Different Standards for Design Controls
As Dr. Simon mentioned during the lectures this week; companies often interpret the standards outlined in ISO 13485 & 21 CFR 820.30 in a manner that suits them the best. Some may include a whole separate document for output results, others may include all data in the DHF and be done with it.
What factors do you think go into deciding how to interpret these guidelines? Are there any shortcomings/benefits to a certain method? Are there any examples of this you can share?
This is a good question, there are many factors that come into play that determine how regulatory standards are actually put into practice. I think a major one is how much time the team has to complete all their deliverables. If deadlines are very tight, the team may be more inclined to combine documents into one single record for convenience; less documents means less paperwork that needs to get approved. For example, a Design Matrix compiles design inputs, outputs, and other items all into one large spreadsheet. However, I would imagine that the DC project team could just replicate what was done for previously released products if they exist. Since those past products already made it through regulatory scrutiny, there's no need to reinvent the wheel.
Some factors that play a role in deciding how to interpret standard guidelines are the novelty of the device, the risk the device poses, or the complexity of the device. When designing a new, complex, and risky device, it’s important for companies to follow all guidelines set forth in standards and display all documentation resulting from the design control process in an organized and effective way. For these types of devices, it’s important to develop all documents as described in standards to ensure that manufacturers perform their tasks correctly, customers understand the inputs and outputs of their devices, etc. Organized documentation throughout the entire development process of a device ensures that checks are being conducted throughout all stages and that all future stages are being performed correctly. Proper documentation decreases the risk of a faulty device which can do more harm than taking some more time to document all steps of the design control process. Has anyone ever experienced a situation like this (or know of a company that has)? I'm interested in hearing more opinions about this!
I believe companies do all sorts of analyses to understand what the best approach is to adhere to the standards posed in ISO 13485 and 21 CFR 820:30, depending on project timeline and difficulty/risk of the project they are taking. I agree with @es446 and @gdecarvalho, these are all factors that can determine whether or not a team wants to fully outline and make clear the results of their validation/verification testing or to lump everything together in the DHF. I think another factor that has not been mentioned yet is taking into account the amount of scrutiny that the regulatory agency is going to give to the project. Like was previously mentioned, if the device is completely novel, there is going to be a lot more eyes on the project than something that may have a predecessor or a similarly designed device already on the market.
I can think of two major factors that would apply here. One is the size of your company. The other is the type of products your company makes. If you work in a very small company, you may be limited in your documentation by the amount of people who are available to write these documents. You may also be limited by the experience of the limited amount of people working at the small company. A larger company will have more people devoted to getting these documents in shape and they will also more likely have highly experienced personnel working on their structure which can help make these documents be set up in a more efficient or well defined way. The other consideration that I think is important is the type of product your company makes. A very materials based company will probably have a very different emphasis on certain things in these documents compared to a more software based medical device company (creating things like apps.)
On the contrary of what some of the replies state, I think that regardless of the company size/status and deadlines, all companies have an outlined plan to adhere to the standards mentioned above. Even if the company is newly founded, the severity of the standards would prompt them to bring on project managers and relative positions that are very well versed and very experienced with the ISO 13485 & 21 CFR 820.30 standards. I do however agree that the classification of the device can alter how the standards are followed, since the risk factors that determine the class of the device affect how strict the guidelines or standards are. Overall, I believe the standards are extremely vital and the medical companies know this, they follow the standards depending on the risk class of the device but also learn from the process over the years or decades of releasing new medical devices.