Home / Resources / ISO 15189:2022 and POCT

Compliance · Accreditation

ISO 15189:2022 and POCT: what your software must do.

The POCT standard moved house. Here is what assessors now expect from your records — and where software earns its keep.

Published 10 June 2026 · Last reviewed: June 2026 · 5 min read

ISO 15189:2022 is the international standard for quality and competence in medical laboratories — and since its 2022 revision, it is also the standard for point-of-care testing. The previously separate POCT standard, ISO 22870, was withdrawn; its requirements were absorbed into ISO 15189 itself, with the POCT-specific additions collected in Annex A. A clinic or laboratory seeking accreditation for POCT is now assessed under one standard, end to end.

One framing matters before anything else: software is never accredited — the clinic is. No platform can make a service compliant, and any vendor implying otherwise is overreaching. What good software does is hold the evidence: complete, traceable, reviewable records that let an assessor follow any result back to the person, device and control material behind it. That is the sense in which Catenix offers ISO 15189-aware software support.

Where POCT now sits in ISO 15189

Under the old arrangement, a laboratory held ISO 15189 for its core service and added ISO 22870 for point-of-care testing — two documents, one joint assessment. The 2022 revision folded the two together. POCT performed by or under the governance of the laboratory now falls inside the main standard's scope, with Annex A carrying the additional requirements specific to point-of-care settings: governance of the POCT programme, training and authorisation of the (often non-laboratory) staff who run the tests, and quality assurance of results produced away from the bench. For multi-room and multi-site services, that pulls every corridor analyser into the same management system as the central laboratory.

What assessors expect from your records

Assessment styles differ by accreditation body, but the documentary expectations are consistent. Five record sets come up again and again.

  • Operator identity and competency. Every result must be attributable to a named, trained, currently authorised operator — not a shared login. Catenix authenticates operators individually and tracks competency and certification per operator, per method, with expiry awareness, in the quality module.
  • Traceable results. Who ran the test, on which device, at what time, for which patient — answerable for any result, years later. Catenix captures results electronically at the moment of measurement through the connectivity layer, so operator, device and timestamp travel with the value rather than being reconstructed afterwards.
  • QC records and review trails. Control results, the statistical rules applied to them, and the documented human response when something flagged. Catenix charts every control with Levey-Jennings charts and Westgard multi-rule evaluation, can hold a device through a lockout workflow until a failed control is resolved, and keeps the review record. The statistics are the software's; the judgements are recorded as the clinic's own.
  • Document control. Procedures must be versioned, approved and current. This typically lives in the clinic's quality-management system rather than in middleware — we would rather say so plainly than stretch a claim. What Catenix contributes is the surrounding control evidence: role-based access in administration and a tamper-evident audit trail of every state-changing action, so who changed what, and when, is never in doubt.
  • Nonconformity handling. When something goes wrong, assessors want to see it recorded, investigated, corrected and verified. Catenix includes a CAPA workflow — corrective and preventive actions raised, owned and closed out — inside the quality module.

The same evidentiary logic appears under other regimes: CAP accreditation and CLIA in the United States, and JCI internationally, ask for substantially similar records around POCT, even where the clause numbers differ.

Choosing software with the assessment in mind

If accreditation is on your roadmap, evaluate any platform — ours included — by asking it to produce assessor-shaped answers on the spot: show me this result's operator and device; show me the control runs around it and who reviewed them; show me this operator's current competency; show me what changed in configuration last quarter. Software that answers those questions in minutes turns assessment preparation from an archaeology project into a filter. For the wider evaluation, our guide to POCT middleware includes a full buyer's checklist.

← Back to resources

Questions, answered

What clinics ask about accreditation.

Can software be ISO 15189 accredited?

No. ISO 15189 accredits the laboratory or clinical service, not its software. The software's job is to hold the records — operators, results, QC, audit trails — in a form assessors can follow. Catenix is built to support that evidence; the accreditation belongs to the clinic.

What happened to ISO 22870?

ISO 22870, the dedicated point-of-care testing standard, was withdrawn when ISO 15189:2022 was published. Its requirements now live inside ISO 15189, principally as the additional POCT requirements in Annex A, so POCT is assessed under the same standard as the rest of the laboratory.

What POCT records do assessors typically review?

Operator training and competency records, results traceable to operator, device and time, QC results with documented review and responses, controlled and current procedures, and evidence that nonconformities were investigated and closed out.

See Catenix on your bench.

Bring an assessor's question list — we'll answer it live from a working tenant.

Request a demo Explore the platform