Design Controls & CAPA

Design Controls

Why Design Controls Matter Under MedDO

MedDO Annex I requires that devices are designed and manufactured to meet the General Safety and Performance Requirements. The design controls in ISO 13485 Section 7.3 provide the systematic process that ensures devices are designed to meet these requirements and that the design is verified and validated before market placement.

Design controls are required for Class IIa, IIb, and III devices. For Class I devices, documented design controls are strongly recommended as they form the basis for the GSPR compliance demonstration in technical documentation.

Key Design Control Elements (ISO 13485 Section 7.3)

Design and development planning A design plan documenting the design phases, review activities, responsibilities, and interfaces between different groups involved in design.

Design inputs Documented functional, performance, and safety requirements derived from: intended use and user needs; applicable regulatory requirements (GSPRs); applicable standards; risk management inputs.

Design outputs Design drawings, specifications, software code, manufacturing procedures, and acceptance criteria that meet design inputs. Design outputs must be verified before implementation.

Design reviews Formal, documented reviews at defined stages of design to evaluate the ability of design results to meet requirements. Must include representatives of functions involved in design.

Design verification Confirmation through objective evidence that design outputs meet design input requirements. Includes: testing against specifications, analysis, comparison with proven designs.

Design validation Confirmation through objective evidence that the device, as manufactured, meets the intended use requirements defined in the design inputs. Includes clinical evaluation / performance evaluation evidence.

Design transfer Documented process for ensuring that design outputs are correctly translated into production specifications.

Design changes Documented change control process for all design changes, including impact assessment, verification/validation, and NB notification where required.

Corrective and Preventive Action (CAPA)

CAPA in the Swiss Context

ISO 13485 Section 8.5.2/8.5.3 requires a documented CAPA process. Under MedDO, the CAPA system must be integrated with:

• Complaint handling and vigilance reporting (complaints and serious incidents that reveal systemic QMS failures should trigger CAPA)
• Post-market surveillance (PMS data revealing unacceptable performance trends should trigger CAPA)
• Internal audit findings
• NB audit nonconformities

CAPA Process Requirements

A complete CAPA process includes:

1. Problem identification: from complaint, audit finding, vigilance report, or PMS data
2. Root cause analysis: documented investigation identifying the underlying cause(s)
3. Corrective/preventive action: defined actions addressing root cause; corrective actions address existing nonconformities; preventive actions address potential nonconformities
4. Implementation: documented implementation with assigned responsibilities and timelines
5. Effectiveness verification: objective evidence that the action has resolved the problem and that similar problems have not recurred
6. Management review input: CAPA summary included in management review

Official Sources

• ISO 13485:2016 Section 7.3 and 8.5
• MedDO Annex I (SR 812.213)

Disclaimer

AI-assisted navigation aid only. Always verify against official Swissmedic and Fedlex sources. Not legal or regulatory advice.