This particular question seems to be a common nonconformity during audits. There are three reasons for this:

the question is on several regulatory checklists for certification bodies,
training on regulatory requirements is seldom provided to design engineers and the responsibility is delegated to an individual with a regulatory title, and
design inputs often focus on solutions to users needs rather than documenting objective criteria for meeting user needs and regulatory requirements.

ISO 13485:2016 has two fundamental changes that are now embedded throughout the entire standard: 1) using a risk-based approach to processes, and 2) meeting regulatory requirements for safety and efficacy. There also have been some significant changes to the design controls section of the standard–including new requirements for creating a design file for devices and establishing procedures for design transfer and design changes.

I am in the process of updating my design controls procedure (http://medicaldeviceacademy.com/design-control-proceduresforms/) for ISO 13485:2016. The procedure already has a strong risk-based approach throughout the design process. In fact, risk management activities are identified at each stage of the design process. The procedure also has a section dedicated to the design transfer process. I have a separate procedure for design change control (http://medicaldeviceacademy.com/change-control-procedureforms/). What’s missing from my procedure is specific methodology for identifying regulatory requirements.

Typically I being regulatory submission projects with a regulatory pathway document where regulatory requirements are specifically identified. The problem with this approach is that my regulatory pathway document is a high-level document that focuses on product-specific requirements. There are many generic medical device regulatory requirements that apply as well. For example:

1. labeling content
2. content in the instructions for use
3. symbology
4. the prescription use “legend”
5. a unique device identifier

I typically include these regulatory elements in my labeling review and approval checklist, but if a client doesn’t have a label and IFU developed yet then they may not have a mechanism to ensure these regulatory requirements are being met.

If you want to make sure that these requirements are addressed in your next design project as design inputs, here are suggested methods. First, convert your essential requirements into design inputs. For European CE Marking, the regulatory requirements for a device can be found in Annex I of the MDD. There are 13 essential requirements, but there are multiple sub-parts so it may seem like more than 50 requirements. Canada also has a list of essential requirements for safety and efficacy. These are documented in the CDMR (i.e., sections 10-23). In fact, 10-20 are identified as “Safety and Efficacy Requirements” and 21-23 are “Labeling.” There are similar requirements for other countries, but the US FDA does not use this approach.

My second recommendation is to link each essential requirement to a user need and a harmonized standard that defines objective and internationally recognized testing standards. Testing standards facilitate development of verification protocols for your benchtop testing.

If you want to learn more about documenting design inputs in your design history file (DHF), you might be interested in next week’s webinar: http://medicaldeviceacademy.com/design-history-file-dhf-webinar-for-21-cfr-820-30j-compliance/.

source: https://www.linkedin.com/groups/2070960/2070960-6123833997136056324