CFR Part 820. In the EU, the Medical Device Regulation (MDR) outlines similar requirements. ISO 13485 provides a framework for a QMS that meets these regulatory demands.

• Objectives: Familiarize yourself with the relevant regulations and standards.
• Documentation: Maintain a regulatory requirements matrix that outlines applicable regulations and standards.
• Roles: Quality managers and regulatory affairs professionals should lead this effort.
• Inspection Expectations: Inspectors will review your understanding of applicable regulations and your documentation practices.

For more detailed information, refer to the FDA’s medical device guidance.

Step 2: Establishing Design Controls

Design controls are systematic measures that ensure the design process meets user needs and intended uses. According to the FDA, design controls should be established early in the product development lifecycle.

• Objectives: To ensure that all design inputs, outputs, verification, and validation processes are documented and controlled.
• Documentation: Key documents include Design Input Requirements, Design Output Specifications, Design Review Records, and Design Verification and Validation Plans.
• Roles: Design engineers, quality assurance personnel, and project managers should collaborate to create and maintain these documents.
• Inspection Expectations: Inspectors will evaluate the adequacy of design controls and the traceability of design inputs to outputs.

For practical examples, consider a small medical device company developing a new infusion pump. They would need to document user needs, define design inputs such as safety features, and establish design outputs that meet these inputs.

Step 3: Implementing Risk Management (ISO 14971)

Risk management is an integral part of the design process. ISO 14971 provides a structured approach to identifying, evaluating, and controlling risks associated with medical devices.

• Objectives: To systematically identify potential hazards, estimate and evaluate risks, and implement controls to mitigate those risks.
• Documentation: Risk management files should include a risk analysis report, risk evaluation, risk control measures, and a post-market surveillance plan.
• Roles: Risk management teams should include quality managers, regulatory affairs professionals, and design engineers.
• Inspection Expectations: Inspectors will look for comprehensive risk management documentation and evidence of risk control measures being implemented.

For instance, in the development of a surgical instrument, the team would conduct a failure mode and effects analysis (FMEA) to identify risks associated with the device’s use and design appropriate controls.

Step 4: Design Verification and Validation

Verification and validation (V&V) are critical to ensuring that the design meets the specified requirements and that the device performs as intended in real-world conditions.

• Objectives: To confirm that the design outputs meet the design inputs and that the device performs as intended.
• Documentation: Verification and validation protocols, reports, and any deviations from the planned activities should be documented.
• Roles: Quality assurance teams and design engineers should work together to execute V&V activities.
• Inspection Expectations: Inspectors will review V&V documentation to ensure compliance with design controls and risk management requirements.

For example, if a company is developing a new diagnostic device, they would need to conduct clinical trials to validate that the device accurately diagnoses conditions as intended.

Step 5: Technical Documentation and Submission

Once the design and risk management processes are complete, the next step is to compile the technical documentation required for regulatory submission. This documentation is essential for demonstrating compliance with regulatory standards.

• Objectives: To prepare comprehensive technical documentation that supports the safety and efficacy of the device.
• Documentation: The technical file should include design history files (DHF), risk management files, labeling, and clinical evaluation reports.
• Roles: Regulatory affairs professionals should lead the compilation of the technical documentation, with input from design and quality teams.
• Inspection Expectations: Inspectors will assess the completeness and accuracy of the technical documentation during audits.

In the case of a small company submitting a new orthopedic implant for FDA approval, the technical documentation would need to include all design and risk management information, along with clinical data supporting its use.

Step 6: Post-Market Surveillance and Continuous Improvement

After a device is on the market, ongoing monitoring is essential to ensure continued compliance and safety. Post-market surveillance activities help identify any issues that may arise after the product launch.

• Objectives: To monitor the performance of the device in the market and identify any potential risks.
• Documentation: Post-market surveillance reports, customer feedback, and adverse event reports should be documented and reviewed regularly.
• Roles: Quality assurance and regulatory affairs teams should collaborate to analyze post-market data and implement necessary changes.
• Inspection Expectations: Inspectors will review post-market surveillance activities and documentation to ensure compliance with regulatory requirements.

For example, if a company receives reports of device malfunctions, they must investigate these incidents and take corrective actions as necessary, which may include design changes or additional training for users.

Conclusion

Implementing effective design controls and risk management practices is essential for small and mid-sized medical device companies to ensure compliance with regulatory requirements. By following this step-by-step guide, organizations can establish a robust QMS that not only meets FDA and ISO standards but also fosters a culture of quality and safety. Continuous improvement and post-market surveillance are vital components of this process, ensuring that products remain safe and effective throughout their lifecycle.