shall have been employed in a senior clinical role (including nursing, counselling or
scientific) in a relevant healthcare setting. The CB must be able to demonstrate that the
employment experience is sufficient to ensure understanding of how the Core Standards
should be applied in the relevant healthcare setting.

J.9.1.3.4 The CB must be able to demonstrate that it has verified the scope of the technical areas
to be covered by each audit team member and confirmed that the audit team has
sufficient collective knowledge and experience to evaluate the application of the Core
Standards in the relevant healthcare setting.

J.9.1.10 All audit reports shall include:


a) A description of the audit trail and evidence used to verify compliance with the Core
Standards;
b) Positive findings and opportunities for improvement; and
c) Recommendations regarding the granting, maintaining, extending, reducing,
suspending or withdrawing of certification.

J.9.2.5.2 The CB shall maintain records of an independent technical review of every audit report by
a person satisfying J.9.1.3.3.

Issue No. 4 dated 06 February 2008 Page No. 8 of 9


PROCEDURE 31 - REQUIREMENTS FOR BODIES PROVIDING AUDIT AND
CERTIFICATION OF HEALTHCARE MANAGEMENT SYSTEMS TO THE
CORE STANDARDS FOR SAFETY AND QUALITY IN HEALTHCARE

9.3 Surveillance activities

9.3.2 Surveillance audit


J.9.3.2.1 A surveillance audit shall also normally include:
a) Changes to the organisation;
b) Changes to the documented system;
c) Awareness of and appropriate responses to changes in legislative requirements or
recognised industry practices;
d) A balanced sample of the Core Standards sufficient to ensure that all Core
Standards are covered over a two year period.

10 Management system requirements for certification bodies

Issue No. 4 dated 06 February 2008 Page No. 9 of 9

You might also like