Design Assurance


From reviews of the design documentation when your company is experienced in Design Control compliance, to preparing and completing the required deliverables to support submissions, to planning, conducting, and monitoring clinical studies and performance evaluations that support submissions, to managing the project and letting your engineers do the most important thing: D-E-S-I-G-N, CRO Group’s Design Assurance services are key to your company’s success.

This applies  when the product is SaMD/stand alone software – a mHealth app  or a cloud based web app, a combination, and/or coupled with a sensing accessory requiring IEC 60601 (electromedical) or 61010 (IVD) testing.  When it comes to medical device software, the USFDA, EU and Canada all recognize IEC 62304, and CRO Group can assist or take the lead in generating the deliverables required for your design, regardless of development approach – even SCRUM.

Our team brings a wealth of experience in using software project management and development tools and analyzing and adapting your process with the IEC 62304 SDLC (software development life cycle) requirements recognized by FDA and essentially required by EU Notified Bodies.  Our unique swim lane process merges QSR (21 CFR 820), ISO 13485:2016 7.3 Design SaMDControls, ISO 14971 Risk Management, and IEC 62304 SDLC with AGILE/SCRUM for iterative development and proportional risk design documentation, and in meeting regulatory agency add-on requirements – for example cybersecurity.

We have also been valuable in sorting out the often complex App functionality vs. clearance and or approval requirements in the USA, EU, Canada, and other regions and countries.  Careful planning of App functionality and submission label claims can make the difference between unregulated vs. 510(k) vs. de Novo vs. PMA, and between a Class IIA and IIB under the MDD, and between the new product classifications under MDR and IVDR.

In addition, for wearables, particularly those with body contact electrodes and or specific use indication, CRO Group functions as the compliance engineer of your hardware design team, so that design requirements address the relevant IEC 60601 standards at the start vs. the end of project.

Finally, with regard to OTC vs. Rx only use indications, and IVD/CLIA, CRO Group is proficient at mapping out the strategy for Q-Subs, as well as study design and implementation of Label Comprehension, Usability Engineering according to IEC 62366, Safety and Efficacy Clinicals and or Clinical Evaluations according to MEDDEV 2.7.1 Rev 4 as well as the additional significant clinical requirements under the MDR and performance evaluation requirements under the IVDR.

 

 

 

Risk Management


One of the keys to successful risk management for regulated industries, whether in the traditional product realisation process of design, or in later production, or post-production, is to get started.

As soon as conceptual designs are available, the risk management process should begin in earnest. From performing traditional hazard analysis using FMEAs and FTAs, as well as the new tools including HAZOPs and HACCPs, risk management helps us answer 3 important questions:
“What can go wrong?”
“How often and how severe an outcome is possible?” and
“What are we going to do about it?”

These same questions as well as most of the tools apply to all aspects of product realisation – from Purchasing and Supplier controls to Warehousing.

A big part of successful medical device manufacturers’ risk management programs is applying ISO 14971. While the standard was intended to support medical device design, many of its principles are usable throughout product realization, required under ISO 13485.  For SaMD/Digital Health and medical devices which are Internet connected, or which may receive data from input ports (ex USB ports), Risk Management must include Cybersecurity.  For SaMD/Digital Health with ML/AI functionality, CRO Group offers Risk Management services addressing TIR34971:2023 “Application of ISO 14971 to Machine Learning in Artificial Intelligence” documentation.  Click here for more information on these RM services.

CRO Group is experienced in assessing your overall risk management process, training, establishing tools, and performing the various RM techniques. Click here if you have an immediate need for risk management services.