Posts Tagged ‘LinkedIn’

What should governments do when technology changes faster than regulations?

In PDCA on November 17, 2012 at 3:01 am

The original spark of of an idea for this posting came from an article I saw about a new Smartphone App to help people hail a taxi in NYC. This new App is illegal (of course). The argument goes that this new technology will allow people to pay a premium to get a taxi–thus creating a two-tiered system. You can read the article and form your own opinion, but it seems that NYC would benefit from requiring the software to be licensed and validated as well. This would give the city more information and control over taxis. The city could also use this technology to enforce the pricing, make the process of hailing a cab safer, and make it easier for those with disabilities to get the special services they need. Governments are even slower to change than the people, but technology is forcing the issue.

Just a little background music for you to listen to…

In a LinkedIn subgroup I manage (Medical Devices: QA/RA), one of the members recently posted a discussion related to the following article in MIT Technology Review. The proliferation of viruses in hospital computer networks is just one example of the many ways in which technology is moving faster than our government’s ability to write legislation to protect public safety. When database software was first developed, a change to the software version could easily corrupt the database. A few decades later everything has changed except the perception by the regulators. Now the database is total separate from the software. There is even bridge software that allow multiple software applications to interact and update the database(s) simultaneously. No company, or hospital, wants a separate database for billing, patient records, and lab test results. We need enterprise solutions that interact with a robust central database. Banning personnel from downloading updates for the operating system and installing security software is irresponsible and demonstrates the magnitude of ignorance on the part of policy makers.

More than one billion smartphones and tablets will be purchased in 2013, and the number of smartphones already exceeds the planet’s population. My 4-year old is more adept with a tablet computer than my parents–and has been fighting with her older brother and sister for possession of Grandma’s iPad for the past two years. Parents have learned that we can’t keep up with the pace of technology, but we have adapted. We use monitoring technology to keep track of what our children are doing on-line. When we see a disturbing trend, we re-educate our children about unseen risks and block their access when needed.

Governments need to accept that it is no longer possible to predict what direction technology will take our healthcare, transit systems or commerce in general. Monitoring of current trends is the only realistic path. When we can monitor trends, we can make educated decisions on what appears to be safe and what appears to be taking people in the direction of harm.

I am a strong proponent of the Plan-Do-Check-Act (PDCA) model for continuous improvement.

English: Plan-Do-Check-Act Deming circle, also...

English: Plan-Do-Check-Act Deming circle, also known as the Shewart cycle, since Deming claimed he took the idea from him. Later Deming changed it to be Plan-Do-Study-Act, but the first version seems more popular and has become the defacto standard. (Photo credit: Wikipedia)

Governments need to be more open to letting people and companies try “Doing” on a pilot or trial basis. As a pre-requisite to “Doing”, governments can insist upon submission of implementation plans that include monitoring and training provisions. The implementation plans and the training are the “Plan” part of PDCA. The  initial trial/pilot is the “Do” part of PDCA, and implementation of a monitoring program is the “Check” part of PDCA. New and revised regulations should be initiated only after monitoring data has been analyzed, because this is the “Act” part of PDCA. As with any good PDCA cycle, the new and revised regulations should include a plan for training, implementation and monitoring the affects of the regulations. In this way, governments can continuously improve regulations at the pace it is needed and when it is needed. The metrics will also ensure that new regulations are more objective and less politically driven.

If you would like to see the comments others have made regarding the article in MIT Technology Review, please join the following LinkedIn subgroup: Medical Device: QA/RA. You will need to become a member of the parent group (Medical Device Group)–if you are not already one of the 140,000+ members connected with Joe Hage.


Where can I learn about this Quality Management System (QMS) stuff?

In ISO, ISO 13485, Quality Management Systems on November 10, 2012 at 7:03 pm

A blog follower from Jon Speer’s website, Creo Quality, recently sent me a message asking for sources of good guidance on this Quality Management System (QMS) Stuff. There are a bunch of links below for you to follow and some practical advice. Enjoy learning!

J’aime Pink Martini et le chant de China Forbes.

The single best guidance document on the implementation of a QMS system in accordance with ISO 13485 is “13485 Plus” (type in the words in quotes to the CSA search engine).

There are also a bunch of pocket guides you can purchase for either ISO 9001 or ISO 13485 to help you quickly look-up information you are having trouble remembering. One of my Lead Auditor students recommended one pocket guide in particular and she was kind enough to give me her copy.

There are some webinars out there that provide an overview of QMS Standards. Some are free and some have a modest fee. I’m not sure the value is there for these basic overview webinars, but if you need to train a group it’s a great solution. I know BSI has several webinars that are recorded for this purpose.

AAMI has an excellent course on the Quality System Regulations (QSR) which combines 21 CFR 820 and ISO 13485.

There are a number of blogs I recommend on my website.

You can try to identify a local mentor–either in your won company or at your local ASQ Section.

You can join the following LinkedIn subgroup: Medical Device: QA/RA. You will need to become a member of the parent group (Medical Device Group)–if you are not already one of the 140,000+ members connected with Joe Hage. George Marcel and I manage this subgroup for Joe. George is out in the Bay Area and I’m in the Green Mountains.

You can visit the Elsmar Cove website and participate in the discussions you find there. I wrote a blog about Elsmar Cove a while back (wow almost 2 years ago now).

The best way to learn this stuff is to do all of the above.

And for the encore performance…

The Ultimate Design Control SOP

In Design & Development, Design Inputs, Design Outputs, Design Validation, Design Verification, Elsmar Cove, ISO 13485, Medical Device, Procedures, US FDA on May 27, 2012 at 12:33 am

Disclaimer: There is no need to create the Ultimate Design Control SOP. We need medical devices that are safer and more effective.

If Adele is worthy of six Grammy Awards, she’s probably worthy of a blog link too. Rumor has it that this is my personal favorite from Adele.

In my previous blog posting, I indicated six things that medical device companies can do to improve design controls. While the last posting focused on better design team leaders (WANTED: Design Team Needs Über-Leader), this posting focuses on writing stronger procedures. I shared some of my thoughts on writing design control procedures just a few weeks ago, but my polls and LinkedIn Group discussions generated great feedback regarding design control procedures.

One of the people that responded to my poll commented that there was no option in the poll for “zero”. Design controls do not typically apply to contract manufacturers. These companies make what other companies design. Therefore, their Quality Manual will indicate that Clause 7.3 of the ISO 13485 Standard is excluded. If this describes your company, sit back and enjoy the music.

Another popular vote was “one”. If you only have one procedure for design controls, this meets the requirements. It might even be quite effective.

When I followed up to poll respondents asking how many pages their procedures were, a few people suggested “one page”. These people are subscribing to the concept of using flow charts instead of text to define the design control process. In fact, I use the following diagram to describe the design process all the time: The Waterfall Diagram!

From the US FDA Website.

I first saw this in the first AAMI course I took on Design Controls. This is on the FDA website somewhere too. To make this diagram effective as a procedure, we might need to include some references, such as: work instructions, forms, the US FDA guidance document for Design Controls, and Clause 7.3 of the ISO Standard.

The bulk of the remaining respondents indicated that their company has eight or more procedures related to design controls. If each of these procedures is short and specific to a single step in the Waterfall Diagram, this type of documentation structure works well. Unfortunately, many of these procedures are a bit longer.

If your company designs software, active implantable devices, or a variety of device types—it may be necessary to have more than one procedure just to address these more complex design challenges. If your company has eight lengthy procedures to design Class 1 devices that are all in the same device family, then the design process could lose some fat.

In a perfect world everyone on the design team would be well-trained and experienced. Unfortunately, we all have to learn somehow. Therefore, to improve the effectiveness of the team we create design procedures for the team to follow. As an auditor and consultant I have reviewed 100+ design control processes. One observation is that longer procedures are not followed consistently. Therefore, keep it short. Another observed I have made is that well-design forms help teams with compliance.

Therefore, if you want to rewrite your design control SOP try the following steps:

  1. Use a flow chart or diagram to illustrate the overall process
  2. Keep work instructions and procedures short
  3. Spend more time revising and updating forms instead of procedures
  4. Train the entire team on design controls and risk management
  5. Monitor and measure team effectiveness and implement correct actions when needed

The following is a link to the guidance document on design controls from the US FDA website.

Refer to my LinkedIn polls and discussions for more ideas about design control procedures:

  1. Medical Devices Group
  2. Elsmar Cove Quality Forum Members Group

In addition to the comments I made in this blog, please refer back to my earlier blog on how to write a procedure.

How do you control design changes?

In Change Control, Class IIb, Class III, Design & Development, ISO, ISO 13485, ISO 14971, Medical Device, PMA, Quality, Quality Management Systems, Risk Management on May 4, 2012 at 4:59 am

Of JB’s recommended artists, the Josh Abbott Band was probably my favorite. I especially liked this one. I hope every man is lucky enough to know a girl like Texas. I’m lucky enough to have married a girl that grew up in Texas. They are something special.

We have been discussing the best ways to control design changes at work, and I thought it might present an opportunity to have more of an interactive discussion with my readers.

During my rounds as a 3rd party auditor, I have seen quite a few design control procedures. The most complex consisted of 19 procedures (NOT recommended, but there were no nonconformities). The most simple consisted of one 4-page procedure, which I wrote, but I would never recommend being this brief. I have created a couple of polls in my LinkedIn profile for you to respond to if you would like to share your own company’s “design control stats”:


The problem I see is that most projects are not new product designs. Sometimes the projects are not even major design changes. I think most changes involve supplier changes, component specification improvements, and design for manufacturability. These changes require review and approval of changes. These changes must also be recorded and retained as a Quality Record.

My own personal preference is to always open a design project—no matter how small the change is. In order to make the process flexible, I also prefer to define how many design reviews each project will have in the design plan rather than mandating that design reviews be held in a stage-gate fashion for 100% of projects.

Most companies will have a table of requirements with columns added to indicate if the requirements are mandatory for the project or optional. For example, “risk management plan needs to be updated? Yes/No.” I like this approach, because the table of requirements makes the decision making systematic.

Sometimes a change is only to a work instruction for a step in the manufacturing process. In these cases, some companies will use a document change order process to supplement the engineering change order process.

My feeling is that more complex products (i.e. – Class IIb & Class III in EU and Class III/PMA in US) will require more stringent design controls for the change. What does your company do to control design changes?

%d bloggers like this: