Guest article by Stephen Smith - QARA expert
I had the pleasure of working with Stephen at CMR Surgical - and I can tell you, he knows a thing or two about the QARA side of surgical robotics. He'd sent me an article to ask my opinion - and I thought tbis would make a great blog on my site here. So enjoy...
And if you need to get hold of Stephen - you can find him here - https://www.practicalqara.com
By nature medical device start ups are often spin outs characterised by academics and people who may not have had exposure to previous joys of getting a new device to the market, and that’s ok. The drawback is that they often do not realise how hard it is to get a new device to market especially one as complex as a surgical robotic system.
So, let’s say you have a great idea for a new robotic device or any medical device for that matter. You have thought about the technology, know roughly what type of surgery you think the system is capable of and set about building a prototype. You build your prototype, everything is good so you start to think about upscaling and selling. You desperately need that return on investment and keep that positive news flow to the investors. Time is of the essence, we get it, we have been there with robotic companies and many other start-ups.
To quote Elon Musk, ‘Prototypes are Easy, Production is hard’. He is right but are medical device prototypes that easy? Practically, yes. It is relatively easy to knock up a few in a lab and get them working how you think they need to be working. The fun comes when you want to up-scale and sell them. Such challenges increase exponentially with device complexity. Both authors have seen many start-ups fail as they do not consider key elements in the prototype stages, such as;
Can you actually manufacture it at scale? Building a prototype in a lab by R & D Scientists and Engineers is one thing, being able to mass produce with reproducibility and reliability is quite another.
Do you really know what the customer wants? It is often totally different to what you think they want.
Who will be using your robot? Yes, obviously surgeons, but what type of surgeons? Surgeons with experience in robotics, general surgeons, specialty surgeons, surgeons who have just qualified? Do surgical practices differ according to territories in which you want to sell it?
What is the kind of environment that the device will be used in, the extremes of those environments, the chaos?
Introducing Quality Assurance (QA) and Regulatory Affairs (RA).
And then there is the often neglected aspect of QA and RA. First a little perspective and food for thought. ‘First do no Harm’ is the Hippocratic Oath in which medics must abide by in practice, and we think it is fair to say that nobody could argue with this and we are all glad this is the case.. In essence doctors/surgeons perform three tasks, they Diagnose, they Treat, and they Monitor. They go through many years of training, theoretical and practical examinations before they are let loose on patients. Such that the patient does not come to any harm under their care. And again, we are all kind of glad they do. They are also governed by bodies such as the General Medical Council in the UK. In essence, medical devices perform the same functions, they Diagnose, the Treat, they Monitor, yet we as device developers and manufacturers do not need to undergo any medical training or undertake exams in order to diagnose, treat or monitor those on the receiving end of our devices. Now think about how much medics rely on devices to either make their decisions in entirety or to aid them. Scary?
Let’s now introduce QA and RA. Whilst QA and RA arguably are different disciplines, they are inextricably linked in practice.
With an objective of ‘first do no harm’ they are essentially there to make sure our devices do what we say they do and patients will not be in a worse state after using our device than before.
Let’s start with Quality Assurance where the word ‘Assurance’ is key. How will you ‘assure’ the quality of your system? Quality is about knowing what the customer wants and having a product that meets those requirements, first time, every time. ‘Assuring’ Quality can only come about by reducing sources of variability in the design and the manufacturing process; so we first need to know where these sources of variability originate, how to address them and how we will verify our fix. There is also the not insignificant requirement of a Quality Management System (QMS). As the title implies this system is supposed to assure quality for all products covering aspects such as design control, supplier control and Internal audits – yes, you will need to do these too. And your Quality system will also need to be certified. Fortunately the need for a QMS seems to be widely acknowledged at an early stages by execs but having one which is complaint is one thing, having one which is compliant and effective (I won't bog you down) is quite another.
Regulatory Affairs, is primarily about gaining approval so your device can be marketed. There are many regulations and the more complex your device, the more regulations you will have to comply with. Regulations are getting more stringent. Take the introduction of the EU Medical Device Regulation (2017/745) for instance. This has resulted in a significant increase in the level of pre-market scrutiny that is required to get your device to market. And where there is increased scrutiny, the costs also increase.
Regulations will vary according to where you want to sell it, but taking the EU as and example your robot and documentation will need to demonstrate electrical safety, most commonly to the EN60601 series of standards. If it has batteries in back up systems and sold in the EU you will need to comply with the Battery Regulation 2023/1542. As an invasive device you will need to show biocompatibility to the ISO10993 series. Usability to the IEC62366 series, software to the EN62366 series, clinical investigations to ISO14155, risk to ISO1491, the WEEE regulations, the RoHS regulations… to name a few: but you get the picture. Getting regulatory clearance for a robot is no mean feat and will take time... and a lot of money.
The Pitfalls
You may think your robot prototype is great and it probably is. It may work great in the lab, may have worked great in your animal and cadaver studies, but... if it does not meet biocompatibility or electrical safety requirements, it isn’t going anywhere near a patient. Many companies fail to consider the requirements of standards or regulations in good time and/or fail to keep up with regulatory changes. Central to your device will be clinical evaluations. How will you do this? What are your determinations of safety and effectiveness? What are your end points? You’ll also need ethical approvals, is the population of your trial(s) representative of your target population? The list goes on, and will need to be considered at the very early stages.
Central to QA and RA is a four-letter work ending in K that is pivotal to success, or failure – RISK. Getting back to the Hippocratic Oath mentioned above, in order to ‘do not harm’ we must know what the risks of our device are and mitigate these risks accordingly. Regulations are ultimately there to protect the patient and user from risk, and there are any different types of risk. ISO14971 is the standard for medical device risk, and whilst not strictly deemed as obligatory, it is expected, so you had better have a pretty solid rationale for not adhering to it. Central to this standard is the concept of ‘Generally Acknowledged State of the Art’. You will be expected to have conducted a thorough analysis of, and have an understanding of the Generally Acknowledged State of the Art in relation to the Intended Use and Indications of your Robot. And how your device will present a favourable benefit-risk assessment against it. It is all about understanding and demonstrating device safety.
The severity of harm, if your robot malfunctions, can be catastrophic; and one malfunction can put an end to your venture in an instant. As highly complex devices the potential points of failure will go into the thousands if not tens of thousands.
Your robotic surgical instruments are where the rubber meets the road. Whilst they may not be the most complex part of your system they probably present the highest risks. Each instrument alone is a highly complex and will present some of the biggest challenges. Each cable, mechanical joint, electrical connection will present single points of failure. But you will also need to consider multiple points of failure. As an example, if the user misses the port (it happens!) and the device bends back on itself, this may cause a cable to break! But will that one break in a cable result in additional strain on the others? Will an unforeseen surge in electrical current in electrocautery result in weakening of cables? Will too high a torque from the robotic arm impact any haptic feedback through the instrument or result in parts becoming detached from the instrument?
There are countless permutations and combinations of device failure and whist we cannot be expected to foresee each one, we will be expected to have made a thorough attempt and demonstrate due diligence in the process.
Aside from risks relating to the device failing from a technical perspective, consideration of usability risks and the operating environment are equally as critical and will receive scrutiny from regulators for good reason. Whilst it is relatively safe to assume the users are all trained to a similar level clinically, there are other considerations, such as are they as tech savvy as each other? One user might love technology, be a huge fan of robotics having used them for years... whilst another may still be coming to terms with the steam engine, being a complete technophobe and avoiding them like the plague.
Both Surgeons will present different risk profiles to the device but will likely fit your user profile. It is essential that you get input from extremes of users when analysing your risk.
And how do we deal with risks once identified, and then verify any mitigations put in place? If for example, in the case of a fault, it was decided that an audio alarm will sound... how many other alarms or noises will be present in the operating environment? How will the surgeon know how to react on being made aware of an alarm? If a visual alarm, how is it distinguishable from other flashing warnings? What if the user is colourblind?
Put simply, if you do not comprehensively analyse risks and include sound verified risk mitigations in your design, it will come back to bite you by either not getting past regulatory scrutiny, or worse resulting in an adverse event and recall. Not getting approval in the first place is actually the lesser of the two evils.
Whilst investors might not be best pleased with a delay to approval, they will be less pleased with an adverse event where a patient is harmed. Both authors have seen devices and start-ups fail as they simply neglect to adequately consider: design risk coupled with user needs, user variability, the use environment, and multiple points of failure.
What we Suggest.
With a combined 50+ years in devices the authors have been there, done it and got the scars as well as grey hairs to prove it. With that in mind we have the following advice:
Consider Regulator(s) as a CUSTOMER who you need to satisfy as much as those buying the system. If there is a requirement to make your surgical graspers of a certain type of material - then that is a design input. If there is a regulatory or guidance requirement to have your instrument cables to a specific tensile strength - that is a design input. If there is a requirement that an audible warning must be of a certain decibel for the use environment - that is a design input….you get the picture…
Know your user(s). You may think you know how the device will be used, or want them to use it in a certain way... but the harsh reality is, they won’t. Operating theatres can be chaotic and your robot is not the centre of attention. It needs to be easy to use by all users, including those technophobes. If you want something broken in ways you cannot conceive, give it to a medic. If you want to see how the device can be used incorrectly as well as broken in inconceivable ways, give it to two medics. Ease of use and usability is critical.
Know your applicable regulations, standards, and guidance documents from the get-go. Quality and Regulatory requirements are dynamic and you need to keep abreast of changes and trends. Many standards are also not cheap, so these will need to be budgeted for. Guidance documents are plentiful and useful, use them. Whilst they are termed ‘guidance’ and therefore not obligatory, many inspectors treat them as such.
Many requirements in regulations and standards can be interpreted and applied in different ways. You need a sound rationale to show how you interpreted and applied them. QA and RA can help with this, but it is not their ultimate responsibility. Whilst they might have scientific, engineering or medical degrees... they are not experts in everything, and cannot be expected to understand much of the technical jargon. But they will help you.
Unfortunately there is a lot of inconsistency in what reviewers/inspectors/auditors deem acceptable; with most having their own preconceived ideas. So you need to be prepared to present your case in a clear concise manner. Whilst they may have knowledge of the area they are inspecting, they will not know the product as well as you. Know your risks, mitigations and be prepared to defend them.
Lead times to regulatory clearance can be long, as well as super expensive, so it is essential that you include realistic timelines in your project plans and budgets. Also keep in mind that times to regulatory clearance are often best case, and they will likely take much longer... with added costs for additional reviews. In the EU and UK, Notified Bodies and Approved Bodies are commercial entities. They charge an absolute fortune, with questionable reliability and consistency. They will make more money out of more visits and reviews... so it pays to get it right first time.
Importantly, QA and RA personnel are not the enemy! Despite what it may appear at time, they want the same outcome as you do, and are only doing their job. If they say something needs to be different, then they are saying bercause they believe a regulator will require that, based on their experience. It is not the QARA team you need to convince. Remember they do not make the rules nor necessarily agree with many of them. Their job is not an easy one, they take a lot of flack so be nice to them. (Please.)
Meeting QA and RA is more than just a tick box. A poor device may still meet regulations, same as a poor Quality System can be certified, however a poor device will not sell and may result in an adverse event, and a poor quality system will burden you down with bureaucracy. Get it right from the start. It all starts with design.
These are views of the author and are meant for educational purposes only.
Comments