If you coordinate point-of-care testing, there is a fair chance you were trained against a standard that no longer exists. For years, POCT quality sat under ISO 22870, the companion document to ISO 15189. That companion has gone. ISO 22870 has been withdrawn, and its requirements now live inside ISO 15189:2022 as Annex A. Same clinic, same analysers, new rulebook, and assessors who expect you to understand the move.

This guide explains, in plain language for people who are not laboratory scientists, what the 2022 revision changed and what the ISO 15189:2022 point-of-care testing requirements now ask you to demonstrate, including the single requirement that decides more POCT assessments than any other.
A quick note before we start: this is educational and operational guidance, not medical or legal advice. For the binding wording, always read the official published standard.
The short version: ISO 22870 is gone, POCT moved into Annex A
Until the 2022 revision, near-patient testing was governed by two documents read together. ISO 15189 set the requirements for medical laboratories, and ISO 22870 added the point-of-care specifics: who supervises testing outside the main laboratory, how operators are trained, and how results are controlled.
ISO 15189:2022 folded that second document into itself. ISO 22870 is withdrawn, and POCT requirements now appear in Annex A of ISO 15189:2022. If your quality manual still cites ISO 22870 as the controlling standard for your near-patient testing, that reference is out of date, and an assessor will notice.
The practical effect is simple to state. POCT is no longer treated as a bolt-on. It is part of the same quality system that governs the central laboratory, held to the same expectations for competence, control and records.
What actually changed in 2022
The headline is not a longer checklist. It is a change of emphasis.
Risk now sits at the centre
The 2022 revision pushes risk management and patient safety to the front. Instead of only asking whether you followed a procedure, it asks whether you have thought about what could go wrong in your specific setting, what the consequences would be for the patient, and what you have put in place to reduce that risk. For POCT, that means looking honestly at things like an untrained member of staff running a device out of hours, an expired reagent lot reaching a patient, or a failed control being waved through.
Fewer prescriptive clauses, more accountability
The revision is less prescriptive in places and more outcome-focused. It expects you to define how you achieve quality, then show evidence that your own system works in practice. That is good news for busy clinics, because it allows sensible local design. It is also harder to fake, because the evidence has to be real and retrievable.
What the ISO 15189:2022 point-of-care testing requirements ask you to prove
You do not need to be a scientist to meet Annex A, but you do need to show five things clearly. Here is each one in plain terms.
A named person responsible for POCT
There has to be a designated person, supported where appropriate by a multidisciplinary group, who owns POCT quality. This person is accountable for the devices in use, for who is trained and authorised to operate them, and for the oversight that keeps testing safe. Naming someone is not enough on its own. The role needs defined responsibilities and evidence that the oversight actually happens.
Defined verification before a device goes live
Before a device is used on patients, you are expected to confirm that it performs acceptably in your hands and your environment, not just on the manufacturer’s bench. That verification should be planned, recorded and signed off, with a clear decision that the device is fit for clinical use. The same thinking applies when you add a new test, a new site or a new analyser to the fleet.
Internal quality control and external quality assessment
Two controls run in parallel. Internal quality control checks that a device is performing day to day, using known material so that drift or failure is caught before it reaches a patient result. External quality assessment compares your results against other sites testing the same material, which is how you find problems your own controls cannot see. Annex A expects both to be in place, with documented action when a result falls outside acceptable limits.
Traceable records from sample to sign-off
This is the requirement assessors return to most often, so it has its own section below. In short, you must be able to show who did what, on which device, with which reagent, under what control status, for any result you reported.
Management review and continual oversight
POCT has to be reviewed alongside the rest of the quality system. That means regular review of performance, incidents, control failures, competency and corrective actions, with records that show the review led to decisions and the decisions led to change. Oversight is continual, not an annual scramble before the assessor arrives.
The transition assessment, and where clinics lose marks
Accreditation bodies set a transition window for moving from the old framework to ISO 15189:2022, running three years from the December 2022 publication and ending in late 2025. During a transition assessment, clinics are checked against the new structure, and POCT under Annex A is part of that review.
The marks tend to be lost in predictable places. Quality manuals that still name ISO 22870. A named POCT lead on paper with no evidence of active oversight. Verification that was done but never formally recorded. Control failures that were resolved informally with nothing written down. And, more than anything, records that exist but cannot be pulled together quickly when an assessor asks you to trace a single result back to its operator, reagent and control.
The requirement that decides most assessments: traceable records
Ask anyone who has sat through a POCT assessment what gets probed hardest, and the answer is traceability. An assessor will often pick one result and ask you to reconstruct it. Who ran this test? Were they trained and authorised at the time? Which device and reagent lot were used? Had quality control passed that day? When was it reviewed, and by whom?
If those answers live across a paper logbook, a device printout, a training folder and someone’s memory, reconstructing them is slow and error-prone. Gaps appear. A lot number is missing, a control sheet was never filed, an operator’s competency record lapsed without anyone noticing. None of that means the testing was unsafe, but it becomes very hard to prove it was safe, and proof is what accreditation rests on.
This is the practical problem POCTIFY was built to remove. POCTIFY provides digital solutions for point-of-care testing that work with the devices and systems you already use, capturing each result together with the operator who ran it, the reagent lot, the quality control status and the time, automatically, as testing happens. Instead of reconstructing the story from paper after the fact, you hold a complete, time-stamped record from the moment the result is produced. When an assessor asks you to trace one result, the answer is already assembled.
The same record helps day to day, not only at assessment. You can see at a glance which operators are due for re-assessment, which devices have an overdue control, and which sites need attention. That is the continual oversight Annex A asks for, kept current without extra paperwork.
A practical readiness check
Use this as a quick self-test before any transition or surveillance assessment:
- Does every current document refer to ISO 15189:2022, with no surviving references to ISO 22870?
- Is there a named POCT lead with written responsibilities and recent evidence of oversight?
- Can you produce a signed verification record for each device and test in use?
- Are internal quality control and external quality assessment both running, with documented action on failures?
- Can you trace any single result to operator, device, reagent lot and control status in minutes, not hours?
- Does management review cover POCT, and do the records show decisions being made and acted on?
If any answer is uncertain, that is where to focus first.
Where to go next
ISO 15189:2022 did not make POCT harder to do well. It made the expectations clearer and put your evidence under a brighter light. The clinics that find assessment calm are the ones whose records assemble themselves, because the proof was captured as the work happened rather than rebuilt afterwards.
If you would like help mapping Annex A to your own devices, sites and workflows, Talk to POCTIFY. We will look at how your testing runs today and where automatic, traceable records would take the most weight off your team.
Frequently asked questions
Is ISO 22870 still valid?
No. ISO 22870 has been withdrawn. The point-of-care testing requirements it contained now sit in Annex A of ISO 15189:2022. Quality documents that still cite ISO 22870 as the controlling standard for near-patient testing should be updated.
Where are the POCT requirements in ISO 15189:2022?
They are in Annex A, which covers near-patient and point-of-care testing specifically, alongside the main body of the standard that applies to all testing. This article describes the expectations in plain words; for the binding text, consult the official published standard.
Do we need a named person responsible for POCT?
Yes. Annex A expects a designated individual, often supported by a multidisciplinary group, who is accountable for POCT quality, device selection, operator authorisation and oversight, with records that show the oversight genuinely takes place.
What is the single most common gap at a POCT assessment?
Traceability. Being unable to link a reported result quickly to its operator, device, reagent lot and quality control status is the issue assessors raise most. Capturing those details automatically as testing happens removes the gap before it appears.
When did clinics have to transition to ISO 15189:2022?
Accreditation bodies set a three-year transition window from the December 2022 publication, ending in late 2025. Clinics moved during a transition assessment that checks them against the new structure, including Annex A for point-of-care testing.
Does ISO 15189:2022 require both internal quality control and external quality assessment?
Yes. Annex A expects internal quality control for day-to-day device performance and external quality assessment to compare your results against other sites, with documented action whenever a result falls outside acceptable limits.

