How to Use the Design Process to Manage Risk: Why It Matters

environmental • failure analysis & prevention • health • technology development
How to Use the Design Process
to Manage Risk:
Elements of Design Controls and
Why It Matters
Kevin L. Ong, Ph.D., P.E.
Managing Engineer, Medical Device Consultant
Exponent Inc., Philadelphia, PA
A leading engineering & scientific consulting firm dedicated to helping our clients solve their technical problems.
2
“There’s never time to do it right, but there’s
always time to do it over.”
http://curiousphotos.blogspot.com/
http://curiousphotos.blogspot.com/
http://americancommondefencereview.wordpress.com/
3
Overview





Where do design controls fit in?
Elements of design controls
Design controls and the FDA
ISO and Medical Devices Directive
Managing risk against product
liability claims
http://www.endlessautumn.net/documentation/
4
Medical Device Development
Technology and
Business
Forecasting and
Planning
Design Control
Safety/Efficacy
Research, Development
Production, Design
Cycle, Performance
Testing
5
Areas of Risk
Risk to safety of
patients, users, handlers
Business
Regulatory
Product liability
6
Quality System Regulation
 QSR, 21 CFR Part 820 - 1996 (eff. 1997) replaced the 1978 Good
Manufacturing Practices (GMP) for medical devices
 Ensure that good QA practices are used for medical device design
and that they are consistent with quality system requirements
worldwide
 Applies to finished medical devices intended to be commercially
distributed for human use: some exemptions for Class I devices
 Harmonized with efforts by Global Harmonization Task Force
7
21 CFR Part 820 - Quality System Regulation
Subpart A – General Provisions
820.1
Scope
820.3
Definitions
820.5
Quality System
Subpart B – Quality System Requirements
820.20
Management Responsibility
820.22
Quality audit
820.25
Personnel
Subpart C – Design controls
820.30
Design controls
Subpart D – Document controls
820.40
Document controls
Subpart E – Purchasing controls
820.50
Purchasing controls
Subpart F – Identification and traceability
820.60
Identification
820.65
Traceability
Subpart G – Production and process controls
820.70
Production and process controls
820.72
Inspection, measuring and test equipment
820.75
Process validation
Subpart H – Acceptance activities
820.80
Receiving, in-process and finished device accept.
820.86
Acceptance status
Subpart I – Nonconforming product
820.90
Nonconforming product
Subpart J – Corrective and preventative action
820.100
Corrective and preventative action
Subpart K – Labeling and packaging control
820.120
Device labeling
820.130
Device packaging
Subpart L – Handling, storage, distribution and installation
820.140
Handling
820.150
Storage
820.160
Distribution
820.170
Installation
Subpart M – Records
820.180
General requirements
820.181
Device master record
820.184
Device history record
820.186
Quality system record
820.198
Complaint files
Subpart N – Servicing
820.200
Servicing
Subpart O – Statistical techniques
820.250
Statistical techniques
8
Significance Of Design Controls
“FDA found that approximately 44% of the quality
problems that led to voluntary recall actions during this
6-year period were attributed to errors or deficiencies
that were designed into particular devices and may
have been prevented by adequate design controls.”
Federal Register, October 7, 1996
21 CFR Parts 808, 812, and 820
Medical Devices; Current Good Manufacturing
Practice (CGMP); Final Rule
9
2010 Warning Letters
 FDA issued 89 Warning
Letters to medical device
companies for QS/GMP
deficiencies
QS subsystem # warning
letters with
cite
% warning
letters with
cite
Corrective and 81
preventive
actions
91
Production &
process
controls
69
78
Design
controls
49
55
Management
controls
43
48
Document
controls
33
37
Source: CDRH
http://www.fda.gov/downloads/AboutFDA/CentersOffices/CDRH/CDRHTransparency/UCM256354.pdf
10
Most Frequent Quality Systems Warning Letter Cites 2010










21 CFR 820.198(a)
42
21 CFR 820.100(a)
30
21 CFR 820.75(a)
28
21 CFR 820.22
26
21 CFR 820.184
21
21 CFR 820.20(c)
19
21 CFR 820.30(i)
18
21 CFR 820.90(a)
18
21 CFR 820.30(g)
17
21 CFR 820.50 (general) 17
Design changes
Design validation
Source: CDRH
http://www.fda.gov/downloads/AboutFDA/CentersOffices/CDRH/CDRHTransparency/UCM256354.pdf
11
Design Control Warning Letter Cites 2010










21 CFR 820.30(i) - Design Changes
21 CFR 820.30(g) - Design Validation
21 CFR 820.30(a) - General
21 CFR 820.30(j) - Design History File
21 CFR 820.30(c) - Design Input
21 CFR 820.30(f) - Design Verification
21 CFR 820.30(e) - Design Review
21 CFR 820.30(d) - Design Output
21 CFR 820.30
21 CFR 820.30(b) - Design & Development Planning
18
17
14
6
4
4
3
3
2
1
12
FDA Design Control Guidance
 Assist manufacturers in understanding
quality system requirements concerning
design control
 Make systematic assessment of the
design an integral part of development
 Increase the likelihood that the design
transferred to production will translate
into a device that is appropriate for its
intended use
 Applies to the design of medical devices
and associated manufacturing processes;
new designs as well as modifications or
improvements to existing device designs
13
Application of Design Controls
User
Needs
Review
Design
Input
Design
Process
Verification
Requirements
are fulfilled
Validation
Intended use
is fulfilled
Design
Output
Medical
Device
14
Elements of Design Controls CFR 820.30
Establishment, maintenance, and documentation of:









Design and Development Planning
Design Input (Requirements)
Design Output (Specifications)
Design Review
Design Verification (Meets specifications)
Design Validation (Meets clinical needs)
Design Transfer (Moves from design to manufacturing)
Design Changes
Design History File
15
Medical Device Classification
 Class I - General Controls
 Minimal potential harm to the user, e.g., elastic bandages, examination gloves
 Prohibit adulteration and misbranding; allow for bans and restriction of sale and
distribution; notification of risk and of repair, replacement or refund; registration of
manufacturers and listing of devices
 Most are exempt from the premarket notification and/or GMP regulation
 Class II – General Controls with Special Controls
 Those for which general controls alone are insufficient to assure safety and
effectiveness, e.g. infusion pumps, surgical drapes
 Special controls may include special labeling requirements, mandatory performance
standards, patient registries, postmarket surveillance
 Few Class II devices are exempt from the premarket notification
 Class III - General Controls and Pre-Market Approval
 Those for which insufficient information exists to assure safety and effectiveness solely
through the general or special controls, e.g., implantable pacemaker, artificial disc
replacement
 Pre-Market Approval (PMA) application – scientific review
 Clinical data may be necessary - IDE/HDE
16
Design Control – Scope § 820.30(a)
 Design control requirements apply to:
 All Class II and Class III devices
 The following class I devices:
 Devices automated with computer software
 Tracheobronchial suction catheters
 Surgeon's gloves
 Protective restraints
 Manual radionuclide applicator system
 Radionuclide teletherapy source
17
Design & Development Planning - § 820.30(b)
 Product concept is usually outlined in a set of marketing
requirements and include the “wish list” for device features and
functionality
 Is there a market opportunity for the device?
 Where will the new device be used and who will use it?
 How will the new device be used?
 How long will the new device be used?
 Once the project moves forward, a project plan is drawn up to
guide and control the design and development of the device
 Implementation of design controls is initiated
18
Design & Development Planning - § 820.30(b)
 Establish and maintain plans that:
 Describe or reference design and development
activities
 Define responsibility for implementation
 Identify or describe interfaces with different groups or
activities
 Review, update and approve plans as design
and development evolves
19
Design & Development Planning - § 820.30(b)
 Elements include:
 Major tasks
 Deliverables
 Responsible individuals/units, including interface with
suppliers, contractors
 Resources
 Project timeline, milestones
 Major reviews and decision points
 Review teams
 Design documentation
 Planning method:
 Flow diagram or spreadsheet
 Gantt chart
20
Design Input - § 820.30(c)
 Design input means the physical and performance
requirements of a device that are used as a basis for
device design
 Establish and maintain procedures to assure that device
design requirements:
 Are appropriate
 Address the intended use of the device
 Include in procedures a mechanism for addressing
requirements that are:
 Incomplete
 Ambiguous
 Conflicting
21
Design Input - § 820.30(c)
 Starting point for product design
 Usually fall into three categories:
 Functional requirements specify what the device does,
focusing on operational capabilities and processing of inputs
and resultant outputs.
 Performance requirements specify how much or how well the
device must perform, addressing speed, strength, response
times, accuracy, limits of operation, etc. Also includes device
reliability and safety requirements
 Interface requirements specify characteristics critical to
compatibility with external systems; specifically, those
characteristics which are mandated by external systems and
outside the control of the developers. An example is important
in every case is the user and/or patient interface
22
Types of Design Inputs
 Intended Use
 User Needs
 Physical/chemical
characteristics
 Performance
characteristics
 Safety
 Reliability
 Environmental limits
 User interfaces
Regulatory requirements
Labeling
Human factors
Maintenance
Compatibility with other
devices
 Sterilization
 Energy source
 Toxicity and
biocompatibility





23
Sources of Design Inputs
 Customer input through focus
 Performance requirements
groups, surveys, etc.
stipulated by the FDA,
voluntary standards, or other
 Comparison testing of competitor
regulatory agencies
product for specific performance
criteria or other benchmarking
 Literature review
activities
 Input from cross-functional
 Review of similar product
teams (R&D, Quality,
histories to include production
Regulatory, Marketing,
data for scrap, rework, testing
Manufacturing, etc.)
 Review of complaints, MDRs,
FDA Enforcement Reports, recall
of similar products or earlier
generations of the product
24
Design Output - § 820.30(d)
 Design output means the results of a design effort at each
design phase and at the end of the total design effort. The
finished design output is the basis for the device master
record. The total finished design output consists of the
device, its packaging and labeling, and the device master
record
 Establish and maintain procedures for…
 Defining and documenting design output in terms that allow
an adequate evaluation of conformance to design input
requirements
 Containing or referencing acceptance criteria
 Ensuring design outputs essential for the proper functioning of
the device are identified
25
Design Output - § 820.30(d)
 Design output are the design specifications which should
meet design input requirements, as confirmed during
design verification and validation and ensured during
design review
 The output includes the device, its labeling and
packaging, associated specifications and drawings, and
production and quality assurance specifications and
procedures
26
Types of Design Output
 Production specifications and other descriptive materials that
define and characterize the design
 Production specifications – used to procure components, fabricate,
inspect, install, maintain and service the device
 Other materials that are necessary for establishing conformance,
but are not used in device production:
 Biocompatibility test results
 Bio-burden test results
27
Design Review - § 820.30(e)
 Documented, comprehensive, systematic examination of a
design to evaluate adequacy of requirements, capability of
design to meet requirements, and to identify problems
 Establish and maintain procedures for design reviews
 Plan and conduct formal documented design reviews of the
design results at appropriate stages
 Include at each design review
 Representatives of all functions concerned
 Independent reviewer for the stage being reviewed
 Any specialists needed
28
Considerations for Design Review
 Formal process to evaluate design, resolve concerns, and
implementation of corrective actions
 Required for phase approval
 Formal design review prior to release for manufacture and
distribution
 Responsibility and authority for decision-making
 Determine frequency of review and design phases for review
 Controlling documentation and record keeping
 Competency of reviewers in terms of background and
experience
29
Design Verification §820.30(f) vs.
Design Validation §820.30(g)
Design Verification…
Did I make the product right?
i.e. specified requirements have been fulfilled
Design Validation…
Did I make the right product?
i.e. device specifications conform with user needs and
intended use(s)
30
Design Verification – § 820.30(f)
 Establish and maintain procedures for verifying the
device design
 Confirm design output meets design input
requirements
 Types of verification activities include:
 Inspections
 Tests
 Analyses
31
Examples of Design Verification Activities







Evaluation of physical characteristics
Mechanical/chemical/electrical testing
Failure modes and effects analysis
Package integrity testing
Biocompatibility testing
Sterility testing
Comparison against predicate device with successful
history
32
Design Validation – § 820.30(g)
 Establish and maintain procedures for validating
the device design
 Perform design validation
 Conform to defined user needs and intended uses
 Under actual or simulated use conditions
 Under defined operating conditions
 On initial production units, lots, or batches or their
equivalents
 Includes software validation and risk analysis, where
appropriate
33
Examples of Design Validation Activities
Clinical studies
Consumer preference testing
Bench testing under simulated use conditions
Review of labeling and packaging
Environmental testing (e.g. stress during shipping
and installation)
 Testing that distinguishes between customers,
users, and patients





34
Design Transfer – § 820.30(h)
 Establish and maintain procedures to ensure that the device
design is correctly translated into production specifications
 Design moves from R&D to manufacturing
 Specifications ensure that manufactured devices are repeatedly
and reliably produced within product and process capabilities
35
Types of Production Specifications







Assembly drawings
Component procurement specifications
Workmanship standards
Manufacturing instructions
Inspection and test specifications
Computer-aided manufacturing programming files
Manufacturing jigs/fixtures
36
Design Transfer: Elements
 Product risk documentation shows what failure modes,
components, parts, etc. should be monitored and
trended
 Process validations indicate critical control points for
manufacturing and design
37
Design Changes - § 820.30(i)
 Establish and maintain procedures for
 the identification, documentation, validation or where
appropriate verification, review, and approval of design
changes before their implementation
 Establish design change control procedures,
determine the risk presented by the change and
implement design control requirements to the
extent appropriate for that risk
38
Considerations for Document Control
 Enumeration of design documents, and tracking
their status and revision history
 Maintain master list or document index to define
product and/or process
 Maintain history of document revisions
 Periodically inventory controlled documents to
confirm that contents are up to date
 Develop procedure for removal and deletion of
obsolete documents
39
Considerations for Change Control
 Document decisions for change requests – identifies
possible design matter which the requester believes should
be corrected
 Document change order following acceptance of change
request – identifies relevant document(s) and revision of
document content
 May also include assignment to designers to further
evaluate the problem and develop corrective action
 Review and assess impact of design change on design
input requirements and intended uses
40
Design Change Review
 The effect of the changes on products already in
commercial or clinical use
 Whether prior design verification or validation
results are impacted
 Changes are implemented in such a manner that
the original problem is resolved and no new
problems are created; or if new problems are
created, they are also tracked to resolution
41
Design History File - § 820.30(j)
 Establish and maintain a design history file for each type
of device
 Include in the DHF or reference records necessary to
demonstrate that the design was developed in
accordance with the design plan and CFR 820
requirements
Design history file (DHF) means a compilation of records
which describes the design history of a finished device
42
Design History File
 Tells the story of a device or device family’s
development from beginning to end
 Contains the documentation necessary to assure
changes to design or process for manufacture of
the device do not adversely impact the device
design and lead to improvement in design and
process
 Maintains knowledge base after design decisions
have been made, employees leave, company
reorganizes, or subcontractors unavailable etc.
43
Elements of Design History File
Design and development plan
Design input documents
Risk analyses documents
Design output
Pre-production design
change control records
 Engineering/laboratory
notebooks





V&V protocols and results
Design review records
Design transfer records
Copies of controlled
documents used during the
design process, e.g. SOPs
etc.
 Initial DMR




44
Benefits of Design Controls
 Improve the product development process by
producing higher quality devices
 Reduce liability exposure
 Reduce design related product recalls
 Shorten development time
 Recognize problems earlier and make corrections
 Lower manufacturing costs
 Meet customer expectations (user and patient
needs)
45
Other Quality System Requirements
 Medical Devices Directive (MDD 93/42/EEC):
developed in 1993; lists requirements regarding
medical device design within EU
 Revised in 2007 (2007/47/EC)
 Compliance became mandatory in March, 2010
46
Medical Devices Directive
 All devices require clinical data
 Of the actual device or a similar device
 Scientific literature of a similar device
 Human factors considered a key factor
47
ISO Standards on Quality
 ISO 13485 (Medical devices - Quality management
systems - Requirements for regulatory purposes):
standard that recommends procedures in order to
have a quality system that complies with Medical
Devices Directive (MDD 93/42/EEC)
 Based on ISO 9001, but excludes some of the
requirements that are not appropriate for regulatory
requirements
48
ISO 13485
 Similar elements to § 820.30
 ISO 13485 Section 7.3 Design and
development







Design and development planning
Design and development inputs
Design and development outputs
Design and development review
Design and development verification
Design and development validation
Control of design and development
changes
49
ISO 14971
 Provide framework within which
experience, insight and judgment
are applied systematically to
manage the risks
 Risk management is the
systematic application of
 Management policies
 Procedures and practices for
analyzing, evaluating, and
controlling risk
50
ISO 14971
 Specifies process through which
the manufacturer can identify
hazards associated with a
medical device, estimate and
evaluate the risks associated
with these hazards, control these
risks, and monitor the
effectiveness of that control
51
Quality System Inspection Technique (QSIT)
 Guidance for auditing medical
device manufacturers against
QS Regulation (21 CFR Part
820) and related regulations
 Focuses on four major
subsystems that are the basic
foundation of the QS to
evaluate and states the
purpose and importance of
each subsystem
http://www.fda.gov/downloads/ICECI/Inspections/I
nspectionGuides/UCM085938.pdf
52
What are the four main subsystems?
Design
Controls
Corrective &
Preventive
Actions
Production &
Process Controls
Management
Material
Controls
Records,
Documents, &
Change Controls
Equipment &
Facility Controls
53
What does FDA look for in the Design Control
Subsystem?









Design procedures and plan established?
Design inputs or requirements for device identified?
Design outputs or specifications for device identified?
Design verification conducted?
Design validation conducted?
Software validation completed?
Risk analysis carried out?
Design reviews conducted?
Design transfer to manufacturing completed successfully?
54
Warning Letters - Examples
 “do not have design
control procedures”
 “no documentation of
design validation or
design change controls”
 “no documentation of risk
analysis or structural
(b)(4) testing of the
embedded software”
55
Warning Letters - Examples
 “unable to demonstrate that the
validation for the … redesign project
… was validated using initial
production units”
 “the verification study for the …
coating which is applied to the …
was conducted after the validation
study was completed”
 “failed to demonstrate bench testing
of the [X] had been completed, prior
to their installation into [Y] for
design validation studies”
 “failed to establish acceptance
specifications … prior to conducting
verification and validation studies”
56
Warning Letters - Examples
 “Design validation was not
executed or documented in order
to ensure that the devices
conform to defined user needs
and intended uses”
 “A design and development plan
… that describes or references
the design and development
activities and define
responsibility for implementation
was not established or
maintained”
 “A design history file was not
established or maintained by
your firm”
57
Warning Letters - Examples
 “… Design Input for [X]
contains no inputs for the [Y]
which are to be used with the
[X]”
 “Because you did not include
[Y] inputs in your [X] design
verification/validation, your [X]
Risk Analysis/Failure Modes
and Criticality Analysis,
document (b)(4) is incomplete
in that you failed to identify
and evaluate potential hazards
involved with use of the [Y] …”
58
Product Liability/Negligence Claims – Design Defects
 Foreseeable risks?
 Could have been reduced or avoided?
 Omission of reasonable, safer, and technologically
feasible alternative design?
 Risks outweigh benefits?
59
Key Documents to Consider During Litigation
 DHF
 Regulatory documents
(510(k), memo to file, PMA)
 DFMEA
 PFMEA
 Specifications
 Lot/device history records
 Manufacturing procedures
 Design drawings
 CAPA reports
 MDR/complaint files
 IFU
 Surgical brochures
 Marketing brochures/documents
 Audit reports
60
Impact on Litigation




Design changes
Design controls for line extensions
Memo to file justification
Questions to consider:
 After a design change or line extension, are there additional risks for
the device? Is additional design verification or validation needed?
 Are the specifications clinically relevant? How were they developed?
 Are the specifications consistent?
 Were the inputs translated from marketing inputs into engineering
inputs?
 Were finished products considered?
 Was validation completed before verification?
 Was there compliance with own requirements/procedures?
61
Final Thoughts
 The design control regulations provide a
comprehensive and systematic framework for device
development
 The design control process is iterative
 Design control regulations are a regulatory
requirement, but when used properly serve as good
business practice
62
“Design control does not end with the transfer of a
design to production. Design control applies to all
changes to the device or manufacturing process
design, including those occurring long after a device
has been introduced to the market. This includes
evolutionary changes such as performance
enhancements as well as revolutionary changes such
as corrective actions resulting from the analysis of
failed product. The changes are part of a continuous,
ongoing effort to design and develop a device that
meets the needs of the user and/or patient. Thus, the
design control process is revisited many times during
the life of a product.”
Design Control Guidance for Medical Device
Manufacturers; March 11, 1997; FDA, CDRH
63
Reading Materials
 FDA Guidance Document
(http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/
GuidanceDocuments/ucm070642.pdf)
 Medical Devices Directive (http://eurlex.europa.eu/LexUriServ/LexUriServ.do?uri=OJ:L:2007:247:0021:0055:en:PDF)
 ISO 13485 (http://www.iso.org/iso/catalogue_detail?csnumber=36786)
 ISO 14971 (http://www.iso.org/iso/catalogue_detail.htm?csnumber=38193)
 Quality System Inspection Techniques
(http://www.fda.gov/downloads/ICECI/Inspections/InspectionGuides/UCM08593
8.pdf)
 AdvaMed – Points to consider when preparing for an FDA inspection under the
QSIT design controls subsystem (http://www.compliance-alliance.com/wpcontent/uploads/2010/05/points-design.pdf)
64
Thank you!
Questions?
Kevin Ong, Ph.D., P.E.
kong@exponent.com
215-594-8874