The Importance of Design Control in Medical Devices

Differences in Quality Control Between Pharmaceuticals and Medical Devices

In pharmaceuticals, most product recalls are caused by quality control issues at manufacturing facilities. However, in the case of medical devices, even if properly manufactured at the facility, if the design itself is inappropriate, the device cannot be safe. This fundamental difference highlights the critical importance of design control in medical devices. Therefore, design control for medical devices is one of the most important processes for ensuring product safety and effectiveness.

Historical Background of Regulatory Requirements for Design Control

The US Food and Drug Administration (FDA) gained authority over design control through the Safe Medical Device Act enacted in 1990. Subsequently, 21 CFR Part 820.30 (Design Control Regulation) came into effect in October 1996 and was implemented as the Quality System Regulation (QSR) in June 1997. This regulation requires complete documentation of design control procedures for all Class II and Class III medical devices, as well as specific Class I medical devices.

It should be noted that as of February 2, 2026, 21 CFR Part 820 is scheduled to transition to the Quality Management System Regulation (QMSR), which will reference ISO 13485:2016. This will further strengthen harmonization between US and international standards.

In Europe, design control requirements have also been strengthened through the Medical Device Regulation (EU MDR 2017/745), which came into full force in 2021.

The Therac-25 Incident: Critical Lessons in Software Design

Between June 1985 and January 1987, six serious radiation overdose accidents occurred with a radiation therapy device called the Therac-25. These accidents resulted in multiple deaths and serious injuries. Initially thought to be equipment failures, detailed investigations revealed that the cause was a software design defect known as race conditions.

What was particularly serious was that the medical device company conducted insufficient investigations in response to initial accident reports and failed to identify the root cause, resulting in similar accidents recurring over approximately 19 months. This incident is counted as one of the world’s top 10 software accidents and serves as a historical lesson demonstrating the importance of software design control and safety verification in medical devices.

Furthermore, an important point is that unlike its predecessors (Therac-6 and Therac-20), the Therac-25 had omitted hardware safety interlock mechanisms and relied excessively on software. This was one of the factors that aggravated the accidents. From this lesson, current regulatory requirements demand implementation of multi-layered safety mechanisms including both software and hardware, not just software alone.

Fundamental Challenges in Design Control

Medical device accidents often occur due to gaps between “the user’s intended use” and “the designer’s design philosophy.” Therefore, it is extremely important to appropriately and thoroughly document user requirements specifications and accurately reflect them in the design.

For example, suppose there was no surgical scalpel available for surgery. So someone purchased the highest quality knife from the finest cutlery shop nearby. However, even if it is the finest knife, it is obviously unsuitable for the “user’s intended use” of surgery. This demonstrates the principle that even if product quality is high, it cannot be used safely if it does not conform to the intended purpose. Such inappropriate use can lead to serious accidents.

Key Elements of Design Control

ISO 13485:2016 and US FDA regulation 21 CFR Part 820.30 require the following design control elements:

Design Control Element	Main Content	Purpose
Design Planning	Project planning for design and development activities, clarification of responsibilities, milestone setting	Overall project management and progress visualization
Design Input	Documentation of user requirements, intended use, safety requirements, regulatory requirements, risk analysis results	Clarification of requirements that form the basis of design
Design Output	Design specifications, drawings, manufacturing instructions, software code	Materialization of design requirements and bridge to manufacturing
Design Review	Systematic evaluation at each stage of design, identification and resolution of issues	Confirmation of design adequacy and progress
Design Verification	Confirmation that design outputs meet design inputs (bench testing, etc.)	Verification of accurate implementation of design specifications
Design Validation	Confirmation in actual environment that product meets user requirements and intended use	Confirmation of effectiveness and safety in actual use environment
Design Transfer	Process of transitioning from design to manufacturing	Accurate communication of design intent to manufacturing
Design Change Control	Documentation, evaluation, and approval process for design changes	Maintaining design integrity throughout product lifecycle

These elements do not exist independently but form an integrated system that supports the development of safe and effective medical devices while being interrelated with each other.

Importance of Design Validation

Even if a medical device design fully meets user requirements, the user requirements themselves may sometimes be inappropriate. Therefore, regulatory requirements and international standards for design control in medical devices (ISO 13485:2016) require implementation of design validation.

In design validation, testing must be conducted using initial production lots or equivalent products in the actual user environment or an environment simulating the user environment, by actual users or persons with equivalent qualifications. This means that not only theoretical verification in laboratories, but also comprehensive evaluation assuming actual usage situations is necessary.

Integration with Risk Management

In many cases, user requirements do not include specific safety requirements. Therefore, design inputs (requirement specifications) must appropriately reference and integrate the results of risk analysis based on ISO 14971 (Risk Management for Medical Devices).

ISO 14971 requires the following risk management processes:

1. Risk Analysis: Identification and evaluation of hazards (potential sources of harm)
2. Risk Evaluation: Judgment of acceptable risk levels
3. Risk Control: Implementation of risk reduction measures
4. Residual Risk Evaluation: Confirmation of risk levels after risk reduction
5. Risk Management Review: Judgment of overall risk acceptability
6. Post-market Information: Collection of information after product use and reflection in risk evaluation

These risk management activities must be integrated throughout the design control process and conducted continuously.

Importance of Usability Engineering

The latest international standard IEC 62366-1:2015/AMD1:2020 clearly positions foreseeable misuse by users as the manufacturer’s responsibility. Therefore, special attention must be paid to usability engineering (design of user-friendliness based on human factors).

In usability evaluation, the use specification—”who,” “in what setting,” and “how” the device will be used—is crucial. For example:

• Automated External Defibrillators (AEDs) used for the first time without reading instructions in the hustle and bustle of a station concourse
• Electrocardiographs used in emergency situations in a shaking ambulance
• Auto-injectors used by children or elderly people at home

As these examples demonstrate, it is necessary to comprehensively consider the use environment, user characteristics (age, training level, physical capabilities, etc.), and usage situations (emergency vs. normal use, single user vs. multiple users, etc.).

IEC 62366-1 requires a two-stage evaluation process: formative evaluation and summative evaluation. Formative evaluation is repeatedly conducted at each stage of design and development to improve the design. Summative evaluation, on the other hand, is conducted using the final product to confirm safety of use.

True Meaning of Usability

When people hear “usability,” they tend to imagine “ease of use,” but that is a one-sided understanding. The essence of usability engineering is to facilitate intended use and prevent misuse. In some cases, intentionally making something “difficult to use” is also part of usability.

For example, modern disposable lighters have heavy ignition buttons that make them difficult to light. This is a safety measure to prevent children from starting fires through mischief. Similarly, certain medical devices require multiple confirmation steps for important setting changes or display warning messages before dangerous operations. All of these are safety designs included in the scope of usability engineering.

Significance of Regulatory Requirements and International Standards

Regulatory requirements and international standards are essentially an accumulation of wisdom “to avoid repeating past mistakes.” Lessons learned from numerous medical device accidents, including the Therac-25 incident, are reflected in current regulatory requirements and international standards.

Major regulatory requirements and international standards include:

• ISO 13485:2016: International standard for quality management systems for medical devices
• 21 CFR Part 820.30: US FDA design control regulation (scheduled to be revised as QMSR in February 2026)
• ISO 14971:2019: International standard for risk management of medical devices
• IEC 62366-1:2015/AMD1:2020: International standard for usability engineering of medical devices
• IEC 62304:2006/AMD1:2015: International standard for medical device software lifecycle processes
• EU MDR 2017/745: European Medical Device Regulation

Without complying with these regulatory requirements and international standards, it is impossible to design and manufacture safe and effective medical devices. These are not merely administrative requirements but essential requirements to protect patient safety. Therefore, all stakeholders involved in medical device development are required to deeply understand these requirements and implement them faithfully. They must never be neglected.

Conclusion

Design control for medical devices is a fundamental process for ensuring patient safety and product effectiveness. As the Therac-25 incident demonstrates, deficiencies in the design stage cannot be compensated for by any quality control in the manufacturing stage. Implementation of a systematic design control process based on regulatory requirements and international standards, integration of risk management, and appropriate implementation of usability engineering are essential for developing safe and effective medical devices. All professionals in the medical device industry are required to understand and practice these requirements not as mere regulatory compliance, but as essential activities to protect patient safety.