Three steps for traceability in medical device software development quality and compliance

This article originally appeared in Medical Design and Outsourcing News on September 7, 2024.

When reviewing the software in software-as-a-medical-device (SaMD), software-in-medical-devices (SiMD) and systems-of-systems-of-medical-devices (SosMD) at the FDA, I was always looking for sufficient evidence to justify the sponsor’s claim that the device performs as intended — safely and effectively.

The arguments to support this claim are derived from the manufacturers’ quality management system (QMS) quality assurance, design controls, and corrective and preventative action (CAPA) process artifacts, which include device distribution, post-market monitoring, and updates.

The concept of traceability between these artifacts was essential to establishing my confidence in a submission’s claimed safety and effectiveness. To understand why this is, you must first understand how a software (or most any product) application is created.