Let's Talk Risk! with Dr. Naveen Agarwal

Imagine you are running a pivotal clinical trial for a novel implant. The data comes back, and it is rough: 80% of your patients have suffered a serious adverse event, and 40% have developed acute kidney injury.If you are sitting in the regulatory or risk management seat, you are likely drafting the project’s post-mortem. In a traditional risk management paradigm, you are preparing to tell the executive team that the device failed to meet any traditional safety threshold.But what if the FDA didn’t just approve this device, but approved it specifically because the sponsors mathematically proved that patients were willing to tolerate a higher level or risk to gain access to this device?This scenario completely dismantles the way the MedTech industry has historically viewed safety and effectiveness. As professionals, we are trained to treat clinical thresholds as objective, immutable laws of physics—a line in the sand where an adverse event rate either passes or fails. However, with the FDA’s finalized guidance issued on March 30, 2026, safety is no longer just a raw numerical threshold; it is now a quantifiable variable relative to the validated preference of the end user.So, how does a manufacturer mathematically prove that a severe safety profile is acceptable, and how does the FDA reconcile approving it?🎧Click Play above to listen to a brief audio summary about this case and lessons QA/RA and Clinical professionals can apply in practice using the newly released FDA Guidance.In this episode, we discuss:* The fundamental difference between Patient Reported Outcomes (PROs) and Patient Preference Information (PPI)—and why conflating the two leads to flawed regulatory submissions.* The exact mechanics of how a rigorously designed Discrete Choice Experiment (DCE) rescued the alfapump system from regulatory rejection.* How to utilize the Q-submission program to negotiate mathematical models with the FDA before collecting a single data point.* Strategic traps to avoid, including the “subpopulation matching problem” that can engineer a massive off-label use issue for your pipeline.Thanks for reading Let's Talk Risk!. If you liked this post, share with others.Note:The audio summary was prepared using Google NotebookLM, an AI-enabled research tool. Here are a few key resources used for this analysis:* FDA Guidance: Patient Preference Information - Voluntary Submission, Review in Premarket Approval Applications, Humanitarian Device Exemption Applications, and De Novo Requests, and Inclusion in Decision Summaries and Device Labeling (Issued March 30, 2026).* P230044, Sequana Medical N.V., alfapump® System, Approved December 2024. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“AI brings novel risks and addressing them will require a more creative approach to human factors engineering.”In this Let’s Talk Risk! conversation, host Naveen Agarwal speaks with Jonathan Kendler, a seasoned medical device human factors and UI design consultant, about how artificial intelligence is changing the practice of usability engineering in MedTech. Jonathan brings a rare perspective to the discussion, blending decades of experience in user interface design, human factors, and medical device development.The conversation explores a central tension facing the industry today: while AI introduces new interaction patterns, trust challenges, and potential safety risks, the core responsibility remains unchanged - understand the user, understand the context of use, and design for safe, effective human interaction. Jonathan also shares where he sees real promise, including AI-supported training, surgical planning, and stronger cross-functional collaboration across risk, quality, regulatory, engineering, and human factors teams.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction02:53 Why AI changes the environment, but not the fundamentals of human factors05:46 Transparency, over-reliance, and helping clinicians stay vigilant09:36 AI-strengthened training and the shift from training to competence13:19 Promising AI use cases, especially in surgical planning and clinician support15:38 The future of human factors: creativity, collaboration, and new evaluation methods23:30 Jonathan’s upcoming workshop on advanced human factors and use-related risk26:45 Final takeaways: stay grounded in the user, fundamentals, and teamworkIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Start Treating Human Factors as Science, Not Art.LTR: Understanding Human Factors for AR/VR Applications in MedTech.LTR: LTR Risk Coach - AI-Powered Decision Support Tool.Key Takeaways* AI-enabled devices do not eliminate the need for strong human factors fundamentals; they make them more important.* One of the biggest emerging risks is lack of transparency around what the AI is doing and how users should interpret its output.* Accuracy alone is not enough; teams must design for the reality that AI can fail and users must remain appropriately vigilant.* AI may create meaningful opportunities to improve training, making it more interactive, adaptive, and competence-focused.* Some of the most promising applications of AI are those that strengthen clinician judgment rather than replace it.* Human factors professionals will need more creativity to anticipate novel use errors, misuse, and complex real-world interactions.* Conventional usability testing may not be enough for AI-enabled systems, especially when risks like habituation emerge over time.* The best outcomes will come from closer collaboration across human factors, engineering, risk management, quality, regulatory, and safety teams.KeywordsHuman factors, usability engineering, AI in medical devices, machine learning, transparency, clinician vigilance, use-related risk, AI training, competence, surgical planning, usability testing, cross-functional collaborationAbout Jonathan KendlerJonathan Kendler is a medical device human factors and UI design consultant with more than 20 years of experience supporting the development of healthcare products, including dialysis machines, infusion pumps, glucose monitors, and patient monitoring systems. He is Principal Consultant at Curiolis and previously co-founded Wiklund Research & Design, which was later acquired by UL.Jonathan has authored numerous articles on usability engineering and co-authored Usability Testing of Medical Devices and Designing for Safe Use. He has also taught graduate-level courses in user interface design at Tufts University and delivered workshops and lectures on usability engineering across North America, Europe, and Asia.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every other Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“The clinical study is actually where your risk analysis is going to meet reality.”In this Let’s Talk Risk! conversation, host Naveen Agarwal speaks with Lavanya Ramnath, Senior Regulatory Affairs Specialist at Insulet, about what it really takes to prepare for an IDE and why early-phase risk work is far more than a documentation exercise. Drawing on her experience in diabetes technology, SaMD, and closed-loop systems, Lavanya explains how regulatory, clinical, engineering, and usability thinking must come together long before a device ever reaches a patient.The conversation also goes deeper than process. Lavanya shares the personal connection that drew her into MedTech, how family experiences with diabetes and cardiac disease shaped her career, and why she approaches device development with a simple principle: build as if it were intended for your own family. From significant-risk judgments and feasibility studies to alarm design, human factors, and mentorship, this episode is a thoughtful reminder that good regulatory work is ultimately about real people, real uncertainty, and real consequences.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction03:23 The personal story behind Lavanya’s commitment to MedTech05:01 What an IDE is and why it matters07:53 When companies decide they need an IDE09:08 Significant vs. non-significant risk in early clinical development12:36 In silico testing, risk analysis, and the three buckets of risk work16:07 Human factors, usability, and improving confidence in risk judgments19:00 Alarm design, patient preference, standards, and practical tradeoffs20:49 Learning regulatory on the job and the role of mentorship25:40 Final takeaways: patient focus, study design, and risk as strategyIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Decoding Privacy Laws in Clinical Research.LTR: A Patient Centric Approach to Medical Device R&D.LTR: A 90-Day Plan to Review QMSR Readiness.Key Takeaways* An IDE is not a marketing authorization. It is the permission to study a device in humans, and it often begins much earlier in development than many teams expect.* Early risk work is a judgment exercise under uncertainty. Teams must assess whether a device could cause serious harm even before every failure mode is fully known.* Risk analysis should not stop at a table. Lavanya frames it as a broader strategy spanning system hazards, component-level failure analysis, and an overall residual-risk rationale.* Clinical studies are where risk analysis meets reality. They help confirm whether residual risk is truly acceptable in real-world use.* Human factors matters directly to safety. User behavior, interface design, age, familiarity with technology, and real-use conditions all shape risk.* Good design requires balancing competing needs. The insulin pump alarm example shows the tension between patient preference, safety urgency, and standards compliance.* Regulatory growth happens through cross-functional learning. Lavanya emphasizes partnering with other functions, asking questions, and staying open to how the full product puzzle fits together.* Mentorship can accelerate confidence and visibility. The episode closes with a strong message about seeking mentors, giving back, and finding your voice in the profession.KeywordsIDE, Investigational Device Exemption, clinical trials, risk management, ISO 14971, human factors, IEC 62366, usability engineering, insulin pumps, SaMD, digital health, regulatory affairs, benefit-risk, design controls, mentorshipAbout Lavanya RamnathLavanya Ramnath is a Senior Regulatory Affairs Specialist at Insulet, where she supports U.S. new product development for SaMD and closed-loop insulin delivery systems, including feasibility and pivotal clinical studies, IDE submissions, and FDA interactions. She has also contributed to indication expansion work for Omnipod 5 and supports broader regulatory documentation, process improvement, and global compliance activities.Previously, Lavanya held regulatory roles at Abbott, CR Bard, and Medtronic, building experience across the full device lifecycle for both low- and high-risk devices in U.S., EU, and international markets. A biomedical engineer by training, she is especially passionate about helping bring safe, effective, and innovative devices to patients worldwide — a mission shaped by personal family experiences with diabetes and cardiac disease.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every other Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were cre

Summary“Test, test, test - and don’t accept the outcome unless you’re fairly confident in the level of uncertainty that remains.”Companion diagnostics (CDx) are inherently high-consequence because they can directly shape treatment decisions. That reality drives a higher bar for clarity: intended use boundaries, evidence expectations, and tight specificity in what the test is claiming and for whom.In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Chris Daly to discuss how AI is transforming the MedTech landscape, including CDx, and how FDA’s expectations are evolving in this area. Chris emphasizes anchoring on the clinical question, using AI as a tool (not a vague strategy), and making uncertainty explicit: not “can we explain everything,” but “how much uncertainty is acceptable for this intended use?”Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 2026 context: uncertainty is rising; fundamentals matter 05:00 CDx basics: why CDx is different (and higher-stakes) 07:05 AI/ML + diagnostics: define the question, bound the tool 09:40 Explainability vs uncertainty: “how much confidence is enough?” 14:10 The human factor: vigilance and better questions 18:10 FDA and CDx: what “evolving approach” may signal 21:30 Dataset boundaries, bias, and representativeness as safety issues 25:40 Closing: adapting to rapid AI rise through discipline + alignment If you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Three Pillars for Defining Your IVD Risk Management Strategy.LTR: Responsible AI and Future of MedTech Safety.FDA: Companion Diagnostics.Key Takeaways* CDx is high-stakes by design. If the test can steer therapy, FDA (and clinicians) will demand tighter specificity on intended use, population, and claims.* The real compliance challenge is uncertainty, not buzzwords. Move the discussion from “can you explain it?” to “how confident are we, and what uncertainty are we accepting for this use?”* Adjusting to AI’s rise means upgrading the team’s habits. Better questions, tougher validation, and active skepticism are the guardrails, especially when outputs can be wrong or misleading.* Your training data defines your safety boundary. If the dataset doesn’t represent the real population/use context, we should not be surprised by bias and performance gaps in the real world.* FDA’s CDx posture is evolving, but rigor isn’t going away. Reclassification signals pathway experimentation, * AI readiness is cross-functional risk governance. The winners align science, quality, regulatory, and commercial goals around shared definitions, shared uncertainty, and shared decision logic.KeywordsCompanion diagnostics (CDx), AI/ML diagnostics, FDA CDx policy, reclassification, intended use, uncertainty, explainability, bias, lifecycle control, vigilance.About Chris DalyChris Daly is a healthcare and life science executive and Principal at IronLine Consulting, where he helps emerging medical device manufacturers build regulatory and commercialization strategies for diagnostic products, especially companion diagnostics (CDx) and AI/ML-enabled solutions. He has supported FDA submissions, including successful clearances in infectious disease and software-as-a-medical-device (SaMD), and works with teams on quality system development across device companies, diagnostic labs, and independent diagnostic testing facilities. Before IronLine, Chris served as Chief Operating Officer of Total Child Health (CHADIS), a web-based screening and clinical management platform that uses pre-visit questionnaires to help clinicians streamline care and improve diagnosis and management of pediatric health, emotional, and behavioral concerns.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every other Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Look at how benefits and risks are allocated among different design options and pick a product architecture that minimizes risks and maximizes benefits.”In this Let’s Talk Risk! conversation, Richard Matt shares a simple but uncomfortable observation: most organizations do risk “correctly” on paper, but too late to matter. By the time the DFMEA/PFMEA is polished, key architecture decisions are already locked, so risk management becomes cleanup, not guidance.His most valuable takeaway is the shift upstream: start with the treatment plan, write down the expected benefits and plausible risks early, and iterate them as the design evolves. When benefits are made explicit, you stop treating risk as a single independent variable and start using benefit–risk as a practical decision engine for design tradeoffs.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and Introduction01:04 Risk focus in QMSR04:50 Risk as an input to design05:33 Why FMEA alone is not sufficient10:33 Consider both benefits and risks early in design20:43 Audience questions24:30 Closing remarksIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Allison Komiyama on Rethinking Benefit-Risk in MedTech.LTR: Benefit-Risk Evaluation of an AI/ML Enabled Device.LTR: An Ideal Medical Device.Key Takeaways* Use benefit–risk early, not as an afterthought. Start at the treatment-plan/concept phase so benefit and harm shape architecture decisions before they’re hard to change.* Make “benefit” explicit and usable. If you only optimize against harm, you can unintentionally degrade clinical value; benefit must be part of the design tradeoff logic from day one.* FMEA is necessary, but often too late to drive architecture. Treat it as confirmation and refinement—not the first time risk influences design.* Replace ad hoc early risk with a lightweight upstream method. A simple evolving list of benefits, risks, and the design choices they drove can outperform a “perfect” late-stage file.* QMSR will expose weak integration between risk and design controls. The compliance work is not the hard part—the hard part is showing risk actually shaped the design.KeywordsQMSR, ISO 13485, ISO 14971, design controls, risk-based thinking, DFMEA/PFMEA limits, hazards & hazardous situations, benefit–risk, early design inputs, architecture decisions, process validation (OQ/PQ), iterative development.About Richard MattRichard Matt is Principal Consultant at Aspen Medical Risk Consulting, with over 30 years of experience in product development, quality engineering, and risk management. He specializes in innovative methods for benefit–risk assessment, FMEA, and integrated product development, helping medical device companies strengthen compliance and improve patient safety.He is also the inventor of a patented “risk algebra” approach that enables clear, defensible comparisons of benefit and risk, a breakthrough with wide implications for devices, biologics, and combination products.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every other Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“A company can become world class the day the quality team decides.”In this Let’s Talk Risk! conversation, host Naveen Agarwal engages with Ganesh Sabat, former former CEO of Sahajanand Medical Technologies (SMT) and now Founder & Managing Partner of MedArtha Capital about a simple but hard truth: global scale in MedTech is earned through quality execution, not marketing narratives.Ganesh walks through SMT’s transformation from an innovative startup into a globally recognized cardiovascular device company, then zooms out to India’s broader MedTech ambition. We unpack what’s missing (talent depth, shared learning, true design ownership), what’s emerging (incubation + device parks + incentives), and why quality leaders are the real “make-or-break” force behind India’s credibility on the world stage.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and Introduction02:09 SMT story: from “innovative startup” to global scale04:54 The turning point: why Ganesh bet on quality as the growth lever06:13 What investors demanded: proof, discipline, and scalable systems08:39 India ecosystem reality: pharma-quality mindset vs device-grade rigor11:22 “Quality as a system”: building defect prevention into process + design15:21 Building the ecosystem: why shared learning + capability depth matter18:58 Challenges and opportunities for MedTech startup21:02 Achieving global success not through low-cost but high quality24:25 Closing remarksIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: What QA/RA Professionals Need to Know About MedTech in India.LTR: Navigating the Regulatory Landscape for SaMD in India.LTR: Atty Chakraborty on India’s Rising MedTech Sector.Key Takeaways* Quality isn’t a checkpoint at the end. It’s a design-and-system discipline built upstream.* SMT’s scaling story is framed as “investing in quality,” then validating it through clinical proof and execution rigor.* Customer trust and investor confidence converge on the same requirement: consistent, reliable quality (and safety) at global standards.* India’s MedTech ecosystem is growing rapidly, but limited depth of specialized quality talent slows the curve.* Moving from pharma-style quality to device-grade quality requires engineering capability, process ownership, and design mastery.* Many early-stage companies need more than capital. They need experienced, operator-led “corridor finding” through regulatory + commercialization complexity.* Device parks and incentives can accelerate manufacturing and scale, but credibility still hinges on execution discipline.* Ganesh’s closing challenge is direct: quality teams hold the leverage to make companies—and countries—world class.KeywordsQuality culture; design controls; engineering-led quality; global scale-up; cardiovascular devices; stents; clinical evidence; India MedTech; regulatory rigor; manufacturing excellence.About Ganesh SabatGanesh Sabat is is the Founder & Managing Partner of MedArtha Capital, an visionary investment platform backing MedTech, medical device, and digital healthcare companies emerging from India and scaling globally.Previously, Ganesh spent ~15+ years as a senior executive, most recently as CEO of Sahajanand Medical Technologies (SMT), where he helped scale a highly regulated cardiovascular medical device business across innovation, manufacturing, quality, regulatory pathways, and international markets, building presence across 80+ countries and driving sustained growth.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every other Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“You don’t want to be implementing QMSR while the FDA is waiting in the lobby.”As the FDA transitions from the Quality System Regulation (QSR) to the new Quality Management System Regulation (QMSR), confusion persists across the MedTech industry. Is ISO 13485 certification enough? Does MDSAP cover everything? What exactly will FDA inspectors expect?In this episode of the Let’s Talk Risk Podcast, host Naveen Agarwal sits down with Holly Cotter to talk about what this transition really means for manufacturers, especially startups and U.S.-only companies.Holly brings a rare perspective: biomedical engineer, hands-on clinical experience, global regulatory consultant, and community builder. Together, we unpack not just regulatory changes — but the leadership opportunity QMSR presents for quality and regulatory professionals.Chapters00:00 Introduction and QMSR transition02:25 Explicit vs. implied changes under QMSR06:00 Risk beyond design validation: FDA’s broader lens09:30 Inspection uncertainty: Q-SIT, guidance gaps, and readiness11:35 MDSAP alignment: what it covers — and what it doesn’t14:00 The Quality Plan: your most practical readiness tool20:10 Dangerous assumptions about ISO 13485 certification25:40 indieMedTech: building community in MedTechIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:* LTR: QMSR Readiness, Risk-Based Assurance and FDA Expectations.* LTR: 90-Day QMSR Readiness Action Pan for Leaders.* LTR: FDA Readiness for QMSR.Key Takeaways* ISO 13485 certification ≠ automatic QMSR compliance* Risk-based thinking must extend across the entire quality system* Internal audits and management reviews will face deeper FDA scrutiny* MDSAP is helpful, but not sufficient* A simple, well-structured Quality Plan demonstrates leadership and readiness* QMSR presents a strategic opportunity for QARA professionalsKeywordsQMSR, FDA Quality System Regulation, ISO 13485, Risk-Based Thinking, MDSAP, FDA Inspection Readiness, Quality Plan, CAPA, Supplier Controls, MedTech LeadershipAbout Holly CotterHolly Cotter is a a biomedical engineer turned regulatory strategist with hands-on clinical roots and global MedTech experience. She has led regulatory, quality, and clinical initiatives across startups, large manufacturers, and consulting environments, with deep expertise in EU MDR, post-market surveillance, PMCF strategy, and FDA compliance.Holly is also the Co-Founder of indieMedTech, a growing professional platform dedicated to connecting and empowering MedTech leaders. Through her consulting work and community building, she is helping companies navigate complex regulatory transitions - including the shift to QMSR - with clarity, structure, and risk-based thinking.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Risks occur. They happen but they don’t exist… hazards do.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits with Jean Blom, a QMS & Audit Specialist and risk management trainer with deep experience across ISO 13485 auditing, ISO 14971 risk management (including usability), and certification/accreditation perspectives.Our conversation is deliberately informal and highly practical. We explore why many teams get stuck in the mechanics of risk tools (especially large, bottom-up FMEAs), and how a shift toward hazard-first thinking can make risk management more tangible, especially for startups, early-career professionals, and teams working on diagnostic and software-driven devices.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:01 Introduction to Jean’s start in risk management02:45 Linear standards vs. real-world complexity05:20 Indirect harm in diagnostic and AI devices07:10 Risk management for start up and early career professionals10:30 Risks don’t exist, hazards do 13:20 Role of examples in risk management16:45 Risk information outside of risk management team 18:00 Why FMEAs fail at the executive view20:20 Risk management competence development21:00 Seek to be understood 23:40 Teaching risk without jargon26:40 From getting it right to not getting it wrongIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Why FMEA Alone is Not Sufficient for Risk Analysis.LTR: Three Pillars for Defining Your IVD Risk Management Strategy.LTR: Focus on Intended Use for IVD Risk Management.Key Takeaways* When just starting with risk management, begin with hazards: they are tangible and controllable; “risk” is an outcome.* Standards provide structure, but real-world risk is non-linear and contextual.* Diagnostic and AI devices shift risk focus from physical harm to information.* The instructions for many legacy risk tools (like FMEA) were built for projects and missions, not full lifecycle thinking.* Large FMEAs, even summarized, do not provide meaningful executive insight.* Jargon blocks learning; effective training must be adapted to experience level.* Risk capability evolves: from first learning to get it right, to continue training to not being able to get it wrong.KeywordsHazards, Hazardous Situations, ISO 14971, ISO 13485, Risk Management Training, FMEA Limitations, Diagnostic Device Risk, Usability Engineering, ISO 62366-1, Systems Thinking, Benefit–Risk, Risk Communication, Startup QMSAbout Jean BlomJean Blom is Netherlands-based QMS & Audit Specialist and Quality Manager (Medical Devices) with extensive experience guiding teams through ISO 13485 quality systems, auditing (ISO 19011), and ISO 14971 risk management, including usability. He has served as a Technical Assessor/Technical Expert for ISO 17021-1 accreditation activities related to ISO 13485 certification bodies and has supported global QMS compliance across multiple markets and device types.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Management review is no longer a check-the-box exercise. It’s the most powerful lever leaders have to drive proactive quality.”In this episode of the Let’s Talk Risk Podcast, Naveen Agarwal sits down with Jennifer Mascioli-Tudor, an experienced Quality and Regulatory leader, to unpack what QMSR readiness really means in practice.Jennifer shares what she’s seeing across the industry, from companies that are fully prepared to those that haven’t started, and explains why being ISO 13485 certified is not enough. The conversation dives deep into FDA inspection behavior, closed-loop risk management, management review as a leadership tool (not a formality), and the very real consequences of reactive quality systems.This episode is a must-listen for quality, regulatory, and executive leaders who want to move beyond compliance and build proactive, inspection-ready organizations.Chapters00:00 Welcome and Introduction02:20 ISO 13485 vs FDA inspections: where assumptions break down03:40 Closed-loop risk management across the total product lifecycle05:40 How FDA uses complaints, CAPA, and trends to escalate inspections09:35 Leadership mindset shift: from reactive fixes to proactive quality11:35 Management review as a strategic decision-making forum20:25 Inspection readiness as culture, practice, and people, not paperworkIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:* LTR: QMSR Readiness, Risk-Based Assurance and FDA Expectations.* LTR: 90-Day QMSR Readiness Action Pan for Leaders.* LTR: FDA Readiness for QMSR.Key Takeaways* Don’t wait for FDA to expose your gaps, identify and document them yourself* Treat QMSR as a strategic initiative, not a quality department project* Use management review to drive real discussion, decisions, and accountability* Focus on the critical few metrics, not dozens of unprioritized indicators* Train SMEs and cross-functional leaders to speak confidently about risk* Practice inspection scenarios before FDA shows up, not during the inspectionKeywordsQMSR, FDA inspection readiness, closed-loop risk management, ISO 13485, management review, risk-based decision making, proactive quality, trend escalation, cross-functional accountability, total product lifecycleAbout Jennifer Mascioli-TudorJennifer Mascioli-Tudor is currently the Founder and Principal Consultant at JMT Compliance Consulting offering consultant services to MedTech organizations in business, regulatory and quality management strategy. She is also an instructor at UC San Diego where she teaches regulatory fundamentals and design controls. Her industry experience includes leadership roles at J&J, Boston Scientific, Medtronic, and GE Healthcare. She holds a BSc from Eastern Michigan University, an MBA in Global Management, and is an ASQ Certified Quality Auditor.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“For years, clinical evaluations were mostly a story. What was missing were clearly defined outcome parameters, something measurable that connects the state of the art to benefit–risk conclusions.”In this Let’s Talk Risk! conversation, host Naveen Agarwal welcomes back Florian Tolkmitt, Managing Director of Pro-Liance Global Solutions, for a timely and highly practical discussion on clinical evaluation for medical devices.The conversation centers on the newly released draft ISO standard for clinical evaluation (ISO/DIS 18969), why it was developed, and what problem it is trying to solve. Florian shares first-hand insight from his role in the ISO working group, highlighting common industry misunderstandings, especially around outcome parameters, state of the art, and the linkage between clinical evaluation and ISO 14971 risk management.Together, Naveen and Florian unpack new terminology such as clinical risk, clinical outcome parameters, and available knowledge, clarifying how these concepts are meant to sharpen focus on patient-relevant benefit–risk decisions without overloading clinical evaluation with non-clinical risk data. The episode closes with practical reflections on how manufacturers, especially those struggling with EU MDR expectations, can use this process standard to strengthen their clinical evaluation approach.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and introduction to the topic of clinical evaluation01:25 What companies still get wrong about clinical evaluation03:10 Overview of the new ISO/DIS 18969 draft standard05:30 Why the standard is process-focused, not regulatory06:20 ISO 14971 as a normative reference and the idea of “clinical risk”10:20 State of the art vs. “available knowledge”17:40 Clinical outcome parameters and measurable benefit–risk25:00 Why this standard matters and who will benefit mostIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Clinical Evaluation Now More Important Than Ever Under EU-MDR.LTR: Smart Use of AI for Clinical Evaluation.LTR: Clinical Evaluation a Lifecycle Process Not a One Time Activity.Key Takeaways* Clinical evaluation is not a narrative exercise, it must be outcome-driven.* Not all risks belong in clinical evaluation; patient-relevant risks do.* Outcome parameters should be derived from state of the art, not after the fact.* The new ISO draft aims to harmonize global practice without reinventing regulations.* A strong clinical evaluation process improves both regulatory confidence and decision quality.KeywordsClinical Evaluation, ISO/DIS 18969, Risk Management, ISO 14971, EU MDR, Clinical Risk, Benefit–Risk Assessment, State of the Art, Post-Market Surveillance, Medical Device RegulationAbout Florian TolkmittFlorian Tolkmitt is the founder and owner of PRO-LIANCE GLOBAL SOLUTIONS GmbH providing consulting services in all aspects of clinical evaluation, regulatory affairs, risk and quality management. He is an expert in clinical evaluation, post-market clinical follow up and post-market reporting compliance. As a co-founder and board member of RAPS Deutschland e.V., he is very active in the regulatory community sharing his expertise and mentoring industry colleagues.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Delaying a product that is adequately safe and effective is itself a risk, one we rarely acknowledge in our quality systems.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal speaks with Ashkon Rasooli, a seasoned SaMD and AI/ML quality strategist, about what QMSR readiness really means for software-heavy medical device organizations.Ashkon explains why traditional hardware-centric quality thinking breaks down in software environments, where failures are deterministic, complexity is effectively infinite, and rapid iteration is the norm. He challenges the industry’s fixation on “bug-free” software and over-proceduralized QMS, arguing instead for quality systems that emphasize risk-based decision-making, shared ownership, and real-world practice.The conversation explores how QMSR’s deeper integration of ISO 13485 and risk management will reshape inspections, elevate expectations around cybersecurity and supplier oversight, and require QA/RA leaders to rethink their role—from compliance enforcers to system designers and collaborators.Chapters00:00 Welcome and introduction01:00 Fundamental differences between software and hardware risk04:50 Agile development vs. quality system control: where conflict arises07:40 Why “move fast and break things” fails in medical devices09:10 Bringing agility and ISO 13485 together through risk-based thinking12:05 QMSR’s implications for SaMD, cybersecurity, and supplier management16:20 Moving beyond procedures: practicing risk, not just documenting it20:20 Treating the QMS as a product with internal customers24:30 Delayed innovation as an overlooked form of patient riskSuggested links:* LTR: QMSR Readiness, Risk-Based Assurance and FDA Expectations. * LTR: 90-Day QMSR Readiness Action Pan for Leaders. * LTR: FDA Readiness for QMSR.Key Takeaways* Software risk is deterministic, not statistical: bugs fail 100% of the time once triggered.* Chasing “bug-free” software can delay safe, effective products and deny patients timely access.* Agile and quality are not opposites, but they must be reconciled through risk-based discipline, not speed alone.* Under QMSR, risk expands beyond safety to include cybersecurity, data integrity, and system reliability.* FDA inspections may increasingly link observations directly to deficiencies in risk-based decision-making.* A mature QMS must be practiced, not just documented; procedures alone won’t demonstrate control.* QA/RA leaders must treat the QMS itself as a product with internal users and continuously improve it.* Future quality leaders need enough technical fluency to engage engineering as partners, not adversaries.KeywordsQMSR, FDA readiness, ISO 13485, MDSAP, FDA inspections, quality system regulation, risk-based quality, CAPA, post-market surveillance, QA/RA leadershipAbout Ashkon RasooliAshkon Rasooli, is a medical device Quality Management Systems strategist specializing in SaMD, SiMD, and AI/ML-enabled technologies. He brings over a decade of experience across engineering, product management, regulatory, and quality roles, spanning large MedTech firms, big-tech environments, and VC-backed startups. Ashkon is the founder of EnGenius Solutions and is known for his pragmatic, “non-BS” approach to building quality systems that protect patients without stalling innovation.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Risk management should not be a compliance checkbox. It must actively govern design decisions and feedback loops across the product lifecycle.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Pujitha Gourabathini, Quality Assurance and Risk Management leader at Becton Dickinson, to explore one of the most persistent challenges in MedTech: effectively integrating risk management with design controls.Pujitha shares practical, experience-based insights on why risk files often become disconnected from design inputs, verification strategies, and sustaining engineering changes. Drawing on real-world examples, she explains how “like-for-like” assumptions, tight timelines, and limited cross-functional engagement can quietly erode patient safety if risk is not continuously reassessed.The conversation goes beyond procedures to focus on culture, highlighting the importance of collaboration, early engagement, and continuous improvement to ensure risk truly governs design decisions. As QMSR approaches, this episode offers timely guidance for QA/RA and engineering leaders looking to move from checkbox compliance to lifecycle risk assurance.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and introduction01:00 Pujitha’s path into quality and risk management03:40 Where risk and design controls disconnect in practice05:20 Sustaining engineering: the most overlooked risk blind spot06:40 “Like-for-like” changes and dangerous hidden assumptions09:00 Proactive risk reassessment through continuous improvement11:10 Organizational barriers: timelines, awareness, and ownership25:05 Closing takeaways: culture, collaboration, and QMSR readinessIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Managing Post-Market Design Changes.LTR: Building Safety by Design.LTR: Beyond Compliance - Building Good Practices Under QMSR.Key Takeaways* Risk management must actively inform design inputs, outputs, and verification, not exist as a standalone file* Sample sizes and verification strategies should be scaled to patient impact, not convenience* Sustaining engineering changes often carry hidden risk and deserve the same rigor as new product development* “Like-for-like” component changes can invalidate prior risk analyses if assumptions go unchallenged* Continuous improvement programs work best when risk awareness extends beyond Quality into engineering and project management* Early collaboration reduces rework, delays, and late-stage risk discoveries* QMSR raises expectations for closed-loop feedback between design, risk, and post-market dataKeywordsRisk management, design controls, QMSR, sustaining engineering, ISO 14971, patient safety, verification strategy, continuous improvement, safety culture, lifecycle riskAbout Pujitha GourabathiniPujitha Gourabathini is a Quality Assurance and Risk Management leader in the medical device industry with deep expertise in lifecycle risk integration, design controls, and post-market safety. She currently serves as a Quality Assurance Manager focused on risk management, where she leads cross-functional efforts to embed patient safety into both new product development and sustaining engineering activities.With hands-on experience across ISO 14971, FDA QSR/QMSR, EU MDR, and safety assurance practices, Pujitha is passionate about moving risk management beyond documentation toward practical, decision-driven application. She is an active contributor to industry discussions through writing, mentoring, and knowledge sharing—advocating for stronger safety culture, continuous improvement, and proactive risk ownership across organizations.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“QMSR isn’t about regulatory obligation; it’s about managing business risk, protecting customers, and preserving market share.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal is joined by Steve Silverman to explore a question that’s often left unspoken: Is the FDA ready for QMSR?Drawing on his experience as a former FDA leader and industry policy expert, Steve acknowledges that the current environment inside the agency is marked by workforce reductions, loss of institutional knowledge, and political disruption. But he also emphasizes that QMSR activation on February 2, 2026, is still very much on track. He cautions companies against “waiting it out” and explains why hoping for delays or informal grace periods is a risky strategy.The conversation dives into practical implications for manufacturers, including how FDA is preparing its inspectors, what the absence of updated QSIT guidance really means, why MDSAP certification is helpful but not sufficient, and how FDA is signaling stronger expectations around risk-based quality systems, especially in premarket reviews. The episode closes with clear advice for QA/RA leaders on how to frame QMSR readiness as a business risk and strategic opportunity, not just a regulatory exercise.Chapters00:00 Why FDA readiness for QMSR matters as much as industry readiness02:00 Inside FDA: disruption, workforce loss, and institutional impact04:12 Will QMSR really go live in February 2026?06:14 Lessons from MDSAP and parallels to QMSR rollout10:40 How FDA prepares inspectors for a new regulatory framework15:14 Why MDSAP certification is not a free pass under QMSR19:14 What FDA inspections may look like in early 202627:58 How QA/RA leaders should explain QMSR to the C-suiteSuggested links:* LTR: Communicating Effectively with Senior Executives. * LTR: 90-Day QMSR Readiness Action Pan for Leaders. * Steve’s Substack: What the FDA?.Key Takeaways* QMSR will activate on February 2, 2026, companies should not expect delays or extensions.* FDA has experienced significant disruption, including workforce reductions and loss of expertise, but core regulatory work continues.* Waiting to see how FDA “handles” QMSR is a high-risk strategy for manufacturers.* FDA inspectors are being trained internally to transition from QSR to QMSR, even without updated QSIT guidance.* MDSAP certification can ease the transition but does not replace FDA inspections or guarantee QMSR compliance.* FDA will continue enforcing recall and adverse event reporting requirements alongside QMSR.* Firms that demonstrate good-faith progress and a clear quality plan are likely to encounter a more collaborative FDA posture.* QMSR explicitly elevates risk as a lifecycle concept, spanning premarket, post-market, and business decision-making.* Leaders should assess their real exposure using post-market data and not assume compliance equals safety.* QA/RA leaders must translate QMSR work into business risk, market impact, and strategic value for executives.KeywordsQMSR, FDA readiness, ISO 13485, MDSAP, FDA inspections, quality system regulation, risk-based quality, CAPA, post-market surveillance, QA/RA leadershipAbout Steve SilvermanSteve Silverman, is the President of The Silverman Group. Steve spent more than a decade at FDA in leadership positions across the Agency. He adds private-sector expertise from consulting and representing industry members. Steve develops strategies that satisfy regulators and promote business needs. He holds a Bachelor’s degree in English Literature, and a JD in Law.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“The industry is aware of QMSR, but they’re not moving. Many are still holding their breath, hoping something will change.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal is joined by Michelle Lott for a deep and practical discussion on QMSR readiness as FDA’s February 2026 deadline rapidly approaches. Michelle shares a sobering view of where the medical device industry truly stands, highlighting a dangerous gap between awareness and action.The conversation explores how FDA is signaling its expectations well before inspections begin, particularly through new draft guidance for pre-market submissions. Together, Naveen and Michelle unpack what “risk-based approach” really means under QMSR, not just for design and development, but across supplier controls, CAPA, complaints, data analysis, and management review.They also examine one of the most consequential shifts under QMSR: FDA’s expanded authority to review management responsibility and system-level effectiveness. The episode closes on a forward-looking note, emphasizing the opportunity for QA/RA leaders to reposition themselves, not as compliance enforcers, but as strategic partners in prevention, assurance, and sustainable patient safety.Chapters00:00 Why QMSR readiness matters now01:00 Industry complacency and false hope for delays05:00 FDA signals through pre-market guidance09:00 Compliance vs. assurance: what FDA really wants11:00 What “risk-based” means beyond ISO 1497114:00 Where companies should prioritize immediately17:00 Management review and executive accountability26:00 The opportunity for QA/RA leadership under QMSRSuggested links:* LTR: Risk, CAPA and FDA Inspections under QMSR. * Lean RAQA: RAQA Services, Resources and Courses. * FDA: Voluntary Improvement Program (VIP).Key Takeaways* Many companies are aware of QMSR, but are still not acting with urgency.* ISO 13485 alignment significantly reduces compliance risk, but does not eliminate it.* FDA has already committed to inspecting against QMSR beginning February 3, 2026 and there is no grace period coming.* New PMA draft guidance signals FDA’s shift from compliance evidence to assurance of sustained safety and effectiveness.* “Risk-based approach” under QMSR applies across the entire QMS, not just ISO 14971 hazard analyses.* Management review is no longer protected territory; FDA can now assess how leadership identifies and responds to systemic risk.* The five chronic FDA pain points: CAPA, complaints, design controls, supplier controls, and nonconforming product, will matter even more under QMSR.* Strong QA/RA leaders can use QMSR as a platform to become prevention partners, not procedural gatekeepers.KeywordsQMSR readiness, FDA QMSR, ISO 13485, risk-based approach, risk-based assurance, compliance vs assurance, FDA inspections, management review accountability, CAPA effectiveness, supplier controls, quality system maturity, QA/RA leadershipAbout Michelle LottMichelle Lott is the founder of Lean RAQA, where she provides fractional RA/QA leadership, audit prep, quality system design, and regulatory strategy for MedTech startups and small companies. With 20+ years of experience and an RAC certification, Michelle has helped hundreds of firms navigate FDA submissions and ISO compliance, bringing clarity and efficiency to even the most complex regulatory challenges. DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“FDA isn’t asking whether you followed the procedure. They are asking whether your system can assure consistent outcomes in the real world.”In this episode of the Let's Talk Risk Podcast, Priya Setty joins host Naveen Agarwal to unpack why QMSR represents more than a procedural update; it’s a mindset shift toward assurance, credibility, and risk-based decision making across the entire product lifecycle. Priya shares how the FDA’s alignment with ISO 13485 elevates expectations for design controls, risk integration, software assurance, and role-specific competence.Drawing on her clinical roots, global regulatory experience, and work in regulatory intelligence, Priya discusses how RA/QA professionals can prepare for future expectations through deeper understanding of risk, building strong feedback loops, developing competence beyond training, and embracing leadership roles that shape culture, not just documentation.Chapters00:00 Why QMSR is a shift from compliance to assurance.01:00 Priya’s unconventional journey from occupational therapy to regulatory affairs.04:00 How FDA expects QMSR readiness to show up in pre-market submissions.07:00 Compliance vs. assurance: Priya’s analogy for FDA’s mindset shift.09:30 Software assurance, least burdensome validation, and risk-based thinking.13:00 Why QMSR requires more than documentation—evidence of decision-making maturity.17:00 The future of inspections: competence, culture, and systemic vulnerabilities.22:00 Priya’s advice on preparing for QMSR and building a future-ready RA/QA career.Suggested links:* FDA: Draft Guidance - QMS Information for PMA Reviews. * LTR: Megan Kane on Leading QMSR Readiness in a Startup. * LTR: A 90-Day QMSR Readiness Action Plan for Leaders.Key Takeaways* QMSR represents a mindset shift: from proving compliance through procedures to demonstrating assurance through real-world performance and decision-making maturity.* FDA now expects integrated, lifecycle risk management, not isolated risk files; risk thinking must visibly connect design, verification/validation, manufacturing, and post-market actions.* Pre-market submissions will reflect QMSR readiness by showing how risk management drives design decisions, supplier oversight, and verification strategies.* Software assurance is now explicitly risk-based, requiring validation proportional to intended use and potential impact, reflecting the “least burdensome” approach.* Competence, not just training, will be scrutinized, and systemic gaps may escalate into management responsibility findings under QMSR.* Culture becomes a quality system indicator, especially how organizations make decisions, close feedback loops, and connect signals to design controls.* QMSR transition challenges differ by maturity: ISO 13485–certified companies refine and align; non-certified companies must build foundational structures.* RA/QA professionals must evolve into cross-functional leaders, shaping risk-informed culture, strengthening feedback systems, and developing deeper expertise in standards and regulatory philosophy.* Personal career growth principles - curiosity, networking, boldness, persistence - remain essential, especially as AI and digital technologies reshape regulatory practice.KeywordsQMSR, Quality Management System Regulation, ISO 13485, Regulatory Affairs, Risk Management, Assurance Mindset, FDA Inspections, Software Assurance, Competence vs. Training, Regulatory Intelligence, Medical Devices, Digital Health.About Priya SettyGeethapriya (Priya) Setty is a regulatory affairs strategist and systems builder with over eight years in global regulatory affairs and more than twenty years in healthcare. Starting her career as a pediatric occupational therapist, Priya brings a unique blend of clinical insight and policy expertise to the evolving world of medical technology. She leads regulatory intelligence and digital transformation initiatives at a global medical device company, specializing in global regulatory strategy, regulatory intelligence, and digital health/AI compliance for high-risk devices. Priya is adept at navigating complex regulations such as the EU AI Act and FDA guidance, ensuring compliance is embedded in every innovation.A certified PMP, RAC (Devices), and ISO 13485 lead auditor, Priya is known for demystifying complex regulations and building systems that keep teams ahead of industry changes. Guided by her mantra, “make a choice, and make it happen,” she is dedicated to leadership, mentorship, and simplifying healthcare through curiosity and purpose-driven action.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-suppor

Summary“Under QMSR, FDA will still be FDA, but they’ll finally have broader authority to cite what they’ve always cared about.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Adam Isaacs Rae to unpack one of the most misunderstood aspects of FDA’s new QMSR rule: the parts that aren’t changing.Adam brings a unique dual-lens perspective as both a medical device consultant and a lead auditor for certification bodies. With trademark clarity and humor, he explains why focusing only on “closing gaps” misses the real risk. The conversation dives into places where FDA will continue to operate exactly as before such as design control expectations, CAPA rigor, complaint handling scrutiny, and the agency’s ability to dig deeper under the broader ISO 13485 framework.Across thirty minutes, Naveen and Adam explore how QMSR will shift the conversation from timeliness to effectiveness, from dashboards to real risk thinking, and from procedural compliance to deliberate regulatory strategy in complex multi-market environments.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction and welcome00:53 The story behind “The Other Consultants”02:22 Why QMSR prep must go beyond gap assessments03:12 What QMSR won’t change and why it matters04:59 Design control complexity under QMSR08:00 FDA’s deeper reach into complaints and risk13:41 CAPA becomes CA + PA and effectiveness takes center stage23:07 Key takeaways and closing remarksIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: 90-Day Action Plan to Review QMSR Readiness.LTR: Beyond Compliance - Building Good Practices Under QMSR.ACHIEVE Workshop: Using ChatGPT to Analyze Recalls and Adverse Events. Key Takeaways* QMSR changes the requirements, not FDA’s inspection philosophy. The agency will still probe deeply and expect strong evidence of safety and effectiveness.* Design control complexity will increase. Especially for manufacturers managing the same device across the US, EU, and UK under a unified system.* Risk integration becomes unavoidable. Under ISO 13485, FDA can now cite weaknesses in risk-linked processes more explicitly.* Complaint handling scrutiny will intensify. Inspectors can now ask for “your highest-risk complaints”, and expect a defensible rationale.* CAPA becomes CA + PA. Terminology harmonizes with ISO, but FDA’s expectations for root cause depth and recurrence prevention remain unchanged.* Effectiveness will take center stage. FDA will look beyond timeliness KPIs and challenge the thinking behind effectiveness criteria.* Effectiveness must be defined up front. Not after the corrective actions are completed, a common failure mode in CAPA systems.* Recurrence and escapes remain FDA’s biggest red flags. QMSR simply gives them broader grounds to write findings.* Manufacturers must rethink regulatory strategy. Reliance sounds attractive, but differing market routes require clear separation and intentional planning.* The biggest risks come from what QMSR doesn’t change. These unchanged legacy expectations can “sting” manufacturers who assume harmonization means simplification.KeywordsQMSR, ISO 13485, FDA inspections, design controls, CAPA, corrective action, preventive action, effectiveness criteria, complaint handling, risk-based quality, regulatory strategy, post-market surveillanceAbout Adam Isaacs RaeAdam Isaacs Rae is a medical device quality and regulatory leader and Managing Director of The Other Consultants and The Other Auditors. With over a decade of experience across global medical device manufacturers, regulatory bodies, and certification audits, Adam brings a rare dual perspective as both consultant and lead auditor for ISO 13485. He specializes in pragmatic, risk-based compliance strategies that balance regulatory rigor with business realities, and is known for his clear, conversational approach to complex topics like QMSR, CAPA, and international market access.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe