Let's Talk Risk! with Dr. Naveen Agarwal

You cannot reverse engineer your human factors regulatory strategy at the 11th hour.FDA’s new human factors guidance is not just about what goes into a marketing submission. It changes the way teams need to think about use-related risk, critical tasks, labeling, training, post-market evidence, and design change control across the product lifecycle.In this audio case study, we walk through why Category 3 human factors validation may become the default concern when critical tasks are introduced or impacted and why Decision Point D is not a shortcut, but an evidence-based exception that depends on history of use, user interface complexity, and the adequacy of existing risk controls.Key highlights covered in the audio:* Why human factors can no longer be treated as a late-stage submission activity* How use-related risk analysis drives the identification of critical tasks* Why Category 3 validation may be triggered by more than obvious design changes* How Decision Point D may reduce submission burden — but only with strong evidence* Why post-market surveillance data now has direct pre-market strategic valueKeywords: FDA human factors guidance, medical device marketing submissions, use-related risk analysis, critical tasks, Category 3 human factors validation, Decision Point D, eSTAR, QMSR, medical device usability, post-market surveillance, design validation, medical device labeling.🎧Click Play above to listen to a brief audio summary about this case and lessons QA/RA and Clinical professionals can apply in practice using the newly released FDA Guidance.Thanks for reading Let's Talk Risk!. If you liked this post, share with others.Note:The audio summary was prepared using Google NotebookLM, an AI-enabled research tool. Here are a few key resources used for this analysis:* FDA (2026, May 29), Content of Human Factors Information in Medical Device Marketing Submissions, Final Guidance, FDA. * Al-Faruque, F. (2026, May 28). FDA provides additional examples, clarity in human factors guidance. Regulatory Affairs Professionals Society (RAPS). * Lenz, A. R. (2026, June 3). FDA Issues Final Guidance for Content of Human Factors Information in Medical Device Submissions. FDA Law Blog. * Pure Global. (2026, June 2). FDA Human Factors Guidance 2026 Update for Device Submissions. Pure Global Regulatory News. * Regulatory Evolution of Human Factors in Medical Device Submissions: A Comprehensive Analysis of the Final FDA Guidance and Its Quality System Implications. (2026). * Strochlic, A. (2026, May 29). Key Updates in the Final FDA Guidance: Content of Human Factors Information in Medical Device Marketing Submissions (2026). Emergo by UL. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“For years, clinical evaluations were mostly a story. What was missing were clearly defined outcome parameters, something measurable that connects the state of the art to benefit–risk conclusions.”In this Let’s Talk Risk! conversation, host Naveen Agarwal welcomes back Florian Tolkmitt, Managing Director of Pro-Liance Global Solutions, for a timely and highly practical discussion on clinical evaluation for medical devices.The conversation centers on the newly released draft ISO standard for clinical evaluation (ISO/DIS 18969), why it was developed, and what problem it is trying to solve. Florian shares first-hand insight from his role in the ISO working group, highlighting common industry misunderstandings, especially around outcome parameters, state of the art, and the linkage between clinical evaluation and ISO 14971 risk management.Together, Naveen and Florian unpack new terminology such as clinical risk, clinical outcome parameters, and available knowledge, clarifying how these concepts are meant to sharpen focus on patient-relevant benefit–risk decisions without overloading clinical evaluation with non-clinical risk data. The episode closes with practical reflections on how manufacturers, especially those struggling with EU MDR expectations, can use this process standard to strengthen their clinical evaluation approach.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and introduction to the topic of clinical evaluation01:25 What companies still get wrong about clinical evaluation03:10 Overview of the new ISO/DIS 18969 draft standard05:30 Why the standard is process-focused, not regulatory06:20 ISO 14971 as a normative reference and the idea of “clinical risk”10:20 State of the art vs. “available knowledge”17:40 Clinical outcome parameters and measurable benefit–risk25:00 Why this standard matters and who will benefit mostIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Clinical Evaluation Now More Important Than Ever Under EU-MDR.LTR: Smart Use of AI for Clinical Evaluation.LTR: Clinical Evaluation a Lifecycle Process Not a One Time Activity.Key Takeaways* Clinical evaluation is not a narrative exercise, it must be outcome-driven.* Not all risks belong in clinical evaluation; patient-relevant risks do.* Outcome parameters should be derived from state of the art, not after the fact.* The new ISO draft aims to harmonize global practice without reinventing regulations.* A strong clinical evaluation process improves both regulatory confidence and decision quality.KeywordsClinical Evaluation, ISO/DIS 18969, Risk Management, ISO 14971, EU MDR, Clinical Risk, Benefit–Risk Assessment, State of the Art, Post-Market Surveillance, Medical Device RegulationAbout Florian TolkmittFlorian Tolkmitt is the founder and owner of PRO-LIANCE GLOBAL SOLUTIONS GmbH providing consulting services in all aspects of clinical evaluation, regulatory affairs, risk and quality management. He is an expert in clinical evaluation, post-market clinical follow up and post-market reporting compliance. As a co-founder and board member of RAPS Deutschland e.V., he is very active in the regulatory community sharing his expertise and mentoring industry colleagues.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Risk management should not be a compliance checkbox. It must actively govern design decisions and feedback loops across the product lifecycle.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Pujitha Gourabathini, Quality Assurance and Risk Management leader at Becton Dickinson, to explore one of the most persistent challenges in MedTech: effectively integrating risk management with design controls.Pujitha shares practical, experience-based insights on why risk files often become disconnected from design inputs, verification strategies, and sustaining engineering changes. Drawing on real-world examples, she explains how “like-for-like” assumptions, tight timelines, and limited cross-functional engagement can quietly erode patient safety if risk is not continuously reassessed.The conversation goes beyond procedures to focus on culture, highlighting the importance of collaboration, early engagement, and continuous improvement to ensure risk truly governs design decisions. As QMSR approaches, this episode offers timely guidance for QA/RA and engineering leaders looking to move from checkbox compliance to lifecycle risk assurance.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and introduction01:00 Pujitha’s path into quality and risk management03:40 Where risk and design controls disconnect in practice05:20 Sustaining engineering: the most overlooked risk blind spot06:40 “Like-for-like” changes and dangerous hidden assumptions09:00 Proactive risk reassessment through continuous improvement11:10 Organizational barriers: timelines, awareness, and ownership25:05 Closing takeaways: culture, collaboration, and QMSR readinessIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Managing Post-Market Design Changes.LTR: Building Safety by Design.LTR: Beyond Compliance - Building Good Practices Under QMSR.Key Takeaways* Risk management must actively inform design inputs, outputs, and verification, not exist as a standalone file* Sample sizes and verification strategies should be scaled to patient impact, not convenience* Sustaining engineering changes often carry hidden risk and deserve the same rigor as new product development* “Like-for-like” component changes can invalidate prior risk analyses if assumptions go unchallenged* Continuous improvement programs work best when risk awareness extends beyond Quality into engineering and project management* Early collaboration reduces rework, delays, and late-stage risk discoveries* QMSR raises expectations for closed-loop feedback between design, risk, and post-market dataKeywordsRisk management, design controls, QMSR, sustaining engineering, ISO 14971, patient safety, verification strategy, continuous improvement, safety culture, lifecycle riskAbout Pujitha GourabathiniPujitha Gourabathini is a Quality Assurance and Risk Management leader in the medical device industry with deep expertise in lifecycle risk integration, design controls, and post-market safety. She currently serves as a Quality Assurance Manager focused on risk management, where she leads cross-functional efforts to embed patient safety into both new product development and sustaining engineering activities.With hands-on experience across ISO 14971, FDA QSR/QMSR, EU MDR, and safety assurance practices, Pujitha is passionate about moving risk management beyond documentation toward practical, decision-driven application. She is an active contributor to industry discussions through writing, mentoring, and knowledge sharing—advocating for stronger safety culture, continuous improvement, and proactive risk ownership across organizations.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“The industry is aware of QMSR, but they’re not moving. Many are still holding their breath, hoping something will change.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal is joined by Michelle Lott for a deep and practical discussion on QMSR readiness as FDA’s February 2026 deadline rapidly approaches. Michelle shares a sobering view of where the medical device industry truly stands, highlighting a dangerous gap between awareness and action.The conversation explores how FDA is signaling its expectations well before inspections begin, particularly through new draft guidance for pre-market submissions. Together, Naveen and Michelle unpack what “risk-based approach” really means under QMSR, not just for design and development, but across supplier controls, CAPA, complaints, data analysis, and management review.They also examine one of the most consequential shifts under QMSR: FDA’s expanded authority to review management responsibility and system-level effectiveness. The episode closes on a forward-looking note, emphasizing the opportunity for QA/RA leaders to reposition themselves, not as compliance enforcers, but as strategic partners in prevention, assurance, and sustainable patient safety.Chapters00:00 Why QMSR readiness matters now01:00 Industry complacency and false hope for delays05:00 FDA signals through pre-market guidance09:00 Compliance vs. assurance: what FDA really wants11:00 What “risk-based” means beyond ISO 1497114:00 Where companies should prioritize immediately17:00 Management review and executive accountability26:00 The opportunity for QA/RA leadership under QMSRSuggested links:* LTR: Risk, CAPA and FDA Inspections under QMSR. * Lean RAQA: RAQA Services, Resources and Courses. * FDA: Voluntary Improvement Program (VIP).Key Takeaways* Many companies are aware of QMSR, but are still not acting with urgency.* ISO 13485 alignment significantly reduces compliance risk, but does not eliminate it.* FDA has already committed to inspecting against QMSR beginning February 3, 2026 and there is no grace period coming.* New PMA draft guidance signals FDA’s shift from compliance evidence to assurance of sustained safety and effectiveness.* “Risk-based approach” under QMSR applies across the entire QMS, not just ISO 14971 hazard analyses.* Management review is no longer protected territory; FDA can now assess how leadership identifies and responds to systemic risk.* The five chronic FDA pain points: CAPA, complaints, design controls, supplier controls, and nonconforming product, will matter even more under QMSR.* Strong QA/RA leaders can use QMSR as a platform to become prevention partners, not procedural gatekeepers.KeywordsQMSR readiness, FDA QMSR, ISO 13485, risk-based approach, risk-based assurance, compliance vs assurance, FDA inspections, management review accountability, CAPA effectiveness, supplier controls, quality system maturity, QA/RA leadershipAbout Michelle LottMichelle Lott is the founder of Lean RAQA, where she provides fractional RA/QA leadership, audit prep, quality system design, and regulatory strategy for MedTech startups and small companies. With 20+ years of experience and an RAC certification, Michelle has helped hundreds of firms navigate FDA submissions and ISO compliance, bringing clarity and efficiency to even the most complex regulatory challenges. DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Under QMSR, FDA will still be FDA, but they’ll finally have broader authority to cite what they’ve always cared about.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Adam Isaacs Rae to unpack one of the most misunderstood aspects of FDA’s new QMSR rule: the parts that aren’t changing.Adam brings a unique dual-lens perspective as both a medical device consultant and a lead auditor for certification bodies. With trademark clarity and humor, he explains why focusing only on “closing gaps” misses the real risk. The conversation dives into places where FDA will continue to operate exactly as before such as design control expectations, CAPA rigor, complaint handling scrutiny, and the agency’s ability to dig deeper under the broader ISO 13485 framework.Across thirty minutes, Naveen and Adam explore how QMSR will shift the conversation from timeliness to effectiveness, from dashboards to real risk thinking, and from procedural compliance to deliberate regulatory strategy in complex multi-market environments.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction and welcome00:53 The story behind “The Other Consultants”02:22 Why QMSR prep must go beyond gap assessments03:12 What QMSR won’t change and why it matters04:59 Design control complexity under QMSR08:00 FDA’s deeper reach into complaints and risk13:41 CAPA becomes CA + PA and effectiveness takes center stage23:07 Key takeaways and closing remarksIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: 90-Day Action Plan to Review QMSR Readiness.LTR: Beyond Compliance - Building Good Practices Under QMSR.ACHIEVE Workshop: Using ChatGPT to Analyze Recalls and Adverse Events. Key Takeaways* QMSR changes the requirements, not FDA’s inspection philosophy. The agency will still probe deeply and expect strong evidence of safety and effectiveness.* Design control complexity will increase. Especially for manufacturers managing the same device across the US, EU, and UK under a unified system.* Risk integration becomes unavoidable. Under ISO 13485, FDA can now cite weaknesses in risk-linked processes more explicitly.* Complaint handling scrutiny will intensify. Inspectors can now ask for “your highest-risk complaints”, and expect a defensible rationale.* CAPA becomes CA + PA. Terminology harmonizes with ISO, but FDA’s expectations for root cause depth and recurrence prevention remain unchanged.* Effectiveness will take center stage. FDA will look beyond timeliness KPIs and challenge the thinking behind effectiveness criteria.* Effectiveness must be defined up front. Not after the corrective actions are completed, a common failure mode in CAPA systems.* Recurrence and escapes remain FDA’s biggest red flags. QMSR simply gives them broader grounds to write findings.* Manufacturers must rethink regulatory strategy. Reliance sounds attractive, but differing market routes require clear separation and intentional planning.* The biggest risks come from what QMSR doesn’t change. These unchanged legacy expectations can “sting” manufacturers who assume harmonization means simplification.KeywordsQMSR, ISO 13485, FDA inspections, design controls, CAPA, corrective action, preventive action, effectiveness criteria, complaint handling, risk-based quality, regulatory strategy, post-market surveillanceAbout Adam Isaacs RaeAdam Isaacs Rae is a medical device quality and regulatory leader and Managing Director of The Other Consultants and The Other Auditors. With over a decade of experience across global medical device manufacturers, regulatory bodies, and certification audits, Adam brings a rare dual perspective as both consultant and lead auditor for ISO 13485. He specializes in pragmatic, risk-based compliance strategies that balance regulatory rigor with business realities, and is known for his clear, conversational approach to complex topics like QMSR, CAPA, and international market access.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe