Accreditation · Checklist

ISO 15189:2022: a practical checklist for small and independent labs

A plain-English, section-by-section checklist for small teams who run the bench, the QMS and the accreditation prep all at once. Use it as a self-assessment before your assessment. Roughly an 8-minute read.

ISO 15189 is the international standard for quality and competence in medical laboratories, and in the UK it's the basis on which UKAS grants accreditation. The 2022 revision reorganised the standard, folded risk management through everything, and brought point-of-care testing fully into scope. For a large hospital lab with a dedicated quality department, that's business as usual. For a small or independent lab — where the same handful of people run the bench, the QMS and the accreditation prep — it can feel daunting.

This is a plain-English checklist to help you see the wood for the trees. It won't reproduce the standard (you'll need your own copy of ISO 15189:2022 for the exact clauses), but it maps the areas an assessor will explore and the evidence you'll want ready. Use it as a self-assessment before your assessment.

A laboratory professional in a small independent lab working through an accreditation checklist on a tablet beside an analyser, with FreshLIMS on the monitor.
In a small lab the same people run the bench and the accreditation prep. A checklist you can walk calmly, months ahead, is worth more than a last-minute scramble.

First, the mindset shift in the 2022 version

Two themes run through ISO 15189:2022, and grasping them makes the rest easier:

Risk-based thinking is everywhere. Rather than a single "do a risk assessment" box, the 2022 standard expects you to consider risk to patients and to the reliability of results across the whole testing process. Wherever you make a decision — a method, a reference range, a release rule — be ready to explain the risk you considered and how you control it.

The patient comes first, explicitly. Impartiality, confidentiality and patient welfare are stated up front. Your processes should visibly protect the patient, not just the result.

Keep both in mind as you work through the areas below.

The checklist

1. Governance, impartiality and confidentiality

  • A clear organisational structure: who is responsible for the lab, for quality, and for technical decisions.
  • Defined roles and competencies for everyone who touches a result.
  • Safeguards for impartiality (no commercial or personal pressure distorting a result) and for patient confidentiality and data protection.
  • A quality policy and measurable quality objectives that the team actually knows about.

2. People (competence and training)

  • Job descriptions and authorised-signatory lists kept current.
  • Documented training, competency assessment and ongoing-competence records for each role.
  • Evidence that staff are authorised for the specific tasks they perform.

3. Facilities and environment

  • Suitable, controlled environment for testing (temperature, contamination control, access).
  • Monitoring records for conditions that affect results (fridges, freezers, incubators).
  • Separation of incompatible activities where needed.

4. Equipment, reagents and consumables

  • An inventory of equipment with calibration and maintenance schedules — and the records to prove they're followed.
  • Reagent and consumable lot tracking, acceptance checks, and storage-condition records.
  • Clear handling of equipment that goes out of service or gives suspect results.

5. Pre-examination (before the test)

  • Documented requesting, sample collection, labelling, transport and acceptance/rejection criteria.
  • Unique identification that links every sample to the right patient throughout its life.
  • A handling path for sub-optimal samples that protects the result.

6. Examination (the test itself)

  • Validated or verified methods, with records showing they perform as required in your hands.
  • Defined measurement uncertainty where relevant, and per-assay reference intervals.
  • Internal quality control designed around the risk of the assay — for example Levey-Jennings charting with the Westgard multirules, so a run that breaches a rule is caught and investigated before results go out. (Our short explainer on Westgard rules and live QC and the free Westgard calculator walk through this.)
  • Participation in external quality assessment (EQA/proficiency testing) and a documented response when performance slips.
FreshLIMS Levey-Jennings QC chart with a flagged Westgard rule violation and an open investigation panel.
Internal QC the way an assessor wants to see it: Levey-Jennings charting with Westgard multirules evaluated live, so a breach is caught and investigated at the time — not reconstructed at month-end.

7. Post-examination (results and reporting)

  • A defined review-and-authorisation step before a result is released, by an authorised person.
  • Reports that are clear, traceable and include the information the standard expects (reference ranges, interpretive comments where appropriate, identification of the authoriser).
  • Critical/panic-value handling: thresholds defined and a documented, timely escalation path.
  • Retention of samples and records for the required periods, and controlled amendment of any report that changes after release.

8. Data, information systems and integrity

This is where many small labs lose easy marks, and where a modern LIMS earns its keep:

  • An audit trail showing who did what and when, that cannot be silently altered (the ALCOA+ data-integrity principles — attributable, legible, contemporaneous, original, accurate, and complete, consistent, enduring, available).
  • Access control: individual logins, role-based permissions, and ideally multi-factor authentication, so people can only do what their role allows.
  • Validation of any IT system that handles patient results, plus change control when it's updated.
  • Backups, business-continuity arrangements, and protection of patient data in line with UK GDPR.
FreshLIMS QC investigation record showing the rule that fired, the assigned investigator, a workflow stepper from detection to resolution, the Levey-Jennings chart, and a timestamped audit trail.
A timestamped, append-only audit trail — who did what, when, and why — is where small labs win or lose easy marks on data integrity.

9. The management system

  • Controlled documents and records (current versions in use, obsolete ones withdrawn).
  • A nonconforming-work process: how you record, contain and correct things that go wrong, and how you prevent recurrence.
  • Internal audits and a management review that actually drive improvement.
  • Handling of complaints, and a continual-improvement loop you can evidence.

How a fit-for-purpose LIMS reduces the burden

You can pass ISO 15189 with spreadsheets and folders — plenty of labs have. But a lab information management system built around the standard removes a lot of the manual evidence-gathering that eats a small team's time. The pieces that matter most for accreditation are the audit trail, controlled QC, authorised result release, reference ranges and panic values, and a validation pack you can hand to an assessor.

FreshLIMS was built with these in mind. It includes a Westgard QC engine with Levey-Jennings charting and one-click investigations, per-assay reference ranges and panic-value alerts, an append-only audit trail with e-signatures, role-based access and MFA, and a validation pack (system requirements, IQ/OQ/PQ scripts and a data-integrity statement) provided from day one. To be clear about what that means: the laboratory holds the accreditation, not the software — but the software is designed to support your submission and shorten the IT-systems part of your assessment. As a real-world proof point, an independent diagnostic laboratory in London passed a UKAS ISO 15189 assessment and a CQC inspection while running FreshLIMS.

A simple way to use this checklist

Walk each section and mark every line green (evidence ready), amber (exists but needs tidying) or red (a gap). Tackle red first, then amber. Do this a few months before your assessment or re-assessment, not the week before — the value is in finding gaps while you still have time to close them calmly. For a deeper look at the assessment day itself, see our ISO 15189 readiness guide.

Frequently asked questions

What changed in ISO 15189:2022 compared with 2012?
The standard was restructured to align with ISO/IEC 17025, risk-based thinking was woven throughout rather than treated as a single requirement, the patient-focus and impartiality requirements were made more explicit, and point-of-care testing was brought into the main standard.

Does a small lab need a LIMS to meet ISO 15189?
No — the standard doesn't mandate any particular software. But a system that automates the audit trail, QC and authorised result release makes the evidence far easier to produce and maintain, which is where small teams tend to feel the strain.

How long does ISO 15189 accreditation take to prepare for?
It varies, but most labs benefit from several months of preparation. Approaching your QMS and evidence well ahead of the assessment window — rather than in a last-minute scramble — consistently goes better.

Can software be "ISO 15189 accredited"?
No. Accreditation is granted to a laboratory, not to a product. Software can support and align with the standard, but any vendor claiming their product is itself "ISO 15189 accredited" is misusing the term.

This article is general guidance, not a substitute for ISO 15189:2022 itself or advice from your accreditation body. Always work from the current standard and your assessor's guidance.

See how FreshLIMS handles the QC, audit-trail and reporting evidence.

Built for independent UK labs: live Westgard QC, an append-only audit trail, authorised result release and a validation pack from day one. The first month is free, no card required.

Explore the Lab Platform Start free trial