Some founders ask me whether they have to read the boring standards, e.g. the ISO 13485 (quick note: here’s our guide on getting those for much less money – yes, you have to purchase crappy PDFs).
You might think that regulatory work is similar to doing your tax return: You bring in a consultant, in this case, your tax accountant. That person requests lots of documents from you – your salary payments, your expenses, etc. – and then magically creates a tax return which you never really have to understand. If the tax authorities have questions, they talk directly to you tax accountant. Genius!
This concept however doesn’t work for regulatory compliance for medical devices. Your auditor from your notified body will want to talk to you, not to your consultant. This is understandable: They want to make sure that you have actually understood what it takes to be a compliant medical device / medical software manufacturer.
That means that you’ve understood which steps and precautions you need to take while developing your product and what sort of reporting obligations you have if things go wrong. There’s no way you could outsource all of this to a consultant. It’s essential knowledge in your company.
That would be like an airplane manufacturer outsourcing all their safety work to some random dudes. No, safety has to be at the core of their product development.
That being said, we’ve had some 737 Max crashes in the past. Maybe they didn’t read this post?
Related Posts
Here the a cool trick how to access standards (they cost money!) for ridiculously low prices.
If you consider hiring someone for regulatory work, read my opinion on why hiring senior regulatory affairs people might be a bad idea. And again,