ISO Certification for Hospitals


Delivering the right care at the right time in the right setting is the core mission of hospitals. This can be achieved only by quality. Ensuring the safety of patients and hospital care providers and improving quality of patient care have become important objectives for health systems.

The Dictionary provides numerous definitions for the word Quality. One short definition of quality is “customer satisfaction and loyalty”. “Fitness for use” is an alternative short definition.

Until the late 19th century hospitals were not a place where health was created, but rather, a place to die. But now, there is rapid improvement with the development of aseptic and antiseptic techniques, more effective anesthesia, greater surgical knowledge and skills, trauma techniques, blood transfusion, coronary artery bypass surgery, effective pharmaceuticals, transplantation techniques and minimal invasive surgery has called for quality management system in the hospitals. All organizations periodically need a companywide assessment of quality. This involves quality control programme i.e. planning, control and implementing. For hospital quality control, audits are carried, internal audits and external audits. Some Organisations which carry external audits are:

  • ISO
  • NABH
  • JCI
  • JACHO and others

Most of the modern Hospitals are ISO certified. 

ISO’s declared mission is to be the leading value-adding platform and partner for the production of globally and market-relevant international standards, covering product specifications, services, test methods, conformity assessment, management and organizational practices.

Certification applicable for hospitals is ISO 9001:2000. Hospitals get certified in order to identify, define, document, implement (follow), monitor/measure, and continually improve the effectiveness of their patient care processes. 

For hospitals, ISO 9001 means identifying the elements in clinical and administrative practices that contribute to desirable outcomes, documenting those elements and instituting them as standard practice. Some examples include improved communication among staff members, revisions to policies to reflect best practice, standardization of forms used for documentation of patient care activities, and detection of problem-prone issues.

The website of International Standards Organization ( on ISO certification for hospitals Healthcare Quality Management through the Application of ISO 9001 states that using the ISO family of standards, the organization can establish a comprehensive Quality / Business Management System which:

  • provides a solid basis for compliance with all imposed requirements and healthcare quality certifications (e.g., JCAHO, AOA, Federal and State regulations).
  • makes all other healthcare quality certifications & accreditations processes easier and less costly.
  • facilitates improved understanding of roles & responsibilities among employees; and enhanced communication and coordination between departments.
  • requires the establishment of measurable improvement objectives and accountability to those objectives through monitoring, measuring and reporting.
  • results in improved systems, processes, and outcomes.

 The Structure of the ISO 9001:2000 Standard comprises of eight Clauses. The first three are introductory in nature. The subsequent five clauses include the requirements the healthcare organization must address. They are as follows:

Clause 4 – Quality Management System

  • Process Management, Documentation Requirements, Records Control

Clause 5 – Management Responsibility

  • Customer/Patient Focus, Policy, Objectives, Planning, Responsibility & Authority

Clause 6 – Resource Management

  • Human Resources, Infrastructure, Work Environment

Clause 7 – Product / Service Realization

  • Planning of New Products & Services, Customer Interface/ Communication, Design, Purchasing/Supplier Management, Production/ Service Operations, Calibration

Clause 8 – Measurement, Analysis, and Improvement

  • Internal Audits, Customer/Patient Satisfaction, Monitoring/Measurement of Products/Services and Processes, Handling Nonconformance, Corrective & Preventive Action, Continual Improvement


  •  All the requirements of ISO are generic, applicable to all, regardless of type and size.
  •  Organizations need to define, document and implement the requirement of the standards ISO 9000:2000 in   order to get certified.
  •   First consult an individual quality auditor or consultants who are well versed in ISO standards.
  •    Reviews the existing documented quality systems i.e. make a documented report on planning and implementation of procedures for ISO certification.


Each organization should develop the minimum amount of documentation needed in order to demonstrate the effective planning, operation and control of its processes and the implementation and continual improvement of the effectiveness of its QMS. ISO 9001 requires a “documented QMS” and not a “system of documents”.


  • Communication of information – communication system, level of communication skills within the hospital.
  • Evidence of conformity – provision of evidence that what was planed, has actually been done.
  • Knowledge sharing – to disseminate and preserve the hospitals experiences.
  • Documented procedures of following activities: control of documents, control of records, internal audits, control of nonconforming products, corrective actions and preventive action.
  • Quality manual,  Quality policy- Organizations charts, work instructions, inspection plans, quality plans, process description, production   schedules, approved supplier lists- may or may not be required.
  • Records – demonstrating conformity of their processes, products and quality management system. e.g. – management reviews, education training, results of views, internal audit results etc.       
  • The organizations needs to conduct internal quality audits before bringing in the ‘Registrar of the certified body’ to conduct certification audit.
  • The certification audit, which is a very detailed audit procedure, goes in depth right from auditing the managing team to the line team. All the clauses are thoroughly checked as to whether the employees have understood the concepts well. 
  • In the next phase of auditing, surveillance would be carried out every year after the certification is completed. This is done to check whether the organization is following the procedures and systems as documented and is there any sort of improvement in the entire process. 
  • The final phase is re-certification audit, which is done after 3 years of certification audit, and the auditing would be the same as in the case of certification audit.
  • An ISO certificate is issued for a period of 3 years, after which it has to be renewed. The certification body conducts periodic audits every 6, 9 or 12 months during this time, depending upon the size and operation of the organization to make sure that they are adhering to ISO certification standards.

 References: official website of ISO