Play Celebrity Jeopardy! to learn the European Medical Device Regulation

I grouped celebrities who share a common medical treatment and ask you to classify the device using the new European Union Medical Device Regulation rules. I give the answers, you respond in the form of a question. If you need to see it in action, watch the video of Saturday Night Live’s Celebrity Jeopardy spoof. (warning: it’s rated PG-13)

Use these resources
If you’re unfamiliar with the EU-MDR, please see this article on the MDR “Big Picture.”otherwise use these resources to play Celebrity Jeopardy using MDR rules
The official MDRthe classification rules for this game are in Annex VIII
Use the internet for pop-culture references, and don’t take anything too seriously. Give the movie role or rock band if you don’t know a name. The point is to learn the MDR while having fun, and part of learning is embracing ambiguity and using the internet.
MDR Device Classifications

category: HAVE A HEART
Hints are given in each category.
$100: They are known as:
the host of television’s “Late Night” throughout the 80’s and 90’s
the 42nd presidentof the USA
the 43rd president of the USA
$200: This medical device has been implanted in the three celebrities shown.
$300: This MDR classification and rule apply to the device.
$400: This presidential candidate played the saxophone on a late-night comedy show in 1992, which is credited as changing all subsequent political strategies to reach out to younger voters.

KEEP UP THE PACE
$100: They are known as:
a singer, knighted by the Queen of England
a clown on television’s The Simpsons
$200: This medical device, which was first prototyped in 1899, is implanted in the celebrities shown, and controls their heart rhythms.
$300: This MDR classification and rule apply to the device.
$400: This celebrity, one of the four shown in the photo above, had their heart stop when they overdosed on drugs, but doctors revived them with a shot of adrenaline into their chest.
$500: This MDR classification and rule apply to “Automated External Defibrillators,” or AED’s, which are publicly available devices that can revive someone without the need to shoot adrenaline into their chest.

IT’S HIP TO BE SQUARE
$100: They are known as:
$200: This medical device, which is implanted in more than 300,000 Americans each year, is implanted in all four celebrities shown.
$300: This MDR classification and rule apply to the device.
$400: This 1987 science-fiction film, about an alien that hunts humans, stared two of the celebrities, before they both were elected as state governors.

BEAUTY AND THE BEAST
$100: They are known as:
$200: Both celebrities became deaf as children but obtained limited hearing thanks to this medical implant that converts sound to electrical signals sent to their nervous system.
$300: This MDR classification and rule apply to the device.
$400: This 1977 documentary film profiled one of these celebrities and the future governor of California as they trained for “Mr. Olympia,” and led to both of them starting in action films in the 1980’s.

HELLO. YOUR DONATION SAVED MY LIFE.
$100: They are known as:
$200: All received this general type of medical treatment, using a donation from another person.
$300: This MDR classification and rule apply to the device that transported the donations to the operating rooms of the celebrities shown.
$400: This celebrity, pictured above, lost the election for governor of California to Arnold Schwarzenegger in 2003.

BABY GOT BACK
$100: They are known as:
an Oscar-winning actor and star of the films Ocean’s 11, Batman, and Syriana who was 1997’s People Magazine “Sexiest Man Alive”
$200: Both celebrities had chronic pain for this part of the human body (see the hint).
$300: This MDR classification and rule apply to the dancer’s implant, a total disc replacement.
$400: This MDR classification and rule apply to the actors implants, permanent fusion devices
Please consider this: Classification is a first step for the MDR and will impact the amount of work you need to do over the subsequent years. These two devices seem similar but have different classifications based on a nuance in terminology that could easily be overlooked by a single person or department. In this case they call a fusion device a “wedge,” which is unclear because not all fusion devices are shaped like wedges. Nuances like this are why I encourage using diverse teams to make decisions throughout the MDR.
$600: This 1978 science-fiction film about tomatoes that become sentient and revolt against humanity was the first movie role for the academy-award winning star of Syriana, Batman, and Ocean’s Eleven.

FINAL JEOPARDY
bet as much as you’d like
This company used industrial-grade silicone instead of medical-grade silicone for breast implants, creating pain and suffering for thousands of patients and a lifetime of health risks for the 400,000 people who received the implants, and was a major reason for the new medical device regulations.

There’s a lot more to MDR. If you’d like to learn more, or work with a training company or consultant, please consider the resources below.
Resources
OFFICIAL REGULATIONS
PRIVATE COMPANY SUMMARIES
CONSULTING & TRAINING
Oriel STAT-A-MATRIX(an International company; I consult with Oriel)

MaetricsLNE G-MedMDI Consultants

Qunique (based in Switzerland)
Me(Jason 🙂
My Opinion

As a society we’re learning that healthcare should improve. You can help.
For example, consider the spine implants and cardiovascular implants of the celebrities shown. They have access to the any healthcare money can buy, yet are still subject to the same risks as billions of people on the planet who hope our healthcare companies and providers are informed and ethical.
But, spine implant companies are often the subject of lawsuits and federal investigations for conflicts of interests when doctors advise patients but are paid by medical device companies that receive revenue from the procedures.
Similarly, For example, Cardiovascular stents are implanted in millions of people each year, including David Letterman, Bill Clinton, and George Bush, but have been criticized as often being an unnecessary procedure, even for the president, and by the president’s surgeon who implanted the stent.
This is a problem globally. 400,000 people received toxic implants from Europe, and in the United States 80,000 – 240,000 people die from healthcare errors each year, and globally 5 million people die each year from low-quality healthcare. The MDR is a step towards data-driven decisions in healthcare that’s less influenced by marketing and false views. Learn more in my MDR blogs about reducing risk as far as possible.
As professionals, we can help society by understanding regulations like the MDR that intended to protect people, practicing leadership skills that let us influence our organizations, and letting our elected officials know that healthcare safety and cost-effectiveness is important to us.
Rock on
Please share this game if you think other people could benefit.
Keep in Touch
I post a few articles through my Linkedin page but most articles are in my website’s blog. I update subscribers once or twice a year with big-picture summaries of different disciplines.
My work is focused on equitable healthcare and education globally, and combines my experiences as a medical device developer, teacher, and traveler in ways that I hop provide immediate benefit to each reader. It’s part of my work-life harmony, a concept I integrate into corporate consulting and teacher training.

Understand the ISO process approach by using 1980’s pop-culture

Three of my skills in this world include medical device development, teaching, and 1980’s pop culture. This article combines all three, using pop culture to illustrate concepts behind medical device quality system regulations that require a “process-based approach.” It’s starts with this, which will either confuse you or make you chuckle:
Was that a process?
Before I give my answer I’ll share the background of MC Hammer, Vanilla Ice, and the Process Approach to quality control so that everyone can make an informed decision.
Background
1990’s?
MC Hammer was famous in the 80’s, especially for the lyrics, “Stop! Hammer Time!” His video for “Can’t Touch This” has been viewed 500 million times.

Vanilla Ice was famous in the 80’s, especially for the lyrics, “Stop! Collaborate & Listen!” His video for “Ice Ice Baby” has been viewed 250 million times.

If you knew hip-hop music from the late 1980’s and 1990’s, answering questions on the first diagram would make you either Stop! and Hammertime; or Stop! Collaborate, and listen.
International Standards Organization (ISO)
Medical device companies must have an approved quality system to sell their products. The international standards for quality systems is ISO 13485, which was updated to emphasize risk-driven processes. ISO 13485 training videos have, collectively, been viewed a few thousand times, but impact the lives of billions of people.

500,000 million people know about MC Hammer, but only a few understand the process approach to quality control of medical devices, which affects billions of people. 44% of medical device recalls could have been prevented by process controls, and healthcare mistakes lead to 250,000 deaths in the United States each year. The process approach could save more lives and make the world a healthier place.
The process approach
The international standard for quality management, ISO 9001, defines a process in clause 3.4.1 as:
“… a set of interrelated or interacting activities that transforms inputs into outputs.”
Inputs and outputs could be things, such as drawings or parts, or information, such as documents or test results.ISO 13485:2016, which is based on ISO 9001 but focused on medical devices, defines a process as:
“Any activity that receives input and converts it to output can be considered as a process. Often the output from one process directly forms the input to the next process.”
and the process approach as:
“…the identification and interactions of these processes, and their management to produce the desired outcome, can be referred to as the “process approach.”
with a goal of:
“…improving processes based on objective measurement.”
Clause 8.2.5 of the standards adds that all processes:
“…should be monitored and improved for effectiveness.”
In other words, all processes should be controlled by an overall process of continuous improvement. But, that still doesn’t tell us what is and what is not a process.
Is this a process?
The first example leads you through a series of choices that result in a a decision, either to “Hammertime” or “Collaborate – Listen.”

Is this a process as defined by the ISO process approach? Why or why not?
I’ll provide space before my answer with lyrics from MC Hammer’s 1989 hit song, “U Can’t Touch This”:
Every time you see me that Hammer’s just so hype I’m dope on the floor and I’m magic on the mic Now why would I ever stop doing this With others makin’ records that just don’t hit I toured around the world from London to the bank It’s Hammer go Hammer It’s a Hammer yo Hammer and the rest go and play
You can’t touch this (oh-oh oh oh-oh-oh) You can’t touch this (oh-oh oh oh-oh-oh) Can’t touch this (oh-oh oh-oh-oh) Yeah u can’t touch this I told you u can’t touch this (oh-oh oh-oh-oh) Too hype can’t touch this Get me outta here u can’t touch this (Oh-oh-oh-oh-oh-oh-oh-oh-oh-oh-oh-oh)

Here’s my answer: The example is not an ISO process according to the process approach.
It’s a flow chart, and useful way to choose “Hammertime” or “Collaborate and Listen”that could be used within a process to help visualize written instructions, but it’s not a process in the context of ISO 13485 because it doesn’t use inputs to produce outputs.
Someone may perceive that it has implied inputs and outputs, but it’s unclear how implied outputs could be used as inputs for other processes that would be linked in a cycle of continuous improvement.
Let’s look at another example from Devo’s 1980 song, “Whip It.” I encourage you to listen to the video while reading the example. Crank up the volume so that everyone in your office can jam with you.

Is this an ISO process-approach? Why or why not?
I’ll provide space before my answer with lyrics from Devo’s 1980 hit song, “Whip It!”
When a good time turns around You must whip it You will never live it down Unless you whip it No one gets away Until they whip it
I say whip it Whip it good I say whip it Whip it good
Crack that whip
Give the past the slip Step on a crack Break your momma’s back
When a problem comes along You must whip it Before the cream sits out too long You must whip it When something’s going wrong You must whip it

The “Whip It!” chart is not the process approach. It’s elaborate and a lot of work went into it, but it’s not monitored for effectiveness. In other words, the song remains the same.
Another way to view this could be to use a term from Systems Engineering, “closed-loop process.” A closed-loop process is also called a “feedback” process because outputs are fed back into the process so that the process improves. Conversely, an open-loop process does not improve.

The Whip It flow chart would always result in the same song, and The MC Hammer flow chart would continue giving two choices but would not improve, would not stay relevant, and would not maintain effectiveness over time. In other words, neither example was a process in the ISO definition of process approach.
This is a process
Let’s look at what ISO considers a process using the

which is based on the process approach.

In the diagram, arrows show the flow of information between departments, which means that each departments processes are linked, and that “Risk Management” is the basis all processes.

“Purchasing”

is shown to link to all departments, because to monitor and control supply-chains so that things external to our quality system don’t become a weak link in our processes.

The diagram doesn’t show inputs from the external world that are described in the text of ISO standards, which includes inputs for “Design and Development” that come from real-world feedback based on the needs of customers, users, and patients; and international regulatory requirements. These regulatory requirements are continuously improved based on outputs of all medical device companies, such as products and patient outcomes, creating a closed-loop system of continuous improvement for global healthcare.
As an example of a process within a company linked to other processes within that company, consider “Design and Development” and the FDA design-control guidance:

The written descriptions state that Design Input includes:
user needs (shown in the flow-chart)regulatory requirements

post-market surveillance of existing productsfrom outputs of linked processes in Measurement, Analysis, & Improvement
risk management policiesfrom outputs of linked processes overseen by Management.
The work of your design team converts design inputs into Design Output, which can include:
part drawingssoftware codesservices to customers

risk analysis documentsbecome input to Purchasing through linked processes
After verification and validation, Design Output becomes input for other departments, such as manufacturing and purchasing. In this way, each company functions as a process of continuous improvement.

A company’s quality system should monitor effectiveness of it’s products and feed that information back into product design in a process of continuous improvement. ISO summarizes the process approach as:
For an organization to function effectively, it needs to identify and manage numerous linked processes. The application of a system of processes within an organization, together with the identification and interactions of these processes, and their management to produce the desired outcome, can be referred to as the “process approach.”
Processes should be linked to form a closed-loop system of inputs and outputs. If an output isn’t used by other processes it could be an unnecessary use of resources. In the words of MC Hammer and Vanilla ice, it’s time to Stop! that process, then Collaborate and Listen! to make team-based decisions on prioritizing value-added steps in a process of continuous improvement.
Process symbols
Process maps aren’t required, but they can help you and your team analyze any part of your quality system to ensure it’s a risk-driven process, or to look for gaps to close. They don’t have to be elaborate; simple process maps can be more effective because a diverse group of people can use them without formal training. Common flowchart symbols are shown here:

Resources
CONSULTING & TRAINING
Oriel STAT-A-MATRIX (I consult with Oriel)

MaetricsLNE G-MedMDI Consultants

Me (Jason 🙂
AUDITING ORGANIZATIONS
Summary
Processes receive inputs and creates outputs that become inputs for other processes, creating a continuous flow of information and actions.A company’s quality system coordinates these processes

The FDA and the EU-MDR require processes that reduce risk and continuously improve.
Please share
If you think this has been entertaining and useful, please link to it or forward it for others who could benefit.
Parting words
Vanilla Ice wrote at age 16.

I listened to “Ice Ice Baby” at my high school prom. It’s a fun song, but my taste and choices have evolved, especially with haircuts.

Today, I help corporation improve by becoming more efficient and innovative while reducing risk to people. I focus on life-work harmony for employees, and keep the perspective that we can help >7.6 Billion people have healthier, happier lives.
Life, like a quality system, is process of continuous improvement. I wish you well with both.

.

How 1980’s pop culture can help us make risk-based decisions in healthcare

6 minute read.
This article uses 1980’s pop culture to describe purchasing requirements in ISO 13485 and the Medical Device Single Audit Program, MDSAP.
In the 1986 film “Crocodile Dundee,” a gang in New York attempted to rob a crocodile-hunter visiting from Australia. They flashed a knife, and he replied with a line that’s been quoted for 30 years: “That’s not a knife. This is a knife!”
Crocodile Dundee made a risk-driven decision. A flow-chart for his decision would look like this:

Medical device companies are required to make risk-based decisions by international regulations and standards, such as ISO 13485 and MDSAP, which state that all company process should be linked by a common goal of reducing risk. This article focuses on risk-driven decisions in purchasing processes, but can be applied to any department in your company.
Purchasing is important
To understand why “Purchasing” is so important for risk-based decisions and processes, consider the 1986 Challenger Space Shuttle explosion.Seven people died, including a civilian high-school teacher.

The explosion originated near a small O-ring that was allowing fuel to leak. That O-ring was purchased from a vendor, but no one in the purchasing department knew the significance of that part. In fairness, it would be hard to see the significance of an O-ring, which emphasizes that Risk isn’t just about the part, it’s about what happens if that part fails.
Regulations for purchasing
The scene from Crocodile Dundee that led to a risk-based decision, “That’s not a knife,” has been viewed two million times:

Your company must have an approved quality system to sell medical devices. The international standard for this is ISO 13485, which is the foundation of a new audit method, the Medical Device Single Audit Program (MDSAP). Both require that quality systems function as a “risk-driven process.” ISO 13485:2016 training videos have, collectively, been viewed a few thousand times, but impact the lives of billions of people.

A ‘process approach’ that reduces risk to patients is the foundation of ISO13485 and MDSAP. Together, these programs help improve healthcare for 7.2 billion people. But, they don’t detail how to analyze risk. For that, use ISO 14971, Risk Management, and the supplement used in the European Union, EN 2012 : ISO 14971. Both include using teams to identify, analyze, and document “Hazardous Situations” in which the failure of a part would lead to unforeseen risks.
In the case of the Space Shuttle Challenger, a Hazardous Situation Analysis would have included asking “what happens if the O-ring fails?” and “what if the weather is colder on launch-day than purchasing specifications for the O-ring?” Those questions were being asked by engineers, but there wasn’t a way for their voices to be heard; modern Risk Management standards ensure a diverse team identifies, analyzes, and documents hazardous situations so they can be used by all departments. In the language of ISO13485 and MDSAP, risk analysis would be “linked” to processes used by other departments, such as the NASA launch team and purchasing departments.
That’s not a process.This is a process!
Let’s look at what ISO 13485:2016 considers a process, using a diagram provided by Crocodile Dundee’s home country, Australia, which is one of five countries pioneering MDSAP.

“Risk Management”

and “Purchasing” surround all departments. The diagram shows that Purchasing is driven by Risk Management, which means that oversight of vendors is based on reducing risk, which requires information from all departments through a series of linked processes.

All of these risk-driven processes create outputs; each output is used by other processes within a company, sometimes in different departments, with the goal of reducing risk to patients. In other words:
A process receives inputs and creates outputs. Outputs become inputs for other processes, creating a continuous flow of information and actions. A company’s quality system oversees these processes, and uses inputs from the real-world to generate outputs in the form of improved products and services.
Risk-driven process
For more clarity on how ISO defines a process, please see my blog, “MC Hammer, Vanilla Ice, & the process approach for quality systems,” where I illustrated concepts for what is, and what is not, a process. The bottom-line is that a flow-chart is not a process; to be a process by ISO definitions, you must show that outputs become inputs for other processes in a closed-loop system of continuous improvement.
MDSAP requires evidence that your company uses risk-driven decision points for purchasing, either for high-risk parts or high-risk vendors. Examples of decision points for vendor selection or oversight include:
Is it a high-risk part?Is this a high-risk vendor? i.e., are they not ISO 13485 certified, not MDSAP audited, have a history of mistakes, etc.Is it a “Black Box” part? i.e., Is the part is assembled by a vendor, and when we receive the part are critical features hidden from our inspection process?Does the vendor use sub-vendors that introduce risk into your supply chain?
An example of a risk-driven purchasing process is:

In this example, processes are linked between departments using “Risk Management Documents,” and receive real-world input for continuous improvement through incoming inspections and CAPA’s (Corrective And Preventive Actions). Risk-driven decisions are made for vendors based on the part they’re making and their capabilities, which complies with ISO 13485, clause 4.1.5:
“controls shall be proportionate to the risk and the ability of the external party…”
In other words, risk for purchasing is a combination of the part and the vendor. You can reduce risk from purchasing in many ways, such as:
Selecting vendors that are ISO 13485 compliant or have passed a MDSAP auditOn-site inspections of their quality systemIncrease the percentage of parts inspected in your receiving departmentRequest first-article inspections for custom-made partsWorking with design engineering to reduce risk from that part
Because there are so many ways to reduce risk from purchasing, I strongly recommend starting with a plan. A plan that includes including scope, goals, team-members, etc. could be the starting point of brainstorming best ways to reduce risk. And, it’s likely that unforeseen situations may arise in your Hazard Analysis. For standardized ways to analyze risk, see my article on “Medical Device Risk,” based on ISO’s standard for Risk Management, ISO 14971. For this article on purchasing, the most important requirements from ISO 14971 and ISO 13485 are:
Start with a team-driven risk management plan, including what’s an acceptable level of risk. Remember the Space Shuttle time-line pressures? Pre-determined risk analysis reduces the human tendency to push boundaries when pressured.
Share Risk Management processes between departments through linked processes. In the example I created, “Risk Management Documents” would probably begin with Design Controls, and extend through manufacturing, purchasing, supplier audits, field maintenance, etc. Again, the Space Shuttle illustrated that one department knowing the risk was insufficient risk management because not all departments had access to that information.
Document all assumptions, ensuring there’s a process linking post-market surveillance to update assumptions. In a way, that’s what every iteration of ISO 13485 and 14971 are doing for us; they use information from events all over the world to continuously improve standards so that patients have safer healthcare.
Documentation could be done in many ways, such as with an engineering change order, ECO, following ISO 13485 change-control guidelines, and should be described in your company’s quality system. A comprehensive Risk Management policy is part of a company’s overall quality system, which is a responsibility of each company’s executive management.
Next Steps
Hopefully, Risk Management policies in your company are sufficient and easy to implement across all departments. If not, consider leading from within your company, proactively identifying ways to improve, and initiating a project to apply new standards of Risk Management. You can use compliance with ISO 13485:2016 and MDSAP to support your case, and use the resources below to help you plan.
Resources
CONSULTING & TRAINING
Oriel STAT-A-MATRIX (I consult with Oriel)

MaetricsLNE G-MedMDI Consultants

Me(Jason 🙂
AUDITING ORGANIZATIONS
Summary
Modern quality system regulations reduce risk to patients by requiring pre-determined risk management policies, links between departments, and processes that allow continuous improvement.
requires a medical device company’s quality system to be a series of risk-driven processes.Risk can come from non-obvious Hazardous Situations, as described by

Purchasing is critical for ISO 13485 and , and purchasing decisions should be traced to risk-driven processes that are linked to processes in other departments.
Please share
If you think this has been entertaining and useful, please “like” it, link to it, or forward it for others to benefit.
.

Steps away from addiction

2 minute read.
I define addiction as:
Acknowledging an action has consequences harmful to yourself or othersAcknowledging that you’d like to stop an action, then repeating the action

I took this photo in 2010 while laughing with friends after I had surgery and was diagnosed with medical conditions associated with chronic pain. By 2017 the United States was experiencing high levels of opioid and alcohol addictions, which can creep up on you if you’re not mindful. I was prescribed opiate pain medications by the Veterans Administration for nine years, then hiked over the Himalaya Mountains without them; I had surgery, again, in 2018 and didn’t use pain medications.
All addictions have moments when you can make a choice, and you can take steps towards or away from freedom. Take the following steps towards freedom:
Acknowledge that actions can have consequences harmful to yourself or othersObserve your actions and be mindful of whether or not they harm othersIf your actions could be harmful to yourself or others, try changing themIf you can’t change your actions, express this to friends, family, or healthcare providers
Obstacles to freedom include:
You’re unaware of consequences of actionsYou have a false understanding of consequences of actions

You have chronic pain, which leads to depression and addictions
You have a biologic disposition to pain or addiction: 40-60% of risk to addiction comes from genetics
You have an emotional disposition to pain or addiction because of poverty, childhood exposure to addictions, or post-traumatic stress
Defer judging the obstacles or yourself. Instead, focus on observing if there’s a problem, then solving the problem by removing obstacles, such as reducing suffering from chronic pain. Consider professional assistance or the following resources:
If someone you know is addicted, learn how to help them through Al-Anon.
Good luck; you’re not alone.

Dyslexia

6 minute read, unless you’re dyslexic, then it’s 9
19% of us have it, and so do 55% of prisoners and many celebrities. Dyslexia has many forms, and many levels, and we may not even realize we have it. What’s saddening is the correlation between dyslexia, school dropouts, and prison.
Conversely, many famous actors, CEO’s, and entrepreneurs are dyslexic, implying there could be a correlation between dyslexia and success. Less obvious are the 20% of our friends, family, and coworkers who may not realize they have dyslexia and aren’t realizing their potential.
This article summarizes who has dyslexia, the benefits from thinking like someone who’s dyslexic, and what we can do to help anyone communicate more effectively.
Background
People with dyslexia often have difficulty manipulating sounds, poor spelling, delayed visual-verbal responding, or a combination of these traits. We’re not sure why, but it could be related to differences in eye structures for people with dyslexia, or different ways the brain can work. Dyslexic people typically have average to above-average intelligence despite reading more slowly; this may be because everyone’s brain has different regions of strengths.
This image is a simplification of brain functions to illustrate a concept. Note that the dyslexic brain has a larger “Broca’s area,” indicating stronger analysis when speaking.
Dyslexia can be passed genetically. A child can exhibit traits of dyslexia without either parent being aware.

This image is a simplified example of genetic traits not exactly related to dyslexia; it emphasizes that traits such as dyslexia can skip generations and that people can have varying degrees of traits passed through genes.
Kids ability to adapt to dyslexia depends environmental factors such as family behaviors and whether or not an education system recognizes and adapts to diverse learners.

Reading together while pointing to images helps form connections. Even better would be to have real-world situations correlating with the images and words, such as reading about a cat with pictures of a cat while playing with a cat.
Famous people
Many successful people have dyslexia including scientists, actors, politicians, and writers. Many of them

emphasizing their creativity and ability to make complex connections that written words may have hindered.

Who succeeds, and who doesn’t
Most successful people with dyslexia express gratitude that their families, teachers, or peers who allowed them to experience self-esteem during school and build upon their strengths.
Many people don’t have this opportunity at home and suffer in schools that don’t have resources to support diverse learners. The result is a high dropout rate of kids with dyslexia, often leading to prison where the majority of inmates exhibit learning disorders.
My experiences
When I read, my eyes dart across the page and I focus on context rather than individual words. This is common for dyslexia; researchers use cameras to track eye movementsthat may identify reading disorders.
When I focus on reading, it’s difficult for me to combine letters phonetically. I mispronounce words that are new to me, but develop long-term associations if I practice saying them because other areas of my brain are used for verbal processing.

If you’re dyslexic, try saying words as quickly as you see or hear them to create associations in your brain.
If I don’t practice saying the word out loud, I still retain concepts described by the word and form connections with other concepts. In other words, I don’t need to know a word to understand the concept. This has been useful to me throughout my career, allowing me to read faster, ironically, and quickly apply concepts in inventions, programs, and guiding teams. It’s also helped me empathize with people who may not realize they’re dyslexic.
I was a Court Appointed Advocate for two young adults in the foster system who were diagnosed with dyslexia after 10 years of being placed in “slow-learning” classes. They pursued their strengths outside of school, where they felt accepted, and dismissed academic pursuits, where they didn’t feel accepted. Both have been incarcerated several times, which could have been avoided if they had different learning environments at younger ages; we can help all of society by learning communication best-practices for schools and workplaces.
What to do?
Communicate differently.
Methods for helping people with dyslexia learn and communicate are also best practices for effective communication across all of society.
Use audio-visual presentations; when possible include real-world objects or contextProved frequent opportunities for others to reply verbally and confirm understanding, leading to long-term retentionIf possible, allow others to create audio-visual responses in your classroom or meeting. An audio-visual response can be as simple as a piece of paper with visual representations of concepts as they discuss their interpretations.

This image isn’t verified, but shows the concept that most people understand new concepts and retain information longer if they can create mental connections and present their understanding with immediate feedback.
If you think you may have dyslexia, try discussing new concepts without judging your ability to understand them at first. Discussing new concepts without judgement can form permanent connections in regions of your brain that associate words with concepts and allow long-term retention.
Be patient with anyone who hesitates when reading or explaining new concepts.
What to do at school
In the past, classrooms were places where students listened to teachers and did homework on their own to hopefully make connections. Progressive classrooms incorporate project-based learning, where all students learn-by-doing with frequent feedback from diverse audiences to ensure that new concepts are understood correctly and can be communicated with others.

Dyslexia advocate Dean Bragonier leads a hands-on class that puts concepts into context.
Progressive classrooms with sufficient resources encourage students to explore modern communication methods in addition to writing, such as video, animation, art, and physical projects that can convey concepts more effectively than words.
What to do at work
In the past, workplaces had long meetings, people were given written handouts, someone talked a lot, and most people used acronyms that were difficult for everyone to process quickly. Modern workplaces… well, most are still boring and ineffective.
Progressive professionals create audio-visual presentations, minimizing acronyms and jargon. They allow participants to express understanding. They fun with it because most people learn more in a fun and interactive environment.
Resources
If you have children, learn about the symptoms of dyslexia. Consider finding local schools with inclusive learning philosophy. Many will be project-based, catering to a range of learning styles, and may be free, public charter schools within close distance to your existing school.
National, online resources include:
Summary
Dyslexia:

is a difference in audio-visual processing affecting up to 19% of the populationis not an indication of intelligence or characterdisproportionately impacts low-income and minorities due to a combination of genetics and environmental factors
If your child may be dyslexic,

seek professional assessmentsat home, put context behind words and encourage diverse ways of communicatingseek schools that are inclusive of diverse learning styles and incorporate project-based learning
If you may be dyslexic,

zoxRrvW Nosres (just kidding :)Accept limitations and embrace strengths; learn by speaking and doing
If you’re in a work environment,

prepare for meetings with audio-visual presentations using minimal words, acronyms, and jargontake breaks every 10 minutes to have participants re-phrase concepts; be patientencourage team members to do the same

Remember:

I think this image is hilarious! It’s from Pinterest. But, there’s no evidence that people with dyslexia “reverse” letters. Learn symptoms of dyslexia from the Mayo Clinic.

Take these steps to increase your health & mental clarity

4 minute read.
Sitting longer than 30-60 minutes at a time increases your risk of back pain, diabetes, and cardiovascular disease. It also decreases your learning ability and mental alertness.
You can take steps every 30 minutes to increase your physical health and mental clarity; literally, take steps every 30 minutes, at a minimum. For some reason, people aren’t doing this, despite extensive scientific evidence of the risks of sitting and the benefits of moderate motion throughout the day.
This is similar to smoking; for years, people ignored the scientific evidence that proved smoking’s hazards because it was socially acceptable. To help others, we could make sitting all day less socially acceptable, both in the workplace but especially in school classrooms where kids are forming habits that will impact them the rest of their lives.
This article summarizes the science behind getting off your behind, then gives steps anyone could take to improve their health can mental clarity and create a healthier culture for workplaces and classrooms.
Facts
The following statements summarize 18 research studies that, combined, followed 800,000 people for up to 30 years.
People who sit most of the day:
Twice as likely to develop diabetesTwice as likely to have a heart attack2.5 times more cardiovascular diseaseMore back pain
People who alternate sitting and standing:
More energyFewer headaches
Students allowed to move instead of sitting:
Less attention deficit More long-term learning and memory
Exercising once a day does not change the negative effects of sitting all day. Benefit comes from alternating sitting and standing throughout the day, with no more than 20 to 60 consecutive minutes of sitting.
Science
Our bodies and minds are more efficient when in motion because of blood flow, spine biomechanics, and blood sugar levels.
Blood Flow
Sitting puts pressure on our thighs and restricts blood flow, decreasing energy and accumulating toxic wastes. Leg muscles pump blood while walking and, to a lesser extent, while standing. Stand using proper posture, ensuring your knees aren’t locked.
Image from Stepit
Spine biomechanics
Sitting weakens back-muscles and changes orientation of spinal discs. When discs change orientation, nutrients are pumped out, disc height decreases, and pressure on bones increases. Together, this leads to degenerated discs and back pain. Similarly, poor posture leads to abnormal forces in the cervical spine (neck), causing headaches.
The effects of spine degeneration can take years to be felt, and are permanent. When you sit, which should not be for longer than 30 minutes, use the best posture for working on a computer.

Image from The Wave Seat
Blood sugar
Sitting after eating increases blood glucose levels, which can cause diabetes. To reduce your chances of diabetes, eat moderate portions, avoid sugars, and walk after eating.

Mental clarity
Our brains need blood flow and oxygen to be efficient, and throughout history, people have realized that mental clarity comes from standing while working.
Winston Churchill advocated using a stand-up desk.

Earnest Hemingway used a stand-up desk, later in life.

In the 1800’s, inventors and designers recognized the need for stand-up desks.

In the 1700’s, Thomas Jefferson designed his own standing desk.

2,600 years ago, The Buddha described the posture of a person wanting to increase mental clarity, saying [he] “sits down cross legged, holding his back erect…”

Sitting cross legged, with your back erect, negates many harmful effects of sitting. The Buddha also advocated eating moderate amounts and following the middle-way between extremes. The middle-way between sitting all day and standing all day, which is also harmful, is a sit-stand desk.
Sit-stand desks

Sit-stand desks include additions to your existing desk, desks designed to alternate between sitting and standing, and desks with treadmills or other forms of exercise. Examples include:
You can experiment with a standing desk by stacking boxes under your computer.

This improvised standing desk is from a Time magazine article, “How a DIY Standing Desk Changed My Life
Experts
The risk of sitting all day has been emphasized by almost every major newspaper, scientific journal, and government agency.
National Institute of Health& Exercise and Sport Sciences Reviews : Too Much Sitting: The Population-Health Science of Sedentary Behavior
National Health Services, U.K. Why we should sit less
The Economist: Standing Orders
The Washington Post: The health hazards of sitting
National Education Association: “Kids Who Can’t Sit Still
Take these steps
To start:
Never sit for more than 30 minutes without moving.Eat moderately, avoid sugar, and walk after eating.
Advanced:
Investin a sit-stand option for your desk

Practice being mindful of your breathing and mental clarity each day

Help others:
Arrange your workplace, classroom, or meeting room to allow both sitting and standing.

If you think this could help others, please share.

OBEY, Charlie Brown

5 minute read.
This is the history of hope, happiness, and politics. It starts with the caste system in Nepal and ends with how to recognize truthful hope.
The caste system

and learned that Nepal was recovering from a ten-year civil war, had a new democracy, and would be voting for the second time in their history.

All over Nepal, people hoped for a better life from their new democracy. They discussed life, religion, and politics near temples while street-workers sewed strands of flowers.
The flowers were purchased by people on their way to or from work, who would leave them at the temple as offerings. They did their duty, and helped the person selling flowers do their duty. This exchange dated back thousands of years, and is how the caste system views work.

In the caste system, you do the work your father did, who did the work of his father. Your children will do your work.
You can not marry outside of your caste. Your name includes the work you can do.
You hope that by doing your duty you’ll be reborn into a higher caste.
The caste system has been Hindu doctrine for almost 4,000 years, and was Nepali law until recently. But, Nepali people still obey the rules of their former caste system.

OBEY!
An American graffiti artist became famous by swapping “Obey” with “Hope,” leading to a presidential campaign poster.

His Obey logo became a popular clothing line. To be inexpensive, clothing was made in China, which borders Nepal and provides most of the cheap clothing worn by lower castes.

Over the next month, I saw people use the OBEY brand to keep warm as they persevered through manual labor, tedious tasks, and shoveling human waste. All came from families of the lowest castes. Despite the caste-system being illegal, their suffering persists. They hope for change, which was exploited as justification for a civil war while people continued doing their work.

Hope
The Greek gods tormented humankind by giving us suffering in Pandora’s Box. They put Hope in the box, too, because hope prolongs suffering. False hope is what keeps a boxer fighting when there’s no chance of winning, taking punch-after-punch while spectators watch.

Many people misinterpret hope as something positive, but hope was made attractive to entice us. Greek writers warned us about hope and fruitless effort with Sisyphus, who is still being punished by the gods. Each day, Sisyphus carries a rock uphill, hoping he’ll reach the top. Every evening, it rolls back downhill. The gods don’t need prisons; Sisyphus obeys his gods because he has hope.
Hope & Change
Charlie Brown has been hoping to kick a football held by Lucy since 1950. He misses because Lucy intentionally moves the football. Millions of fans know he won’t succeed but enjoy watching him try; we are Charlie Brown’s gods.

The creator of Peanuts sent a message to society for 50 years. He used the words “Hope!” and “Change!”when satirizing politics; those words are still used by politicians today, and we still continue to believe in false hopes.

Modern Sisyphus

Politicians use our desires to their advantage, promising hope, change, and to make things great again. We then obey their rules, wars, and calls for a stronger economy that do not bring more happiness.
Hope keeps us trapped. We don’t enjoy the present moment because we hope for a better job, more money, better possessions, and more happiness.
We send our kids to school, not be happy in the moment, but hoping they learn skills that will get them a job that will make them happy, one day.
To be free from the trap of false hope, seek truthful hope.
Truthful hope
There are differences between false hope and truthful hope:
False hope speaks to our desires; truthful hope speaks to our intellect.False hope speaks about the future; truthful hope begins with the present moment.False hope gives goals without a practical path; truthful hope has small steps, with each step being an incremental improvement.

This isn’t new: 2,600 years ago Prince Siddhartha Gautama rejected the caste system in Nepal and India, teaching people to avoid extremes by following the middle-way. His teachings became Buddhism, the world’s 4th largest religion, not an external deity or god, but on human intellect. Siddhartha’s advice was:
“Each day, do more of what you know to be wholesome, and do less of what you know to be unwholesome.”
To do more of what’s wholesome, seek truthful hope that applies to your unique situation in life. Be mindful of each moment, aware of your thoughts and motivations; do not be swayed by politicians, advertisements, or situations that speak to desires rather than intellect. Plan for the future, but don’t become attached to it. View life as an adventure where nothing’s certain except the present moment. At that point, you’ll be able to look at the promises of hope and change objectively, to see them for what they really are, and you’ll know what to do to escape the cycle.
When there is no desire, all things are at peace. – Lao Tzu
I’m making this up as I go. – Indiana Jones

Peace.
JiP

How to use ISO 14971 to improve a Risky Business

This is under revision… please don’t forward this version. For a current version, please see my iteration on Linkedin.
Early in 2018 I underwent surgery surrounded by medical devices that were made by companies for which I had consulted. As the staff connected to a device that would keep me breathing during surgery, I thought about my experiences helping companies become more innovative while reducing risk to patients. I wrote this article while recovering. To keep it fun I use 1980’s pop-culture to illustrate the most important points.
Background
Reducing medical device risk is a law in the United States and a standard internationally. The regulations define risk as the severity of harm and how likely it is to happen.
Risk = Severity X Probability
This is more than just a definition, it’s a systematic method of reducing risk that provides repeatable, inspectable methods known to reduce harm to patients and create new products. Unfortunately, this method is underutilized or misunderstood, which harms people and adds costs to companies. For example, 44% of medical device recalls could have been prevented by design-controls that included risk-reduction, and up to 250,000 people die each year from accidental deaths in the American healthcare system. But, when used properly, risk management creates safer products, opens new markets, and makes quality control more efficient.
Regulatory requirements
Medical device manufacturing is regulated in United States by 21 CFR 820, and internationally by ISO 13485. Both require risk analysis, but neither describes how to do it, so we use methods from from the International Standards Organization, ISO, which describes Risk Management in ISO 14971:2007. Additionally, selling medical devices in the European Union requires a supplemental standard, EN 2012 : ISO 14971. which requires, among other things, that risk be reduced “As Far As Possible” (AFAP), which is a stronger statement than ISO’s, “As Low As Reasonably Practicable” (ALARP), and implies that cost can not be an obstacle to reducing risk to people, property, or the environment. Including property and the environments in risk is unique to ISO; the Food and Drug Administration limits risk to patients and users.
EN 2012 : ISO 14971 satisfies risk requirements for all countries, and using it allows a abbreviated regulatory process in the United States. A FDA 510(k) submission can refer to EN 2012 rather than explain internal processes that may be questioned by the FDA.
Medical device companies must pass country-specific audits before they can sell products in that country. An exception is the Medical Device Single Audit Program, MDSAP, which is currently accepted by five countries, including the United States. The image below, from Australia’s MDSAP policy, illustrates that risk management should be fundamental to all areas of a company’s quality-control system, especially purchasing from suppliers, and that risk management begins with a company’s management team.
Hazardous situations
A key aspect of ISO 14971 is identifying potential hazardous situations that could lead to harm. Hazardous situations are often unforeseen, especially by a small group of people who are likely biased by their experiences, therefore identifying hazardous situations requires diverse team input and constant re-evaluation. A classic example is the 1986 Space Shuttle Challenger explosion, which stemmed from a small O-ring allowing gas to leak in a rare, but catastrophic series of events that led to a hazardous situation of a postponed launch, a cold launch day, and fuel leaking around the O-ring that was not rated to such a cold temperature. Some people knew of the risk, but, in 1986, systems weren’t in place to ensure risk was analyzed for all hazardous situations.

Risk analysis methods
After identifying potential hazardous situations and harms, risk analysis is conducted to quantify the severity and probability of each harm. Risk analysis must be documented in a systematic way so that your work can continue with a product’s life-cycle, and that assumptions can continuously be monitored and updated. The two most common methods for medical devices risk analysis are:
Failure Modes and Effects Analysis (FMEA)

, which can include a dFMEA for design, a pFMEA for manufacturing processes, a system-level FMEA, a supplier FMEA, etc.

Fault Tree Analysis (FTA)
Other risk-analysis methods are less common to medical devices, but all should lead to similar results. Most use a table, or matrix, to illustrate Risk = Severity X Probability for different scenarios.

Probability is initially assumed based on similar products or scientific literature, and should be continuously updated with data from real-world use. For the matrix example shown, “catastrophic” and “high” risks would be unacceptable, and “moderate” risks would need to be reduced As Low as Reasonably Practicable or As Far As Possible. In the case of the space shuttle, an unlikely probability of a sequence of events leading to a hazardous situation would be balanced by the severity of failure.
To apply a risk analysis matrix for medical devices, each harm must be unambiguous. Harm is defined by ISO 14971, section 2.1, as “physical injury or damage to the health of people, or damage to property or the environment,” and must be unambiguous so that a “severity” number can be applied, monitored, and continuously re-evaluated.
Companies are required to maintain their risk analysis in a risk management file so that auditing organizations can see evidence of continuous improvement by constantly re-evaluating risk, which includes re-evaluating potential hazardous situations and harm that could result from those situations.
Risk Control
Both ISO 14971 and the EN 2012 supplement describe systematic methods of risk management. For example, they standardize how risk is solved by providing three priorities:
Improve the design to be risk-tolerantAdd safeguards to reduce exposure to riskLabels or instructions to educate or warn of risk
Most of us don’t read or follow instructions, so ISO doesn’t consider written warnings to be effective risk control. This partially explains the European Union’s supplement that cost can not be an obstacle to reducing risk, i.e. companies can not apply a warning label to justify not improving their product’s design. This concept is summarized by an image used for training companies, provided by Oriel STAT-A-MATRIX, a training and consulting organization:

Other forms of risk control can be included in manufacturing processes, inspections before shipping products, etc., but it’s important to emphasize that ISO standards clearly state that prioritization should be placed on design and safeguards, whichever is the current “state of the art.” State of the art means that if a solution is known, it should be implemented; if not, extensive justification should be documented for audits. And, per the European Union definition of reducing risk “As Far As Possible,” cost can not be justification for not implementing state of the art risk control.
Post-market surveillance
Risk analysis uses assumptions that must be constantly re-evaluated using real-world data. Your company’s post-market surveillance processes must be linked to your risk-management processes, ensuring real-world data is used to adjust assumptions in a closed-loop system of continuous improvement.
Definitions
The following definitions can help you search risk management regulations:
HARM – injury to people or property
HAZARD – something that can cause harm
HAZARDOUS SITUATION – a situation in which a hazard could cause harm
HAZARD ANALYSIS – a process for identifying hazards and hazardous situations
RISK – the severity of harm and the likelihood it will happen
RISK ANALYSIS – a process for estimating risks from hazard analysis
RISK CONTROL – actions taken to reduce risk for a product
RISK MANAGEMENT – a company’s official, systematic process for reducing risk
RISK MANAGEMENT PLAN – a plan before risk activities, required by law and standards
RISK MANAGEMENT FILE – a document tracing the location of all risk documents
RISK MANAGEMENT REPORT – a report summarizing all risk management activities for a product, and how it will be continuously improved.
Safer Products
Needle sticks:

Hospital caregivers were often exposed to used needles, increasing their risk of a skin puncture and exposure to diseases such as HIV and Hepatitis C. The first company to innovate a way to reduce this risk quickly dominated the market, and other companies scrambled to create their own designs. Now, patients all over the world benefit from multiple forms of risk reduction, ranging from different needle designs to user-friendly disposal containers.

New Markets
Automatic Electronic Defibrillators (AED’s):

In the past, a patient with a heart attack had to wait for trained paramedics to arrive with a cardiac defibrillator. Paramedics were trained to ensure a patient had a heart attack, as opposed to an illness with similar effects, because using a defibrillator on someone without a heart attack could harm them. Companies innovated defibrillators that reduced this risk by detecting a patient’s condition before allowing defibrillation, which allowed public defibrillators all over the world. This expanded market size, and improved public safety.
Improved Quality Control
Manufacturing processes:

The Sulzer orthopedic company recalled one of their hip implants because a manufacturing change introduced risks into their product. Their quality system did not have modern risk management methods, resulting in thousands of patients with failed hips, secondary surgeries, and permanent damage to their livelihood. A billion dollars went towards lawsuits, putting the world’s 4th largest implant manufacturer out of business. Modern risk management methods ensure that changes are reviewed by a risk management team, reducing errors before they become harmful and costly problems.
Resources
CONSULTING & TRAINING
AUDITING ORGANIZATIONS
Summary
Risk = Severity X Probability

Risk management is required by:

FDA ISO
Risk management standards are:ISO

Common risk-analysis methods are: requires a company’s quality system to be a risk-driven process.

Risky Business
I’m having fun with 80’s pop culture while sharing my belief in ; there’s no new information here.

was a 1983 film that springboarded into fame after he danced in his underwear, just like how my career began. (Just kidding.) In the film, a teenage Tom took risks, resulting in harm to his father’s Porsche sports car and their home. Like most movies in the 80’s, their problems were quickly solved with money and quirky but reliable friends.
Healthcare is Risky Business. In the real-world of medical devices, risk affects people’s lives and well-being, and can rarely be fixed with money. If you if they would rather have insurance money or be able to walk normally the rest of their lives, they would have prefered a less-risky hip replacement. Any heart-attack patient saved by a public defibrillator would be grateful for risk-reduction, and hospital workers all over the world are safer each day thanks to reduced risk of needle-sticks.
Our work can be more fulfilling knowing it makes the world a safer, healthier place. We can do our work more effectively by understanding Risk Management regulations that focus on patient safety.
Take a break from saving lives to watch Tom Cruise dance in his underwear, a risk that paid off.

How to pass a quality-system audit using Brown M&M’s

6 minute read.
In the 1980’s, the rock-band Van Halen caused $85,000 damage to their dressing room because they found brown M&M’s in their bowl of “munchies.”
Van Halen’s story can help medical-device companies pass an FDA or ISO Quality-System audit. This article shows you how, but the conclusion may not be what you think.
The 80’s

Van Halen, circa 1985
In the 1980’s, Van Halen was one of the most successful bands in history. According to Wikipedia,
[Van Halen’s] lead single, “Jump”, became an international hit and their only single to reach number one on the Billboard Hot 100. The following singles, “Panama” and “I’ll Wait”, both hit number 13 on the U.S. charts. The album went on to sell over 12 million copies in the U.S. alone.
Van Halen toured nationally; concert venues prepared weeks in advance. Their contract required providing “munchies,” including a bowl of M&M’s with the brown ones removed. In 1982, the band destroyed their dressing room after finding brown M&M’s.

35 years later, I use lessons from Van Halen, and brown M&M’s, to help medical-device companies comply with FDA and ISO requirements.
Jump In
Why would Van Halen’s contract require having brown M&M’s removed? That answer will help explain how to pass quality-system audits. My answer is after this video of “Jump. Feel free to sing along while you think about possible reasons one of the world’s most successful bands would add a clause in their contract about brown M&M’s.

“Jump!” by Van Halen, 1984

The answer is that Van Halen used brown M&M’s to guage attention to detail in their contracts. They toured globally, performing several times a week, and were one of the first rock bands using 3rd-party contractors to prepare concert venues according to their specifications. Stages had to withstand the weight of their show, and electrical circuits had to handle requirements for amplifiers, stage effects, and VERY LOUD SPEAKERS. Van Halen used the contract clause about brown M&M’s to quickly guage if complex safety requirements would be met.

Van Halen stage show in the 80’s
Here’s what the lead singer of Van Halen, David Lee Roth, said about brown M&M’s:
Van Halen was the first band to take huge productions into tertiary, third-level markets. We’d pull up with nine eighteen-wheeler trucks, full of gear, where the standard was three trucks, max. And there were many, many technical errors — whether it was the girders couldn’t support the weight, or the flooring would sink in, or the doors weren’t big enough to move the gear through.
The contract rider read like a version of the Chinese Yellow Pages because there was so much equipment, and so many human beings to make it function. So just as a little test, in the technical aspect of the rider, it would say “Article 148: There will be fifteen amperage voltage sockets at twenty-foot spaces, evenly, providing nineteen amperes …” This kind of thing. And article number 126, in the middle of nowhere, was: “There will be no brown M&M’s in the backstage area, upon pain of forfeiture of the show, with full compensation.”
So, when I would walk backstage, if I saw a brown M&M in that bowl … well, line-check the entire production. Guaranteed you’re going to arrive at a technical error. They didn’t read the contract. Guaranteed you’d run into a problem. Sometimes it would threaten to just destroy the whole show. Something like, literally, life-threatening.
You can read an NPR article about David Lee Roth’s views on brown M&M’s, or listen to Dave explain it himself in

Phrasing
Look at Van Halen’s phrasing in their contract:

They clearly indicated NO BROWN ONES, and asked for twelve (12) Reeses’s peanut butter cups. The other phrasing, such as “assorted” dips, or the open-ended “nuts,” allows freedom for these choices. This is similar how ISO defines their phrasing in ISO 13485:2016 section 0.2:
“shall” indicates a requirement”should” indicates a suggestion”may” indicates a permission”can” indicates a possibility or capability
You can use these phrases to prioritize improvements to your Quality System, or to be more efficient when evaluating your suppliers.
FDA audits
I’ll paraphrase David Lee Roth, imagining him as your guide to the FDA:

Medical Device regulations are to protect public safety. Some requirements seem simple. Other requirements are more complex, and have direct impact on patients.
So, if I walk into an audit and I see simple requirements aren’t met… well, line-check their entire process. They didn’t understand the requirements. Guaranteed you’d run into a problem. Sometimes it would threaten to just destroy the entire process. Something like, literally, life-threatening.
Brown M&M’s for FDA and ISO
The FDA maintains a database of FDA warning letters they sent to companies, which are often commonly found among thousands of companies and can be used as Brown M&M’s. Here are examples of some of the most common warning letters:

Expired calibration of manufacturing equipment
Companies must keep calibration records of equipment used to manufacture medical devices. This is clearly stated in FDA 21 CFR 820.72 and ISO 13485:2016 clause 7.6, so an expired calibration probably means that more complex requirements weren’t followed.

Products or parts of products on employees’ desks without a label identifying the parts as “not for human use”
Companies must identify and control products that are non-conforming so that they are not accidentally delivered to patients. This is clearly stated in FDA 21 CFR 820.90 and ISO 13485:2016 clause 8.3.2, so uncontrolled products probably mean that more complex requirements weren’t followed.

A Design History File with any of the following:
* Design-changes without test data or rationale
* Design-reviews without an independent reviewer
* Long time-periods without updates
FDA 21 CFR 820.30 (j)requires companies to maintain a Design History File for each product, ensuring that decisions follow a plan, changes to plans are team-decisions based on data, and that design reviews have an independent person to reduce bias. Failing any one of these, or going for long time-periods without updates, are all brown M&Ms.
How to Pass any Audit

Brown M&M’s are not the problem, they are a symptom. Use the concept of Brown M&M’s to evaluate the effectiveness of your quality system, then make gradual improvements to your quality system, training, and culture before audits are scheduled. Use these steps:

Make improving your quality system a core responsibility of senior management. Ensure your company’s Quality System complies with FDA Quality Requirements and ISO 13485 Standards.
Continuously improve your quality system by making it a closed-loop process.

Create a culture where everyone understands their role in patient safety; be authentic, transparent, and positive.Perform internal audits, use independent auditors, or hire consultants.Use the concept of brown M&M’s to help you audit your suppliers and subcontractors. If you find Brown M&M’s for a critical supplier, that’s an indication that they may not follow more complex processes, therefore are a risk to your supply-chain and, ultimately, to your customers.

Resources
OFFICIAL DOCUMENTS
The FDA Quality System Requirements (QSR) for medical devices, 21 CFR 820
The International Standards Organization (ISO) quality system standard, ISO 13485:2016

MDSAP audit model

CONSULTING OR TRAINING
AUDITING ORGANIZATIONS
BLOGS WITH 1980’s THEMES
Summary

Brown M&M’s are quick ways to gage compliance with other, more complex requirements

Common Brown M&M’s in FDA warning letters include:
expired calibration on manufacturing or test equipmentmedical device parts outside of a manufacturing area that are not labeled “not for human use”missing signatures or dates in a Design History File
Brown M&M’s can help you quickly gage supplier quality control, which is critical to ISO 13485:2016 and MDSAP.
When using ISO 13485to gage your Quality System or audit a supplier, prioritize requirements with the word “shall,” followed by “should,” “may,” and “can.”
Please Share
If you feel people in the medical device industry would enjoy this article, or benefit from it, please share it.
Parting Thoughts
The 1980’s were fun, and I’m definitely a “child of the 80’s,” as my high-school homecoming photo shows:

Hopefully, I make wiser choices today than I did in the 80’s, especially with haircuts. I help companies make wise choices to become more effective, and I use blogs like this to illustrate concepts in FDA and ISO requirements.

Take this quiz to see if you’re ready for MDSAP

3 minute read, or a 12 minute quiz, if you’re ready.
By January 2019, the Canadian government will require all companies selling medical devices in Canada to be certified under the Medical Device Single Audit Program (MDSAP). There are only a few circumstances in which this deadline can be extended.
If you’re familiar with MDSAP, this article quizzes your knowledge of key concepts. If it’s new to you, read how to prepare for MDSAP.
Background
MDSAP allows medical device companies to sell products in multiple countries with one audit. To help you prepare, I created a guide to MDSAP and this quiz.
If you can answer all questions in this quiz, you should be able to discuss three questions with anyone, at any level, in your company:
Is MDSAP right for your company?If so, are you ready for a MDSAP audit?If you’re not ready, what steps can you take to prepare?
QUIZ
MDSAP overview
How many countries are participating in MDSAP? List them.Is MDSAP mandatory for all participating countries?Does MDSAP add regulatory requirements beyond existing ISO 13485 and country-specific requirements?If your company doesn’t plan to sell products in one of the MDSAP countries, do you still have to comply with that country’s unique requirements to pass a MDSAP audit?
Canada
When will Canada require MDSAP for most companies?

Under what conditions will Canada accept alternative MDSAP routes or deadlines?

Which classes of medical devices apply to Canada’s MDSAP requirements? Check all that apply:

Class IClass IIClass IIIClass IV
Auditing Organizations and audit reports
What is an “Auditing Organization (AO)?”List two, fully-recognized AO’sIf an AO finds a score of 5, how long do they have to report that score to regulatory authorities?If your company receives a MDSAP score of 5, how long do you have to submit a corrective-action plan?How many tasks with scores of 4 result in the same action as one score of 5?If your company has no scores of 4 or 5, how long does an AO have to submit a report to participating countries?
Audit model
How many quality-system “processes” are identified by MDSAP? List them.

What is task 7 for the process “Production & Service Controls?”

Which ISO 113485 clause(s) are used for task 7?If your company sells a product in Japan, list additional requirements for task 7, if any.

The image below is used by some regulatory agencies to summarize MDSAP processes and links. In your own words, explain the concepts this image is trying to convey.

Image thanks to Australia’s TGA
MDSAP grading
Use the MDSAP two-step grading system to answer the following questions.

Scoring matrix via Australia’s TGA
An AO discovers that a company has a procedure addressing ISO 13585:2016, clause 5.5, but did not follow it. This was the first finding, and it did not result in shipping a nonconforming product.

What is the Step 1 grade?What is the Step 2 grade?What is the final grade?Would the AO report this grade to regulatory agencies within five days, or simply include it in their final audit report?
Repeat question #1, but as a second audit, with the previous finding documented and uncorrected.

What is the Step 1 grade?What is the Step 2 grade?What is the final grade?Would an AO report this grade to regulatory agencies or simply include it in their final audit report?

Repeat questions #1 and #2, replacing clause 5.5 with clause 7.3.Repeat question #3, this time as if a nonconforming product had shipped.

Are you ready?
Would MDSAP be useful for your company? Why or why not? (Hint: use the “readiness” questions in how to prepare for MDSAP)

Do you believe your company is ready to pass a MDSAP audit?If your company isn’t ready, what are two things you could do to start getting ready?List three consultants or consulting companies that provide MDSAP training or consulting.

Conclusion
MDSAP is straight-forward and transparent. To paraphrase The Buddha, there are no secrets “hidden in the closed fist of the teacher.” If you weren’t sure about portions of the quiz, see these key resources, which include links to consultants and trainers to help larger groups gain understanding of medical device quality systems and regulations.
Resources
OFFICIAL DOCUMENTS
Canada’s MDSAP updatesSearch “MDSAP” in the
CONSULTING OR TRAINING
AUDITING ORGANIZATIONS (AO’s)
Good Luck!
Please share this blog if you think other people could benefit from it.