Vaxxas and Profenso: What AI Quality Assurance Means for ISO 13485 Compliance

An Australian Partnership That Quality Managers Should Be Watching

In March 2026, Australian medtech firm Vaxxas announced a partnership with AI specialist Profenso to deploy computer vision technology for real-time quality assurance in the manufacture of its HD-MAP vaccine patches. The patches are sterile medical devices produced under aseptic conditions, which means the quality requirements are about as demanding as manufacturing gets. This is not a pilot program for a low-risk widget. This is AI being integrated directly into the production of a product that goes on human skin to deliver vaccines.

For quality managers and ISO consultants working in regulated industries, particularly those maintaining systems under ISO 13485 or ISO 9001, this partnership is worth understanding in detail. It demonstrates what practical AI integration actually looks like in a compliance context, and it raises questions that every quality professional should be thinking about right now.

Let us break down what is happening, why it matters, and what it means for your quality management system.

What Vaxxas and Profenso Are Actually Building

Vaxxas develops HD-MAP technology, which uses a micro-projection patch to deliver vaccines through the skin without a traditional needle. The manufacturing process for these patches is highly controlled. Any defect in the microstructure of the patch could compromise vaccine delivery, which makes quality assurance at the production level absolutely critical.

Profenso is an Australian AI company specialising in vision systems for regulated production environments. The partnership involves building a bespoke AI vision system that performs real-time quality checks during aseptic manufacturing. According to the Lab Online report published on 19 March 2026, the system will handle automated classification, surface analysis, microstructure verification, and integration with production controls to improve traceability.

The rollout is phased. Early stages focus on testing and validation, with broader integration into quality management and regulatory compliance workflows planned for later phases. That phased approach is actually very sensible from a compliance standpoint, and we will come back to why that matters.

What the AI Vision System Does

To understand the compliance implications, you need to understand what the technology is doing at a practical level. A vision AI system in this context uses cameras and machine learning models to inspect products as they move through production. Instead of a human inspector reviewing samples periodically, the AI reviews every unit continuously.

In the Vaxxas application, the system is looking at things like:

• Surface defects or contamination on the patch
• Microstructure integrity, meaning whether the micro-projections are formed correctly
• Consistency across production batches
• Integration with production control data to create a traceable record of each unit inspected

Dr Maciej Trzaskowski, Co-Founder and Managing Director of Profenso, described the value proposition clearly:

“AI vision systems add value by augmenting human oversight, reducing variability and giving teams richer insight into the production quality essential for highly regulated industries.”

That phrase, augmenting human oversight, is the key one. This is not replacing quality professionals. It is giving them better data, faster.

Why This Is Directly Relevant to ISO 13485 and ISO 9001

ISO 13485 is the quality management standard for medical device manufacturers. It shares structural similarities with ISO 9001 but has significantly stricter requirements around traceability, risk management, and documented evidence of conformity. If you are maintaining an ISO 13485 system, the Vaxxas and Profenso partnership touches on several clauses you deal with every day.

Traceability and Record Keeping

ISO 13485 requires manufacturers to maintain records that demonstrate products meet specifications throughout the production process. Traditional inspection methods generate records, but they are often sampled, meaning you inspect a percentage of units rather than every unit. An AI vision system that integrates with production controls can generate a complete inspection record for every unit produced. That is a significant improvement in traceability, and it directly supports compliance with clause requirements around device history records.

Measurement and Monitoring of Production Processes

Both ISO 13485 and ISO 9001 require organisations to monitor and measure processes to ensure they deliver conforming products. AI vision systems do this continuously and consistently. They do not get tired. They do not have bad days. They apply the same classification criteria to the first unit of the day and the last unit of a twelve-hour shift. That consistency directly reduces the variability that human inspection introduces.

Risk-Based Thinking and Process Validation

ISO 13485 places heavy emphasis on risk management, typically aligned with ISO 14971 for medical devices. Introducing AI into a production quality process is itself a change that requires risk assessment and validation. The phased approach Vaxxas and Profenso are taking, starting with testing before broader integration, reflects good practice. You do not simply deploy an AI system and assume it works. You validate it against known good and known defective samples, establish its performance metrics, and document that validation thoroughly before relying on it for compliance decisions.

The Validation Challenge: What Most People Skip Over

Here is where I want to be direct with you, because this is where organisations get into trouble. AI vision systems are impressive, but they are not automatically compliant tools. Before you can rely on an AI system for quality decisions in a regulated environment, you need to validate it. That means demonstrating, with documented evidence, that the system performs as intended under defined conditions.

In a GxP environment, which covers Good Manufacturing Practice, Good Laboratory Practice, and related frameworks, validation is a formal process. For software used in quality-critical applications, you are typically looking at requirements like those in FDA 21 CFR Part 11 for electronic records, or equivalent TGA requirements in Australia, as well as IEC 62304 for medical device software. The AI model itself needs to be validated, not just the hardware it runs on.

Specific validation considerations for AI vision systems include:

• Training data quality: The AI model is only as good as the data it was trained on. If the training dataset does not represent the full range of acceptable and defective products, the model will have blind spots.
• Performance thresholds: You need to define what acceptable performance looks like. What false positive rate is tolerable? What false negative rate is acceptable for a safety-critical product? These are not technical questions. They are quality and risk decisions that quality managers need to make.
• Algorithmic bias: AI models can perform well on average but poorly on edge cases. In a safety-critical context, edge cases are often exactly where failures occur.
• Change control: If the AI model is updated or retrained, that change needs to go through your change control process. A model update is a process change, and it requires documented review and re-validation.

The phased approach Vaxxas and Profenso are taking suggests they understand this. Early testing is not just about getting the technology working. It is about generating the validation evidence you will need to satisfy regulators and certification auditors.

What This Means for ISO Consultants Working in Regulated Industries

If you are an ISO consultant advising clients in pharmaceutical manufacturing, medical device production, or any other regulated sector, AI-driven quality tools are going to become a regular feature of the systems you help maintain. Here is what you need to be thinking about.

AI Tools Need to Be Reflected in Your Quality Management System

When a client introduces an AI vision system, their quality management system documentation needs to be updated. The process descriptions, work instructions, and control plans need to reflect how the AI fits into the inspection workflow. Who reviews AI outputs? What happens when the AI flags a potential defect? What is the escalation path? These questions need documented answers.

Competence Requirements Change

ISO 13485 and ISO 9001 both require organisations to ensure personnel are competent for the roles they perform. Introducing AI into quality inspection does not eliminate the competence requirement. It changes it. Quality personnel now need to understand how to interpret AI outputs, how to recognise when the system may be performing outside its validated parameters, and how to respond appropriately. That is a training need that needs to be documented and addressed.

Internal Audit Scope Needs to Expand

If you are running internal audits for a client using AI quality tools, your audit scope needs to include the AI system. Are the validation records current? Has the system been re-validated following any model updates? Are the performance metrics being monitored? Is there a documented process for handling AI-flagged non-conformances? These are now legitimate audit questions. If you want to build stronger internal audit practices, our guide on how to run ISO internal audits that actually find problems is a good starting point.

Supplier Qualification Applies to AI Vendors

Under ISO 13485, the supplier qualification requirements are strict. If an AI vendor like Profenso is providing a system that is used in quality-critical decisions, they may qualify as a critical supplier. That means your client needs to assess and qualify them, maintain records of that qualification, and monitor their performance. The software updates and model changes the vendor makes are supply chain events that need to be managed.

The Broader Trend: AI in Compliance Is Not Going Away

The Vaxxas and Profenso partnership is one example of a trend that is accelerating across regulated industries. AI is being applied to document review, audit trail analysis, deviation detection, and now real-time production inspection. The ISO 42001 standard for AI management systems exists precisely because organisations need a framework for managing AI responsibly in contexts where the outputs matter.

For quality managers, the practical implication is that your quality management system needs to be capable of absorbing AI tools without losing its integrity. That means robust change control, clear validation requirements, documented competence frameworks, and internal audit processes that are sophisticated enough to assess AI-assisted workflows.

Dr Scott Fry, Chief Operating Officer at Vaxxas, noted:

“Working with Profenso gives us access to leading edge AI innovation tailored for regulated production environments.”

That phrase, tailored for regulated production environments, is doing a lot of work. Generic AI tools built for unregulated applications will not meet the documentation, validation, and traceability requirements of ISO 13485 or GxP environments. The specialisation matters.

Practical Steps for Quality Managers Considering AI Vision Tools

If you are a quality manager in a regulated manufacturing environment and you are considering AI-assisted inspection, here is a practical checklist to work through before you commit to anything.

1. Define the intended use clearly. Is the AI making final accept or reject decisions, or is it flagging for human review? The answer changes your validation requirements significantly.
2. Map the regulatory requirements. Identify which clauses of your quality standard, which TGA or other regulatory requirements, and which GxP guidelines apply to the AI system as a quality tool.
3. Develop a validation plan before you start. Do not wait until the system is installed to think about validation. The validation plan should define acceptance criteria, test protocols, and the evidence you will generate.
4. Assess the AI vendor as a supplier. Review their quality management practices, their approach to model change control, and their ability to provide the documentation you need for your records.
5. Update your quality management system documentation. Process maps, work instructions, and control plans all need to reflect the new workflow.
6. Train your team. Competence records need to show that personnel understand how to work with AI outputs, not just how to perform manual inspection.
7. Include AI performance monitoring in your management review inputs. AI system performance metrics should be reviewed at management review alongside other quality indicators.

Finding the Right Support for Regulated Industry Certification

ISO 13485 certification in a regulated manufacturing environment is genuinely complex, and adding AI tools to the mix increases that complexity. If you are working through this for the first time, or if you are trying to update an existing system to accommodate new technology, getting the right expert support makes a significant difference.

CertBetter connects businesses with verified ISO consultants and accredited certification bodies who have specific experience in regulated industries. Submit one form and receive up to three competing quotes from vetted providers, all at no cost to your business. Whether you need help with initial ISO 13485 certification or guidance on how to integrate AI-assisted quality tools into an existing system, the right consultant can save you significant time and help you avoid the validation and documentation mistakes that lead to non-conformances during audit.