Global Medical Device Podcast powered by Greenlight Guru

This episode explores the transition from the Quality System Regulation (QSR) to the Quality Management System Regulation (QMSR) and the foundational elements required for medical device compliance. Host Etienne Nichols and guest Mike Drues discuss the philosophy of building a usable system rather than a "museum of SOPs," emphasizing that the standard list of QMS sections should be viewed as a starting point rather than an exhaustive checklist.The conversation examines the critical differences between 510(k), De Novo, and PMA pathways regarding manufacturing requirements. While a 510(k) submission may not strictly require detailed manufacturing information at the time of filing, Mike explains why companies must remain audit-ready from the moment they register their establishment with the FDA. The discussion clarifies the timing of registration and the "radar" companies enter once they become commercially active.Finally, the dialogue focuses on a "triage" approach for resource-constrained startups. By prioritizing Design Controls and Risk Management during early development, teams can remain compliant and ethical without over-investing in post-market systems, such as complaint handling, before they have a product on the market. Mike warns against the dangers of "copy-and-paste" quality systems, urging manufacturers to use professional judgment to tailor their processes to their specific technology.Key Timestamps00:00 - Introduction to QMS requirements and guest Mike Drues.03:45 - The core sections of a QMS according to the Quality System Regulation.05:12 - Why the QSR list is a starting point, not a stopping point.08:20 - Regulatory vs. Ethical vs. Economical: The three legs of the medical device stool.10:30 - Do you need a full QMS for 510(k) vs. PMA submissions?13:15 - Understanding the timing and strategy for FDA Establishment Registration.15:40 - The Triage Approach: Which QMS sections matter most during early development?19:00 - The dangers of boilerplate SOPs and non-specific quality manuals.Quotes"This is a starting point. This is not a stopping point... Use your own good judgment." — Mike Drues"The goal is not really to build a museum of SOPs; the goal is a quality management system that teams will actually use." — Etienne NicholsTakeawaysPrioritize the Big Four: During the development phase, focus your limited resources on Design Controls, Risk Management, Document Control, and Supplier Quality Management.Understand Pathway Nuances: While 510(k) submissions don't require manufacturing details, you must be fully compliant and ready for inspection once your establishment is registered and the product is launched.Avoid Boilerplate SOPs: Quality systems must be specific to your organization. Including irrelevant device types or procedures in your QMS is a significant red flag for FDA inspectors.Strategic Registration: Register your establishment 60–90 days before your planned commercial launch to manage costs and stay off the FDA inspection radar until necessary.The Preamble is Key: Read the preamble of the QSR to understand the "why" behind the regulations, which allows for better justification of your quality decisions during an audit.ReferencesFDA Design Control Guidance (1997): A foundational document for medical device engineering and documentation.FDA Establishment Registration: Guidance on the timing and requirements for small business fee waivers.Etienne Nichols LinkedIn: https://www.linkedin.com/in/etiennenichols/MedTech 101 SectionConcept: The Quality Management System (QMS) Think of a QMS like a pilot’s pre-flight checklist. You don't just "wing it" when you get into a cockpit; you have a documented process to ensure the engine is working, the fuel is full, and the wings are clear. For a small plane (a low-risk Class I device), your checklist is shorter and simpler. For a commercial jumbo jet (a high-risk Class III device), the checklist is massive and detailed. However, the goal for both is identical: ensuring the passengers (the patients) arrive safely at their destination through a repeatable, controlled process.SponsorsThis episode is brought to you by Greenlight Guru. The subject of right-sizing your quality system is exactly why Greenlight Guru offers both QMS and EDC solutions. Their Ultralight eQMS is designed specifically for fast-moving, product-led teams who need a flexible, compliant system without the overhead of a "museum of SOPs." Whether you are in early-stage R&D or preparing for a global launch, Greenlight Guru provides the tools to keep your quality and clinical data connected and audit-ready.Feedback Call-to-ActionWe want to hear from you! What are the biggest hurdles your team faces when scaling your quality system? Send your feedback, reviews, and topic suggestions to podcast@greenlight.guru. We read every email and pride ourselves on providing personalized responses to our listeners.

In this episode, host Etienne Nichols sits down with Ashkon Rasooli, founder of Ingenious Solutions and a specialist in Software as a Medical Device (SaMD). The conversation previews their upcoming session at MD&M West, focusing on the critical intersection of generative AI (GenAI) and quality assurance. While many AI applications exist in MedTech, GenAI presents unique challenges because it creates new data—text, code, or images—rather than simply classifying existing information.Ashkon breaks down the specific failure modes unique to generative models, most notably "hallucinations." He explains how these outputs can appear legitimate while being factually incorrect, and explores the cascading levels of risk this poses. The discussion moves from simple credibility issues to severe safety concerns when AI-generated data is used in critical clinical decision-making without proper guardrails.The episode concludes with a forward-looking perspective on how validation is shifting. Ashkon argues that because GenAI behavior is statistical rather than deterministic, traditional pre-market validation is no longer sufficient. Instead, a robust quality framework must include continuous post-market surveillance and real-time independent monitoring to ensure device safety and effectiveness over time.Key Timestamps01:45 - Introduction to MD&M West and the "AI Guy for SaMD," Ashkon Rasooli.04:12 - Defining Generative AI: How it differs from traditional machine learning and image recognition.06:30 - Hallucinations: Exploring failure modes where AI creates plausible but false data.08:50 - The Autonomy Scale: Applying standard 34971 to determine the level of human supervision required.12:15 - Regulatory Gaps: Why no generative AI medical devices have been cleared by the FDA yet.15:40 - Safety by Design: Using "independent verification agents" to monitor AI outputs in real-time.19:00 - The Shift to Post-Market Validation: Why 90% validation at launch requires 10% continuous monitoring.22:15 - Comparing AI to Laboratory Developed Tests (LDTs) and the role of the expert user.Quotes"Hallucinations are just a very familiar form of failure modes... where the product creates sample data that doesn't actually align with reality." - Ashkon Rasooli"Your validation plan isn't just going to be a number of activities you do that gate release to market; it is actually going to be those plus a number of activities you do after market release." - Ashkon RasooliTakeawaysRight-Size Autonomy: Match the AI’s level of independence to the risk of the application. High-risk diagnostic tools should have lower autonomy (Level 1-2), while administrative tools can operate more freely.Implement Redundancy: Use a "two is one" approach by employing an independent AI verification agent to check the primary model’s output against safety guidelines before it reaches the user.Narrow the Scope: To reduce hallucinations, limit the AI's task breadth. A model asked to write a specific security requirement is more reliable than one asked to generate an entire Design History File (DHF).Prioritize Detectability: Design UI/UX features that provide the sources or "basis" for an AI's answer, allowing human users to verify the data and catch errors more easily.Continuous Surveillance: Accept that pre-market validation cannot cover all statistical outcomes; establish a post-market "watchtower" to monitor for performance shifts and user feedback trends.ReferencesISO 14971: The standard for the application of risk management to medical devices.AAMI TIR34971: Guidance on the application of ISO 14971 to machine learning in medical devices.IEC 62304: Medical device software lifecycle processes.Etienne Nichols: LinkedIn ProfileMedTech 101: The Autonomy ScaleThink of the Autonomy Scale like the driver-assist features in a car.Level 1 is like a backup camera: It gives you data, but you are still 100% in control of the steering and braking.Level 5 is a fully self-driving car where you can sleep in the back seat.In MedTech, most generative AI is currently aiming for Level 2 or 3, where the AI suggests a "route" (like a diagnosis or a draft report), but a human "driver" (the doctor or engineer) must keep their hands on the wheel and verify every turn.SponsorsThis episode is brought to you by Greenlight Guru. Whether you are navigating the complexities of generative AI or traditional hardware, Greenlight Guru offers the only specialized Quality Management System (QMS) and Electronic Data Capture (EDC) solutions designed specifically for the medical device industry. By integrating your quality processes with clinical data collection, Greenlight Guru helps you move from "check-the-box" compliance to true quality.Feedback Call-to-ActionWe want to hear from you! How is your team implementing AI in your workflow? Do you have questions about the shifting regulatory landscape? Send your thoughts, reviews, or topic suggestions to podcast@greenlight.guru. We read every email and pride ourselves on providing personalized responses to our community of MedTech movers and shakers.

Dr. Jenny Hoffmann, MedTech executive and author of Open Up: Step Into the Leader You Are Meant to Be, joins host Etienne Nichols to discuss the evolution of leadership in the medical device industry. Drawing from her experience as a bioengineer and CEO, Dr. Hoffmann explains why the traditional model of the "rigid, perfect leader" is no longer sustainable. She shares her personal journey—from being one of the first IVF babies in the U.S. to navigating life-threatening health complications—and how these experiences shaped her mission to help others lead with authenticity.The conversation centers on the concept of "SOS moments," which Dr. Hoffmann defines as those critical points of distress or crisis that occur in both personal lives and product development. By applying her CEC framework—Curiosity, Empathy, and Connection—leaders can transform these high-pressure moments into stories of strength. This approach is particularly vital in MedTech, where the ultimate goal is to serve patients during their own most vulnerable SOS moments.Etienne and Jenny also explore the intersection of human leadership and emerging technology. While AI continues to streamline technical workflows, Dr. Hoffmann argues that human empathy and curiosity remain irreplaceable assets for innovation. The episode concludes with a practical look at the return on investment (ROI) for "opening up," demonstrating how personal connection leads to higher quality products, better team retention, and the resilience needed to survive the "messy middle" of product development.Key Timestamps00:00 - Introduction of Dr. Jenny Hoffmann and her background in MedTech and innovation.01:28 - Motivation for writing Open Up: Scaling impact through vulnerable storytelling.04:23 - The shift from the "perfectly composed" leader to the vulnerable leader.05:45 - Dr. Hoffmann’s personal origin story: Being one of the first IVF babies in the U.S.08:30 - Listening to the "whisper" and the courage required to respond to inner intuition.10:14 - The ROI of Vulnerability: How personal connection drives higher quality and team motivation.14:39 - Defining SOS moments: Turning distress signals into leadership strengths.18:42 - The CEC Method: Breaking down Curiosity, Empathy, and Connection.20:25 - AI in MedTech: Why human empathy is the one thing machines cannot replace.25:57 - Strategic Sharing vs. Oversharing: How to lead by example without losing professional boundaries.28:52 - The power of storytelling for engineers and data-driven professionals.Quotes"The leader is the first one to step out on the bridge that no one’s sure if they want to cross. You paint that vision of the bridge, and then you’re the first one to step out on it." - Dr. Hoffman"If we can put empathy first and think about how we are each a patient first... then we can uncover the real needs to solve. Then we can be more innovative." - Dr. HoffmanTakeawaysThe CEC Framework: Use Curiosity to open the mind, Empathy to open the heart, and Connection to drive outsized results in technical teams.Embrace SOS Moments: View professional crises or personal struggles as distress signals that, when analyzed with curiosity, provide the data needed to build resilience.Human-Centric AI Strategy: Leverage AI for efficiency and data processing, but double down on human empathy to solve complex patient needs that machines cannot grasp.Strategic Vulnerability: Sharing personal stories is a leadership skill. Start small by sharing "Monday morning" anecdotes before moving to deeper personal values to build team trust.The Mission Dimension: In MedTech, motivation isn't just about time and effort; it is about the "third dimension" of mission-driven impact that keeps teams moving through the "messy middle" of a project.ReferencesOpen Up: Step Into the Leader You Are Meant to Be by Dr. Jenny Hoffmann – The core book discussed, focusing on vulnerable leadership.New England Medical Innovation Center (NEMIC) – Where Dr. Hoffmann serves as Executive Director.Sure Footing Consulting – Dr. Hoffmann’s leadership and strategy firm.Etienne Nichols LinkedIn – Connect with the host.MedTech 101: SOS MomentsIn a medical context, an SOS is a distress signal indicating an immediate need for help. In leadership, Dr. Hoffmann uses "SOS moments" as an acronym for "Story of Strength" and an analogy for those times when you feel overwhelmed, fearful, or hit a major roadblock in a project (like a failed regulatory submission or a budget crisis), it can also be a moment to look back on and learn from.Just as a clinician responds to a patient’s distress signal by diagnosing the underlying issue, a MedTech leader should respond to their own "emotional SOS" by using the CEC Method.SponsorsThis episode is brought to you by Greenlight Guru. In the medical device industry, the "messy middle" of development is often where teams lose momentum. Greenlight Guru helps you stay focused on your mission by providing the only dedicated MedTech Lifecycle Excellence platform. Their QMS (Quality Management System) ensures your documentation is always audit-ready, while their EDC (Electronic Data Capture) solution streamlines clinical data management. By integrating quality and clinical data, Greenlight Guru allows leaders to spend less time on paperwork and more time on the vulnerable, innovative leadership discussed in today's episode.Feedback Call-to-ActionWe want to hear from you. How do you balance vulnerability with technical authority in your leadership role? Have you experienced an "SOS moment" that changed your career path? Please send your thoughts, reviews, or suggestions for future topics to podcast@greenlight.guru. We read every email and look forward to providing personalized responses to our listeners.

In this episode, Etienne Nichols and guest Ashkon Rasooli explore the transformative impact of AI in the medical device industry. From AI-driven diagnostics and wearable health monitors to the future of surgical robots, they delve into how these technologies are reshaping healthcare. The discussion also touches on the challenges and opportunities in validating and regulating AI within MedTech, highlighting real-world applications and predicting future trends."Validation of AI tools in MedTech requires a staged adoption to build confidence due to the inherent uncertainty in AI outcomes." - Ashkon Rasooli00:00 - Introduction to AI in MedTech05:15 - Discussing AI's deterministic vs. statistical nature12:30 - AI in diagnostics: Radiology, Cardiology, and Neurology20:45 - Wearable health monitors and patient-driven health data28:10 - The role of AI in medical device operations and manufacturing35:00 - AI at the point of care: Enhancing patient and clinician experience42:15 - Regulatory challenges and the future of AI in healthcareKey Takeaways:1. Latest MedTech Trends:The integration of AI in diagnostics is growing, particularly in radiology, cardiology, and neurology, aiding in more accurate and quicker diagnoses.Wearable health monitors are empowering patients to take control of their health data, leading to personalized healthcare solutions.2. Practical Tips for MedTech Enthusiasts:Stay informed about the latest AI advancements and regulatory guidelines to leverage AI effectively in MedTech.Consider the ethical implications and ensure bias mitigation in AI model training and deployment.3. Predictions for the Future:Increased adoption of AI across various healthcare sectors, including surgery and patient care management.Evolution of regulatory frameworks to better accommodate and oversee AI-driven medical devices.References:Ashkon Rasooli on LinkedInashkon@engeniussolutions.comEngenius SolutionsAFDO/RAPS Working GroupEtienne Nichols on LinkedInSponsors:This episode is brought to you by Greenlight Guru, a comprehensive solution designed to streamline MedTech product development and ensure regulatory compliance. Discover how Greenlight Guru can accelerate your projects at www.greenlight.guruShare your thoughts and questions with us at podcast@greenlight.guru

In this episode, we delve into the complexities and essentials of quality and regulatory roles in the medical device industry. Our esteemed guest, Jennifer Mascioli-Tudor, CEO and founder of JMT Compliance Consulting, shares her wealth of experience from top MedTech companies, underscoring the importance of proactive quality management, project management skills, and the ability to influence and communicate within organizations.Key Timestamps:[00:00:50] Introduction to Jennifer Mascioli-Tudor and her extensive background in the MedTech industry.[00:03:30] Jennifer's origin story in quality and regulatory roles.[00:07:15] The pivotal learning moments in quality management and regulatory affairs.[00:10:45] Strategies for influencing business leaders and the importance of storytelling in quality and regulatory roles.[00:16:30] The significance of human factors in product design and learning from end-user feedback.[00:21:50] Project management skills for quality and regulatory professionals.[00:25:20] The concept of 'design freeze' in the MedTech space and its impact on product development.[00:29:55] Jennifer's insights on agility and adaptability in building a quality management system.Quotes:"A really good quality and regulatory professional needs to have really good project management skills." - Jennifer Mascioli-Tudor"It's not just about the design and about the product. It's about everything ancillary that feeds into that finished medical device." - Jennifer Mascioli-TudorMedTech Trends:An emphasis on proactive quality management to ensure patient safety and product efficacy.The rising importance of human factors and user-centered design in medical device development.The shift towards integrating software and digital solutions in medical devices.Practical Tips:Quality and regulatory professionals should hone their project management skills.Communication and storytelling are key in influencing business decisions and leadership.Always present solutions and alternatives when addressing compliance challenges.References:JMT Compliance ConsultingJennifer Mascioli-Tudor on LinkedInEtienne Nichols on LinkedInGreenlight Guru’s platform for Quality Management & Clinical InvestigationsQuestions for the Audience:Discussion: "How do you envision MedTech changing the landscape of healthcare in the next decade?"Feedback:Love the episode? Have suggestions or topics you’d like to hear about? Email us at podcast@greenlight.guru and leave a review on iTunes!Sponsors:This episode is brought to you by Greenlight Guru, the only quality management software designed specifically for the medical device industry. Streamline your process and foster innovation with Greenlight Guru’s intuitive platform!

In this episode, Etienne Nichols sits down with Michelle Wu, Founder and CEO of Nyquist AI and one of the top 100 women in AI, to discuss the transformative state of artificial intelligence within the MedTech regulatory and quality space. Reflecting on her recent personal experience as a surgical patient, Michelle shares a unique perspective on the critical importance of the devices and quality systems that keep the industry running.The conversation dives deep into the "Great Rewiring" of the medical device industry. Michelle outlines how we have moved past the initial phase of AI skepticism and "AI fatigue" into a period of hyper-acceleration. With the introduction of the FDA’s ELSA and the implementation of the EU AI Act, the industry has reached a point where AI is no longer a side project but a fundamental requirement for operational longevity.Finally, the episode provides a roadmap for both organizations and individual contributors. Michelle introduces her "Holy Trinity" framework for AI implementation—Data, Workflow, and Agents—and explains why the next two years will be defined by the "Invisible Colleague" or AI copilot. For junior professionals, the message is clear: knowledge is now a commodity, and the real value lies in the ability to ask high-quality, strategic questions.Key Timestamps00:00 – Introduction and Michelle Wu’s background in MedTech and AI.03:45 – A founder’s perspective: Michelle’s personal experience in the OR seeing her clients' devices.08:12 – The 2025 Inflection Point: FDA ELSA, EU AI Act, and global AI expectations.11:50 – From billable hours to value-based output: How AI is disrupting the consulting business model.15:35 – Micro-timestamp: 2026 Predictions. The shift toward universal AI Copilots and Agents for every MedTech role.18:22 – The Holy Trinity of AI: Breaking down Data Layers, Workflow Automation, and AI Agents.22:10 – Case Study: How a top-tier MedTech company automated 17,000 quality and regulatory tasks.27:45 – The 56.8% Salary Premium: Why AI literacy is the most important skill for young RAQA professionals.31:15 – Shifting from memorization to "Clarity of Mind" and high-quality inquiry.Quotes"Knowledge is a commodity now. Previously, regulatory consultants or professionals stood out by their knowledge. Now, with AI leveling the field, the capability lies in those who can ask high-quality questions." - Michelle Wu, Nyquist AITakeawaysAI Literacy is a Financial Multiplier: LinkedIn data shows that non-engineering knowledge workers with AI literacy can command a salary premium of up to 56.8%.The 80/20 Rule of Automation: Approximately 80% of current RAQA tasks are tedious, manual, or administrative. Successful teams are using AI to automate that 80%, allowing humans to focus on the 20% that is strategic and high-value.The Three-Layer AI Strategy: To effectively implement AI, companies should look at the Data Layer (intelligence), the Workflow Layer (automation of specific tasks), and the Agent Layer (autonomous "employees").Value-Based Billing: As AI reduces the time required for regulatory submissions and gap analyses, the industry is moving away from the "billable hour" toward pricing based on the value and quality of the output.ReferencesNyquist AI: Michelle Wu’s platform specializing in global regulatory intelligence and AI-driven workflow automation for MedTech.FDA ELSA: The FDA’s internal AI tool that marked a significant shift in the agency's embrace of the technology.IMDRF GMLP: Good Machine Learning Practice guidelines for AI-enabled medical devices.EU AI Act: The first comprehensive legal framework for AI, affecting MedTech compliance timelines.Etienne Nichols: Connect with Etienne on LinkedIn.MedTech 101: AI Agents vs. AI ChatbotsWhile many people are familiar with AI Chatbots (like the early versions of ChatGPT), the industry is moving toward AI Agents.Think of a Chatbot like a very smart encyclopedia. You ask it a question about a 510(k) submission, and it gives you information.An AI Agent, however, is like an AI Intern. It doesn't just give you information; it performs a multi-step task. For example, you can tell an Agent to "find the three most relevant predicates for this new device, summarize their 510(k) summaries, and draft a gap analysis table." The Agent "thinks" through the steps and delivers a finished product, not just a response.SponsorsThis episode is brought to you by Greenlight Guru. As Michelle and Etienne discussed, the future of MedTech is driven by data and efficiency. Whether you are navigating the complexities of the EU AI Act or scaling your R&D, Greenlight Guru’s QMS (Quality Management System) and EDC (Electronic Data Capture) solutions provide the structured data foundation necessary to leverage AI effectively. By integrating quality and clinical data, Greenlight Guru helps you move from "reactive" compliance to "proactive" innovation.Feedback Call-to-ActionWe want to hear from you! How is your team currently leveraging AI in your regulatory or quality workflows? Are you feeling the "AI fatigue," or are you seeing the "salary premium" Michelle mentioned?Send your thoughts, guest suggestions, or specific questions to podcast@greenlight.guru. Etienne personally reads and responds to listener feedback, and we would love to feature your insights in a future episode.

The FDA's new Quality Management System Regulation (QMSR), which replaces the 21 CFR Part 820 Quality System Regulation (QSR) and incorporates ISO 13485:2016 by reference, represents a significant harmonization effort in the medical device industry. While viewed by some as a mere streamlining, the change is mandatory, with an effective and fully enforceable date of February 2, 2026. The episode addresses industry complacency and details critical steps manufacturers must take immediately.The episode debunks the myth that familiar quality documents like the DHF, DMR, and DHR are being eliminated. While the specific terms are removed from the regulation's language, their substance is retained and mapped to new, ISO-aligned conceptual requirements: the Device Master Record (DMR) becomes the Medical Device File (MDF), the Design History File (DHF) becomes the Design and Development File (DDP), and the Device History Record (DHR) is captured in the Batch or Lot Record. The host emphasizes that internal documents can retain the old terminology, provided a clear regulatory mapping is established.Crucially, compliance requires more than just an ISO 13485 certificate. Two major philosophical shifts must be addressed: the explicit requirement for integrating lifecycle risk management as the DNA of the entire QMS, and the loss of the audit privilege, which makes internal audit reports, supplier audit reports, and management review records inspectable regulatory evidence. Furthermore, manufacturers must comply with retained, US-specific requirements under the QMSR's prevalence rule, especially concerning mandatory record content (§ 820.35) and specific labeling and packaging controls (§ 820.45).Key Timestamps[0:50] QMSR: The biggest shakeup to US quality requirements since 1996.[2:00] Effective Date: February 2, 2026—the clock is ticking.[2:42] The Goal: Harmonization with ISO 13485:2016 to reduce redundancy for global manufacturers.[3:50] Myth 1 Busted: The FDA is eliminating the DHF, DMR, and DHR (Documentation Dissolution).[5:10] Terminology Shift: DMR > Medical Device File (MDF, ISO 13485 Clause 4.2.3).[6:30] Terminology Shift: DHF > Design and Development File (DDP, ISO 13485 Clause 7.3.10).[7:40] Terminology Shift: DHR > Batch or Lot Record (ISO 13485 Clause 7.5.1).[8:40] The Practical Takeaway: Internal naming is fine, but regulatory mapping is mandatory.[10:30] Critical Shift 1: Risk Management is the DNA of the QMS—Explicitly required across all clauses.[13:00] Critical Shift 2: Loss of the Audit Privilege—Internal audit and management review records are now inspectable.[17:00] Critical Shift 3: Retained FDA Specifications (Prevalence Rule).[17:35] Retained Req. A: Mandatory Record Keeping Content (21 CFR Part 820.35)—UDI/UPC in complaint/service records.[19:00] Retained Req. B: Extended Record Retention Period (Device life, no less than two years).[20:10] Retained Req. C: Specific Labeling and Packaging Controls (21 CFR Part 820.45)—Inspection for accuracy.[22:00] Immediate Action Plan: Gap analysis and restructuring to the new terminology.Quotes"Your internal audit reports, your management review minutes, if you were expecting to keep those shielded from any outside eyes, they are now inspectable regulatory evidence." - Etienne NicholsTakeawaysMandatory Regulatory Mapping: Manufacturers must conduct a thorough mapping exercise to ensure their existing DMR, DHF, and DHR content fulfills the new requirements of the Medical Device File (MDF), Design and Development File (DDP), and Batch/Lot Records, respectively.Embed Lifecycle Risk Management: The QMSR requires a holistic, lifecycle approach to risk management, making it an explicit core component of all QMS clauses (e.g., supplier controls, design and development), moving beyond isolated, perfunctory steps.Prepare for Full Documentation Exposure (Regulatory): Recognize that the former privilege is gone; internal audit reports, supplier audit reports, and management review records are now subject to routine FDA inspection. Draft these documents with the utmost rigor and awareness of their new status as regulatory evidence.Confirm Compliance with FDA Retained Sections: ISO 13485 certification is not enough. You must address the US-specific requirements retained under the prevalence rule, particularly the mandatory inclusion of UDI/UPC in complaint records (§ 820.35) and the strict labeling/packaging inspection controls (§ 820.45).Transition is Immediate: The compliance date of February 2, 2026, is a hard deadline. Proactive gap analysis, process restructuring, and staff training based on the QMSR's requirements and the FDA's preamble are essential for uninterrupted market access.ReferencesISO 13485:2016: The international Quality Management System standard for medical devices incorporated by reference into the QMSR.21 CFR Part 820 (New QMSR): The revised Code of Federal Regulations that replaces the QSR, incorporating ISO 13485 and retaining US-specific supplemental provisions.21 CFR Part 820.35 (Control of Records): Retained section requiring specific content, like UDI/UPC, for complaint and service records.21 CFR Part 820.45 (Device Labeling and Packaging Controls): Retained section requiring documented procedures for inspecting labeling and packaging accuracy.QMSR Preamble: The FDA's detailed commentary and response to comments, which is crucial for understanding the Agency's interpretive thinking behind the new rule.Etienne Nichols' LinkedIn: https://www.linkedin.com/in/etienne-nichols/MedTech 101 SectionWhat is the "Prevalence Rule"?The Prevalence Rule is a key concept in the new Quality Management System Regulation (QMSR) that clarifies which set of rules takes priority. Since the FDA is incorporating the international standard ISO 13485:2016 by reference, a conflict could arise between the ISO standard and existing U.S. law. The Prevalence Rule dictates that in any area of conflict, the U.S. Federal Food, Drug, and Cosmetic Act (FD&C Act) and its implementing regulations (like those retained in 21 CFR Part 820) will always supersede the ISO 13485 requirement. Think of it like a recipe: ISO 13485 is the main set of instructions, but the retained 21 CFR sections are non-negotiable, mandatory additions or modifications that must be followed regardless of what the main instructions say. This is why mere ISO certification does not guarantee QMSR compliance.SponsorsThis episode is brought to you by Greenlight Guru. As the medical device industry faces the significant shift to the QMSR, your QMS needs to be audit-ready and easy to update. Greenlight Guru offers an all-in-one MedTech lifecycle excellence platform with specialized QMS and EDC solutions. Our electronic Quality Management System (eQMS) is built to facilitate the traceability and document control necessary to manage the new ISO-aligned terminology and retained FDA requirements, while our Electronic Data Capture (EDC) software helps manage high-quality data for clinical trials. Don't let scattered documentation hold you back from the February 2026 deadline. Visit www.greenlight.guru to learn how we can help you streamline your quality system and get back to innovating.Feedback Call-to-ActionDid this episode help clarify your QMSR transition plan? We value your input and are dedicated to providing the most relevant, actionable content for MedTech professionals. Please send your feedback, questions, or topic suggestions directly to the host at podcast@greenlight.guru. We read every message and offer personalized responses, ensuring the Global Medical Device Podcast continues to serve your regulatory and quality needs. Also, take a moment to rate, review, and subscribe on your favorite podcast platform.

The MedTech talent landscape has undergone a significant "reset" in the two years since Elena Kyria, founder and CEO of Elemed, last joined the podcast. Driven by factors like the rise of AI, economic volatility, and post-pandemic shifts, the dynamic has swung from a "war for talent" (many jobs, few candidates) to a market flooded with applicants, often overwhelming internal recruitment teams. This shift, exacerbated by simple application processes like LinkedIn's Easy Apply, makes it challenging for good candidates to cut through the noise and for companies to manage high application volumes.To thrive in this new environment, MedTech professionals, particularly those in Quality Assurance (QA) and Regulatory Affairs (RA), must expand their focus beyond technical competence. Elena stresses the growing importance of transverse skills (the essential human skills like communication, negotiation, and leadership) and, critically, AI literacy. With the pressure on companies to "do more with less," AI is creating an environment where smaller, highly productive teams are favored. This doesn't mean roles will disappear, but professionals must embrace technology to eliminate tedious tasks and focus on high-value, strategic work.Navigating the job market now requires a more intentional and proactive approach, especially to access the hidden job market where the best unadvertised roles reside. Tactics include direct networking with hiring managers and active professional branding. Furthermore, the global regulatory environment's fragmentation—especially between the US (FDA) and EU (MDR/IVDR)—is impacting how companies build their teams, favoring remote work and strategic location choices that factor in the local talent pool and employment laws.Key Timestamps1:50 - The MedTech Talent Shift: From "War for Talent" to a "Reset"4:45 - The impact of high volume and "easy apply" on candidate experience6:15 - Immediate disqualification criteria and "gaming" the application system7:35 - Strategies for accessing the hidden job market (networking and strategy)9:20 - The controversial impact of AI on QA/RA roles and the need for efficiency11:30 - Future-proofing your career: Why leaders and junior professionals must embrace AI13:55 - Understanding transverse skills (soft skills) and business acumen15:40 - The QA/RA role in the age of AI: Focusing on the 30% of high-value expertise17:00 - Tactics for achieving AI literacy: Small wins, experimentation, and habit stacking19:45 - Why the "hidden job market" exists (confidentiality, exclusivity, and pipeline)21:30 - Positioning yourself externally: The power of active contribution on LinkedIn23:45 - The importance of speaking at industry events (e.g., RAPS) to build credibility24:55 - Strategic advice for founders building remote, global teams26:15 - The impact of US vs. EU regulatory fragmentation on talent selectionQuotes“It's not going to be enough to just be good at your job. You're going to need to have a little bit more understanding of how to position yourself, how to brand yourself, how building skills outside of just your technical competency [is important].” - Elena Kyria“This is a massive opportunity... to step up and get started... you can use the technology but then you're focused on strategy, relationships, [and] the human side of it versus the people that are still very manual.” - Elena KyriaTakeawaysPrioritize AI Literacy: MedTech professionals must proactively experiment with AI tools (like note-takers and regulatory intelligence systems) to automate up to 70% of tedious tasks. Waiting for formal company training risks falling behind competitors who are already seeing a compounding effect from daily micro-improvements.Master Transverse Skills: Beyond technical QA/RA knowledge, focus on building "hard soft skills" like negotiation, communication, leadership, and financial/business acumen. These are the differentiating skills that AI cannot replicate and will define the strategic value of the future professional.Shift from Lurker to Contributor: Use LinkedIn strategically. Instead of passively scrolling, actively engage by adding meaningful, subject-matter expert comments to relevant posts. This builds credibility and positions you as a known contributor, enhancing your professional brand.Tap into the Hidden Job Market: Rely less on mass applications and more on strategic networking, building long-term relationships, and direct outreach to hiring managers. The best, often confidential, roles are frequently filled through these non-advertised channels.Global Teams Require Legal Due Diligence: Founders building remote teams must be acutely aware of local employment laws and benefits (e.g., maternity leave differences) in each geography. Talent decisions shouldn't just be based on cost or tax benefits but must factor in the available skill density in that location.ReferencesElemed: Elena Kyria's consultancy focused on MedTech executive hiring and recruitment strategy.RAPS (Regulatory Affairs Professional Society): Mentioned as a key platform for professional development and speaking opportunities within the MedTech regulatory field.Greenlight Guru QMS & EDC Solutions: Greenlight Guru's Quality Management System (QMS) helps MedTech companies simplify compliance, while their Electronic Data Capture (EDC) platform streamlines clinical trial data management.Etienne Nichols' LinkedIn: linkedin.com/in/etiennenicholsMedTech 101 SectionTransverse Skills vs. Technical SkillsIn the MedTech industry, we often talk about technical skills—the specific knowledge needed for a job, such as knowing the difference between the FDA's 510(k) and the EU's MDR requirements.Transverse Skills (historically called "soft skills") are the human abilities that apply across all roles and industries, and they are becoming the most critical skills for MedTech professionals in the age of AI.Simple Analogy: Think of a medical device engineer:Technical Skill: Being able to design a circuit board or write a V&V protocol.Transverse Skill: Being able to clearly communicate the risks of that circuit board design to the management team, or negotiate with a supplier on quality specifications.As AI takes over tasks like drafting initial documents or summarizing regulations, the uniquely human skills—like critical thinking, ethical judgment, leadership, and strategic communication—are what add true, irreplaceable value to a MedTech company.Feedback Call-to-ActionDid this episode shift your perspective on AI or the job market? Your feedback helps us shape future content. We are committed to providing personalized and actionable advice to MedTech professionals globally. Please send your thoughts, reviews, or suggestions for future topics directly to podcast@greenlight.guru.SponsorsThis episode of the Global Medical Device Podcast is brought to you by Greenlight Guru. In a market where MedTech talent must be highly productive and efficient, your tools should support that goal. Greenlight Guru offers solutions that help your teams do more with less: our industry-specific QMS streamlines your compliance and quality processes, while our EDC solution digitizes and simplifies your clinical data capture. Visit greenlight.guru to learn how you can upgrade your system to match your highly skilled workforce.

This episode tackles the complex challenge of applying the hardware-centric clauses of ISO 13485 to Software as a Medical Device (SaMD). Adnan Ashfaq, founder of Simply Medica, joins Etienne Nichols to dissect how traditional standards intended for physical manufacturing must be creatively interpreted for the virtual world of software development, where apps update weekly and cloud-based systems evolve in real-time. The conversation zeroes in on the often-muddy areas of production and service provision (Clause 7.5), emphasizing that these clauses are far from non-applicable, requiring a "virtual manufacturing space" mindset.A significant focus is placed on the Software of Unknown Provenance (SOUP), treating these building blocks as purchased components that require robust supplier evaluation and validation, bridging Clause 7.5 (production) with Clause 7.4 (purchasing). The discussion extends to crucial concepts like the Software Bill of Materials (SBoM), the complexity of Agile vs. Waterfall approaches within the standard's framework, and the essential role of the new FDA Computer Software Assurance (CSA) guidance in risk assessment.Beyond production, the experts explore the application of resource management (Clause 6), specifically addressing infrastructure, contamination control (malware/ransomware), and the critical need for a well-documented Design Transfer to Production (Clause 7.3.8) evidenced by a complete software release package, including all 62304 requirements. The episode provides actionable insights for quality and compliance professionals struggling to maintain speed and innovation while strictly adhering to regulatory requirements.Key Timestamps01:45 - The changing landscape: Why traditional MedTech rules struggle with modern software updates.03:50 - Historical context of ISO 13485 and its non-distinction between hardware/software.05:05 - Starting Point: Clause 7.5 (Production and Service Provision) and the "Virtual Manufacturing Space" concept.06:20 - Unpacking Software of Unknown Provenance (SOUP) and its link to Clause 7.4 (Purchasing).08:35 - The necessity of validating the development environment (GitHub/GitLab) and building blocks.11:10 - Applying Clause 4.1.6 (Software Validation) to SOUP items and master validation plans.12:20 - Applicable vs. Non-Applicable Clauses: Sterilization/Cleanliness vs. Installation.13:55 - Clause 4.2.3 (Medical Device File) for SaMD: E-labels, UDI, System Architecture, and SBoM.16:30 - Cybersecurity controls and the manufacturer's responsibility for identifying state-of-the-art standards.17:35 - Defining "Production" for continuously updating software and managing significant vs. non-significant changes.20:15 - Clash of Standards: Agile development, ISO 13485, and the missing documentation for version control risk assessment.21:30 - Clause 6.3 & 6.4 (Resource & Work Environment): Looking at data security, access controls, and contamination (malware/ransomware).24:45 - Clause 7.3.8 (Design Transfer to Production): The need for a formal software release package and the importance of the Software Design Trace Matrix.26:00 - The 16 essential documents needed to meet IEC 62304 requirements.27:10 - Production controls when the user influences the outcome (customizable features, disclaimers).Quotes"So my starting point really in this conversation is to cherry pick some of those clauses from ISO 13485, which are more akin to production. And then how do we then unpack that and apply it with medical device software in mind?" — Adnan Ashfaq"You've got to look at data corruption, you've got to look at unauthorized code, you've got to look at version controlling malware or ransomware, you've got to look at that as well. That's all part of [contamination control, Clause 6.4.2]." — Adnan AshfaqTakeawaysAdopt a "Virtual Manufacturing Space" Mindset: Treat your development environment (e.g., source control systems like GitHub/GitLab, compilers, cloud platforms) as a production floor that requires the same level of validation and control as a physical cleanroom or factory floor, satisfying ISO 13485 Clause 7.5.Validate SOUP as Purchased Products: Any Software of Unknown Provenance (SOUP) or open-source components must be treated as "purchased product" under Clause 7.4, requiring documented supplier verification, impact assessment, and validation (or documented rationale for non-validation) before integration into your SaMD.Contamination Control is Cybersecurity: ISO 13485 Clause 6.4.2, Contamination Control, must be applied to the digital sphere. This includes safeguards against malware, ransomware, unauthorized code, and data corruption, emphasizing the non-negotiable need for robust cybersecurity controls in your Quality Management System (QMS).Formalize the Software Bill of Materials (SBoM): The SBoM, detailing all software components, libraries, dependencies, and their version controls, is a key deliverable under Clause 4.2.3 (Medical Device File), acting as the digital equivalent of a Bill of Materials for Design Transfer to Production (Clause 7.3.8).Bridge Agile with Documentation: When using Agile development, ensure every iteration, bug fix, or patch includes a documented risk assessment (connecting to ISO 14971) and change history to satisfy ISO 13485’s traceability and control requirements, preventing potential non-conformances in audit.ReferencesEtienne Nichols' LinkedIn: linkedin.com/in/etiennenicholsISO 13485:2016 (specifically Clauses 7.5, 7.4, 4.2.3, 6.3, 6.4, 7.3.8)IEC 62304 (Medical device software – Software life cycle processes)FDA Computer Software Assurance (CSA) Guidance: The new guidance replacing older process validation guidance, focusing on a risk-based approach (High Risk vs. Low Risk) for validating software tools.AAMI TIR 45 (Guidance on the use of agile practices in the development of medical device software)MedTech 101 SectionSoftware of Unknown Provenance (SOUP)SOUP refers to software components that have been developed for purposes other than being part of the medical device, and for which the developer did not use a medical device quality management system (QMS) process. In simple terms, it's off-the-shelf software (like an open-source library, a commercial operating system, or a third-party module) that you integrate into your SaMD.Analogy: If you are building a custom, high-end car (your medical device), the engine block (the SaMD code) is custom-made. However, you decide to use commercially available tires, a standard battery, and a third-party GPS system (the SOUP items). While convenient, you can't be 100% sure how those other developers built them. To use them in your regulated medical product, you must perform your own testing and validation (verification) on the SOUP components to ensure they work reliably and safely within your device's specific intended use, treating them as if you purchased them from an outside supplier under Clause 7.4.Feedback Call-to-ActionWe thrive on your expertise and insights. If you have questions about applying ISO 13485 to your specific SaMD project, or if you'd like to suggest a topic for a future deep-dive, please send us an email. We read every message and offer personalized responses to help you navigate the complexities of MedTech compliance.Contact us at: podcast@greenlight.guruSponsorsThis episode discussing the critical balance of innovation and compliance in SaMD is brought to you by Greenlight Guru. In a world where software updates are weekly, using antiquated paper-based or general-purpose QMS systems is a compliance risk. Greenlight Guru offers MedTech-specific solutions, including a leading QMS platform and an advanced EDC solution, that are designed to handle the complexity of modern device development, like seamless traceability for your Software Bill of Materials and automated audit trails, ensuring you stay compliant with standards like ISO 13485 and IEC 62304.

In this episode of the Global Medical Device Podcast, Etienne Nichols is joined by Kavetha Ram, a seasoned expert in health and pharmaceutical sciences and the regulatory department leader at Spectra Medical Devices. Together, they delve into how new regulatory affairs professionals can get started in a career of medical device regulations and the shifting field of MedTech. The discussion offers a roadmap for professionals to navigate and thrive amidst these shifts. The episode is a treasure trove of knowledge for anyone looking to stay ahead in the MedTech realm.Key Timestamps:[00:00:30] Introduction to Kavetha Ram and the episode's focus[00:05:15] Discussion on the challenges and opportunities of new regulations[00:10:40] Insights into the importance of confidence and adaptability in the regulatory field[00:15:20] Kavetha's journey and advice for emerging professionals[00:25:00] The role of innovation and collaboration in MedTech advancements[00:35:10] Strategies for professionals to stay relevant and proactiveQuotes:"Regulations are not just hurdles; they are stepping stones to innovation and safety in MedTech." - Kavetha Ram"Embracing change in regulations is not an option but a necessity for MedTech's future." - Etienne Nichols"Diversity in teams isn't just about varied backgrounds; it's about unlocking unique perspectives that drive innovation." - Kavetha RamKey Takeaways:Insights into MedTech Trends:Regulatory changes are both a challenge and an opportunity for innovation.Practical Tips for MedTech Enthusiasts:Stay updated with regulatory changes and understand their implications.Engage in continuous learning and skill development.Foster collaboration across disciplines to enhance innovation.References:Kavetha Ram's LinkedIn ProfileEtienne Nichols' LinkedIn ProfileGreenlight GuruQuestions for the Audience:"What advice do you have for budding Regulatory Affairs professionals?"Reach out to us and let us know what you thought of the episode at podcast@greenlight.guruAlso, if you enjoyed this episode, please leave us a review on iTunes!Sponsors:This episode is brought to you by Greenlight Guru, the only quality management software designed specifically for the medical device industry. Greenlight Guru's platform streamlines product development and compliance, making the process more efficient and less risky. Discover how Greenlight Guru can accelerate your product development at www.greenlight.guru.