Let's Talk Risk! with Dr. Naveen Agarwal

Summary“Risk management should not be a compliance checkbox. It must actively govern design decisions and feedback loops across the product lifecycle.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Pujitha Gourabathini, Quality Assurance and Risk Management leader at Becton Dickinson, to explore one of the most persistent challenges in MedTech: effectively integrating risk management with design controls.Pujitha shares practical, experience-based insights on why risk files often become disconnected from design inputs, verification strategies, and sustaining engineering changes. Drawing on real-world examples, she explains how “like-for-like” assumptions, tight timelines, and limited cross-functional engagement can quietly erode patient safety if risk is not continuously reassessed.The conversation goes beyond procedures to focus on culture, highlighting the importance of collaboration, early engagement, and continuous improvement to ensure risk truly governs design decisions. As QMSR approaches, this episode offers timely guidance for QA/RA and engineering leaders looking to move from checkbox compliance to lifecycle risk assurance.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome and introduction01:00 Pujitha’s path into quality and risk management03:40 Where risk and design controls disconnect in practice05:20 Sustaining engineering: the most overlooked risk blind spot06:40 “Like-for-like” changes and dangerous hidden assumptions09:00 Proactive risk reassessment through continuous improvement11:10 Organizational barriers: timelines, awareness, and ownership25:05 Closing takeaways: culture, collaboration, and QMSR readinessIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Managing Post-Market Design Changes.LTR: Building Safety by Design.LTR: Beyond Compliance - Building Good Practices Under QMSR.Key Takeaways* Risk management must actively inform design inputs, outputs, and verification, not exist as a standalone file* Sample sizes and verification strategies should be scaled to patient impact, not convenience* Sustaining engineering changes often carry hidden risk and deserve the same rigor as new product development* “Like-for-like” component changes can invalidate prior risk analyses if assumptions go unchallenged* Continuous improvement programs work best when risk awareness extends beyond Quality into engineering and project management* Early collaboration reduces rework, delays, and late-stage risk discoveries* QMSR raises expectations for closed-loop feedback between design, risk, and post-market dataKeywordsRisk management, design controls, QMSR, sustaining engineering, ISO 14971, patient safety, verification strategy, continuous improvement, safety culture, lifecycle riskAbout Pujitha GourabathiniPujitha Gourabathini is a Quality Assurance and Risk Management leader in the medical device industry with deep expertise in lifecycle risk integration, design controls, and post-market safety. She currently serves as a Quality Assurance Manager focused on risk management, where she leads cross-functional efforts to embed patient safety into both new product development and sustaining engineering activities.With hands-on experience across ISO 14971, FDA QSR/QMSR, EU MDR, and safety assurance practices, Pujitha is passionate about moving risk management beyond documentation toward practical, decision-driven application. She is an active contributor to industry discussions through writing, mentoring, and knowledge sharing—advocating for stronger safety culture, continuous improvement, and proactive risk ownership across organizations.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“QMSR isn’t about regulatory obligation; it’s about managing business risk, protecting customers, and preserving market share.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal is joined by Steve Silverman to explore a question that’s often left unspoken: Is the FDA ready for QMSR?Drawing on his experience as a former FDA leader and industry policy expert, Steve acknowledges that the current environment inside the agency is marked by workforce reductions, loss of institutional knowledge, and political disruption. But he also emphasizes that QMSR activation on February 2, 2026, is still very much on track. He cautions companies against “waiting it out” and explains why hoping for delays or informal grace periods is a risky strategy.The conversation dives into practical implications for manufacturers, including how FDA is preparing its inspectors, what the absence of updated QSIT guidance really means, why MDSAP certification is helpful but not sufficient, and how FDA is signaling stronger expectations around risk-based quality systems, especially in premarket reviews. The episode closes with clear advice for QA/RA leaders on how to frame QMSR readiness as a business risk and strategic opportunity, not just a regulatory exercise.Chapters00:00 Why FDA readiness for QMSR matters as much as industry readiness02:00 Inside FDA: disruption, workforce loss, and institutional impact04:12 Will QMSR really go live in February 2026?06:14 Lessons from MDSAP and parallels to QMSR rollout10:40 How FDA prepares inspectors for a new regulatory framework15:14 Why MDSAP certification is not a free pass under QMSR19:14 What FDA inspections may look like in early 202627:58 How QA/RA leaders should explain QMSR to the C-suiteSuggested links:* LTR: Communicating Effectively with Senior Executives. * LTR: 90-Day QMSR Readiness Action Pan for Leaders. * Steve’s Substack: What the FDA?.Key Takeaways* QMSR will activate on February 2, 2026, companies should not expect delays or extensions.* FDA has experienced significant disruption, including workforce reductions and loss of expertise, but core regulatory work continues.* Waiting to see how FDA “handles” QMSR is a high-risk strategy for manufacturers.* FDA inspectors are being trained internally to transition from QSR to QMSR, even without updated QSIT guidance.* MDSAP certification can ease the transition but does not replace FDA inspections or guarantee QMSR compliance.* FDA will continue enforcing recall and adverse event reporting requirements alongside QMSR.* Firms that demonstrate good-faith progress and a clear quality plan are likely to encounter a more collaborative FDA posture.* QMSR explicitly elevates risk as a lifecycle concept, spanning premarket, post-market, and business decision-making.* Leaders should assess their real exposure using post-market data and not assume compliance equals safety.* QA/RA leaders must translate QMSR work into business risk, market impact, and strategic value for executives.KeywordsQMSR, FDA readiness, ISO 13485, MDSAP, FDA inspections, quality system regulation, risk-based quality, CAPA, post-market surveillance, QA/RA leadershipAbout Steve SilvermanSteve Silverman, is the President of The Silverman Group. Steve spent more than a decade at FDA in leadership positions across the Agency. He adds private-sector expertise from consulting and representing industry members. Steve develops strategies that satisfy regulators and promote business needs. He holds a Bachelor’s degree in English Literature, and a JD in Law.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“The industry is aware of QMSR, but they’re not moving. Many are still holding their breath, hoping something will change.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal is joined by Michelle Lott for a deep and practical discussion on QMSR readiness as FDA’s February 2026 deadline rapidly approaches. Michelle shares a sobering view of where the medical device industry truly stands, highlighting a dangerous gap between awareness and action.The conversation explores how FDA is signaling its expectations well before inspections begin, particularly through new draft guidance for pre-market submissions. Together, Naveen and Michelle unpack what “risk-based approach” really means under QMSR, not just for design and development, but across supplier controls, CAPA, complaints, data analysis, and management review.They also examine one of the most consequential shifts under QMSR: FDA’s expanded authority to review management responsibility and system-level effectiveness. The episode closes on a forward-looking note, emphasizing the opportunity for QA/RA leaders to reposition themselves, not as compliance enforcers, but as strategic partners in prevention, assurance, and sustainable patient safety.Chapters00:00 Why QMSR readiness matters now01:00 Industry complacency and false hope for delays05:00 FDA signals through pre-market guidance09:00 Compliance vs. assurance: what FDA really wants11:00 What “risk-based” means beyond ISO 1497114:00 Where companies should prioritize immediately17:00 Management review and executive accountability26:00 The opportunity for QA/RA leadership under QMSRSuggested links:* LTR: Risk, CAPA and FDA Inspections under QMSR. * Lean RAQA: RAQA Services, Resources and Courses. * FDA: Voluntary Improvement Program (VIP).Key Takeaways* Many companies are aware of QMSR, but are still not acting with urgency.* ISO 13485 alignment significantly reduces compliance risk, but does not eliminate it.* FDA has already committed to inspecting against QMSR beginning February 3, 2026 and there is no grace period coming.* New PMA draft guidance signals FDA’s shift from compliance evidence to assurance of sustained safety and effectiveness.* “Risk-based approach” under QMSR applies across the entire QMS, not just ISO 14971 hazard analyses.* Management review is no longer protected territory; FDA can now assess how leadership identifies and responds to systemic risk.* The five chronic FDA pain points: CAPA, complaints, design controls, supplier controls, and nonconforming product, will matter even more under QMSR.* Strong QA/RA leaders can use QMSR as a platform to become prevention partners, not procedural gatekeepers.KeywordsQMSR readiness, FDA QMSR, ISO 13485, risk-based approach, risk-based assurance, compliance vs assurance, FDA inspections, management review accountability, CAPA effectiveness, supplier controls, quality system maturity, QA/RA leadershipAbout Michelle LottMichelle Lott is the founder of Lean RAQA, where she provides fractional RA/QA leadership, audit prep, quality system design, and regulatory strategy for MedTech startups and small companies. With 20+ years of experience and an RAC certification, Michelle has helped hundreds of firms navigate FDA submissions and ISO compliance, bringing clarity and efficiency to even the most complex regulatory challenges. DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“FDA isn’t asking whether you followed the procedure. They are asking whether your system can assure consistent outcomes in the real world.”In this episode of the Let's Talk Risk Podcast, Priya Setty joins host Naveen Agarwal to unpack why QMSR represents more than a procedural update; it’s a mindset shift toward assurance, credibility, and risk-based decision making across the entire product lifecycle. Priya shares how the FDA’s alignment with ISO 13485 elevates expectations for design controls, risk integration, software assurance, and role-specific competence.Drawing on her clinical roots, global regulatory experience, and work in regulatory intelligence, Priya discusses how RA/QA professionals can prepare for future expectations through deeper understanding of risk, building strong feedback loops, developing competence beyond training, and embracing leadership roles that shape culture, not just documentation.Chapters00:00 Why QMSR is a shift from compliance to assurance.01:00 Priya’s unconventional journey from occupational therapy to regulatory affairs.04:00 How FDA expects QMSR readiness to show up in pre-market submissions.07:00 Compliance vs. assurance: Priya’s analogy for FDA’s mindset shift.09:30 Software assurance, least burdensome validation, and risk-based thinking.13:00 Why QMSR requires more than documentation—evidence of decision-making maturity.17:00 The future of inspections: competence, culture, and systemic vulnerabilities.22:00 Priya’s advice on preparing for QMSR and building a future-ready RA/QA career.Suggested links:* FDA: Draft Guidance - QMS Information for PMA Reviews. * LTR: Megan Kane on Leading QMSR Readiness in a Startup. * LTR: A 90-Day QMSR Readiness Action Plan for Leaders.Key Takeaways* QMSR represents a mindset shift: from proving compliance through procedures to demonstrating assurance through real-world performance and decision-making maturity.* FDA now expects integrated, lifecycle risk management, not isolated risk files; risk thinking must visibly connect design, verification/validation, manufacturing, and post-market actions.* Pre-market submissions will reflect QMSR readiness by showing how risk management drives design decisions, supplier oversight, and verification strategies.* Software assurance is now explicitly risk-based, requiring validation proportional to intended use and potential impact, reflecting the “least burdensome” approach.* Competence, not just training, will be scrutinized, and systemic gaps may escalate into management responsibility findings under QMSR.* Culture becomes a quality system indicator, especially how organizations make decisions, close feedback loops, and connect signals to design controls.* QMSR transition challenges differ by maturity: ISO 13485–certified companies refine and align; non-certified companies must build foundational structures.* RA/QA professionals must evolve into cross-functional leaders, shaping risk-informed culture, strengthening feedback systems, and developing deeper expertise in standards and regulatory philosophy.* Personal career growth principles - curiosity, networking, boldness, persistence - remain essential, especially as AI and digital technologies reshape regulatory practice.KeywordsQMSR, Quality Management System Regulation, ISO 13485, Regulatory Affairs, Risk Management, Assurance Mindset, FDA Inspections, Software Assurance, Competence vs. Training, Regulatory Intelligence, Medical Devices, Digital Health.About Priya SettyGeethapriya (Priya) Setty is a regulatory affairs strategist and systems builder with over eight years in global regulatory affairs and more than twenty years in healthcare. Starting her career as a pediatric occupational therapist, Priya brings a unique blend of clinical insight and policy expertise to the evolving world of medical technology. She leads regulatory intelligence and digital transformation initiatives at a global medical device company, specializing in global regulatory strategy, regulatory intelligence, and digital health/AI compliance for high-risk devices. Priya is adept at navigating complex regulations such as the EU AI Act and FDA guidance, ensuring compliance is embedded in every innovation.A certified PMP, RAC (Devices), and ISO 13485 lead auditor, Priya is known for demystifying complex regulations and building systems that keep teams ahead of industry changes. Guided by her mantra, “make a choice, and make it happen,” she is dedicated to leadership, mentorship, and simplifying healthcare through curiosity and purpose-driven action.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Under QMSR, FDA will still be FDA, but they’ll finally have broader authority to cite what they’ve always cared about.”In this Let’s Talk Risk! conversation, host Naveen Agarwal sits down with Adam Isaacs Rae to unpack one of the most misunderstood aspects of FDA’s new QMSR rule: the parts that aren’t changing.Adam brings a unique dual-lens perspective as both a medical device consultant and a lead auditor for certification bodies. With trademark clarity and humor, he explains why focusing only on “closing gaps” misses the real risk. The conversation dives into places where FDA will continue to operate exactly as before such as design control expectations, CAPA rigor, complaint handling scrutiny, and the agency’s ability to dig deeper under the broader ISO 13485 framework.Across thirty minutes, Naveen and Adam explore how QMSR will shift the conversation from timeliness to effectiveness, from dashboards to real risk thinking, and from procedural compliance to deliberate regulatory strategy in complex multi-market environments.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction and welcome00:53 The story behind “The Other Consultants”02:22 Why QMSR prep must go beyond gap assessments03:12 What QMSR won’t change and why it matters04:59 Design control complexity under QMSR08:00 FDA’s deeper reach into complaints and risk13:41 CAPA becomes CA + PA and effectiveness takes center stage23:07 Key takeaways and closing remarksIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: 90-Day Action Plan to Review QMSR Readiness.LTR: Beyond Compliance - Building Good Practices Under QMSR.ACHIEVE Workshop: Using ChatGPT to Analyze Recalls and Adverse Events. Key Takeaways* QMSR changes the requirements, not FDA’s inspection philosophy. The agency will still probe deeply and expect strong evidence of safety and effectiveness.* Design control complexity will increase. Especially for manufacturers managing the same device across the US, EU, and UK under a unified system.* Risk integration becomes unavoidable. Under ISO 13485, FDA can now cite weaknesses in risk-linked processes more explicitly.* Complaint handling scrutiny will intensify. Inspectors can now ask for “your highest-risk complaints”, and expect a defensible rationale.* CAPA becomes CA + PA. Terminology harmonizes with ISO, but FDA’s expectations for root cause depth and recurrence prevention remain unchanged.* Effectiveness will take center stage. FDA will look beyond timeliness KPIs and challenge the thinking behind effectiveness criteria.* Effectiveness must be defined up front. Not after the corrective actions are completed, a common failure mode in CAPA systems.* Recurrence and escapes remain FDA’s biggest red flags. QMSR simply gives them broader grounds to write findings.* Manufacturers must rethink regulatory strategy. Reliance sounds attractive, but differing market routes require clear separation and intentional planning.* The biggest risks come from what QMSR doesn’t change. These unchanged legacy expectations can “sting” manufacturers who assume harmonization means simplification.KeywordsQMSR, ISO 13485, FDA inspections, design controls, CAPA, corrective action, preventive action, effectiveness criteria, complaint handling, risk-based quality, regulatory strategy, post-market surveillanceAbout Adam Isaacs RaeAdam Isaacs Rae is a medical device quality and regulatory leader and Managing Director of The Other Consultants and The Other Auditors. With over a decade of experience across global medical device manufacturers, regulatory bodies, and certification audits, Adam brings a rare dual perspective as both consultant and lead auditor for ISO 13485. He specializes in pragmatic, risk-based compliance strategies that balance regulatory rigor with business realities, and is known for his clear, conversational approach to complex topics like QMSR, CAPA, and international market access.Let’s Talk Risk! with Dr. Naveen Agarwal is a bi-weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“We talk about risk all the time, but we forget to talk about the benefit. FDA’s job is to protect and promote public health, and benefit–risk is how those two missions meet.”In this episode of the Let's Talk Risk Podcast, host Naveen Agarwal sits down with Dr. Allison Komiyama, neuroscientist, former FDA reviewer, regulatory strategist, and founder of Bluestocking Health. Known for her ability to make complex FDA topics understandable and fun, Allison brings fresh clarity to one of the most misunderstood areas in risk management: benefit–risk evaluation.Together, they explore why benefit–risk thinking goes far beyond premarket submissions, how companies can use it to guide post-market decisions, and why QA/RA professionals have a massive leadership opportunity as technology accelerates faster than regulations can keep up. Allison also shares the inspiration behind her new venture, Bluestocking Health, and her mission to spark more accessible, joyful conversations about medical technologies.Chapters01:20 Introducing Allison Komiyama03:40 How FDA thinks about benefit and risk08:10 Why benefits must be evidence-based, not marketing claims10:45 The missing benefit–risk conversation in 510(k) submissions13:45 Reverse-engineering FDA’s benefit–risk guidance for real devices14:30 How AI/ML challenges traditional benefit–risk evaluation17:00 Why intended use and indications are the foundation18:40 Bringing marketing, clinical, and reimbursement into early conversations20:05 QA/RA as strategic leaders, not gatekeepers24:30 How the patient voice reframes quality and purpose26:00 The mission behind Bluestocking Health30:15 Final message for QA/RA professionals: “Keep talking to each other.”Suggested links:* FDA: Benefit-Risk Case Study for an AI/ML Device. * LTR: An Ideal Medical Device. * FDA: Benefit-Risk Guidance for 510(k) Submissions.Key Takeaways* Benefit–risk is fundamental to safety and effectiveness but there is no cookie-cutter formula. * FDA reviewers weigh benefit just as heavily as risk, but industry often forgets the benefit side.* Many devices enter the market via 510(k), where benefit–risk is rarely discussed, despite being essential.* FDA does provide benefit–risk guidance for substantial equivalence, a tool few companies actually use.* Post-market benefit–risk evaluation is critical; clearance is the starting line, not the finish line.* For AI/ML devices, understanding good machine-learning practices and PCCPs helps establish safe guardrails.* Intended use and indications are the anchor for any meaningful benefit–risk assessment.* QA/RA professionals can play a strategic leadership role by connecting benefit–risk to business, clinical, and patient perspectives.* Cross-functional conversations among engineering, marketing, reimbursement, clinical must start early, not at the end.* The patient voice remains the most powerful unifying force in developing safe, beneficial technology.KeywordsBenefit–risk evaluation, FDA submissions, 510(k)/De Novo/PMA, post-market safety, AI/ML devices, regulatory strategy, quality leadership, Bluestocking Health, patient-centric design, MedTech innovation.About Allison KomiyamaAllison Komiyama is the Founder & CEO of Bluestocking Health, a new platform dedicated to elevating conversations around medical technologies and helping patients, caregivers, and innovators better understand the devices that shape healthcare. A former FDA reviewer at CDRH, Allison has spent more than a decade supporting hundreds of submissions across the full product lifecycle, spanning startups to global enterprises. DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“With great power comes great responsibility. The innovation in AI is incredible, but our assurance models must catch up if we’re to keep patients safe”In this thought provoking Let’s Talk Risk! conversation, host Dr. Naveen Agarwal welcomes James Pink, a global leader in medical device safety, risk, and regulatory strategy. James shares his deeply personal journey, from clinical engineering and auditing, to his life-altering health experience that reinforced his passion for patient safety.Together they unpack how artificial intelligence is transforming healthcare innovation, the gaps in current assurance models, and the urgent need for literacy, accountability, and human-in-the-loop oversight.The discussion highlights contrasts between EU and U.S. regulatory approaches, the concept of AI assurance, and why quality professionals must evolve from compliance guardians to informed custodians of safety in an AI-enabled world.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Welcome & Introduction 02:00 A Personal Story 05:00 AI’s Transformative Power 07:00 Regulatory Divergence 11:30 Understanding AI Assurance 15:00 Raising AI Literacy 18:00 The Human-in-the-Loop Imperative 23:00 Guardrails & Accountability 26:00 Key Takeaways & ClosingIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Building Trustworthy AI and MedTech Readiness.LTR: Proactive AI Governance in MedTech.ACHIEVE Workshop: Using ChatGPT to Analyze Recalls and Adverse Events. Key Takeaways* Patient-safety passion often begins with personal experience — and sustains professional purpose.* AI innovation is racing ahead of our assurance and measurement systems.* The EU and U.S. regulatory models reveal opposite extremes; balance and shared responsibility are essential.* “AI literacy” should become a core competency for all QA/RA professionals.* Assurance in AI demands new tools, standards (e.g., ISO 42001, 22989), and human judgment.* Human oversight is indispensable: vigilance prevents overreliance and hubris.* Safety frameworks must evolve as fast as the technologies they govern.* Communities like the AI Safety Officer Network will drive the next era of responsible innovation.KeywordsAI safety, medical device risk management, patient safety, regulatory strategy, ISO 42001, human-in-the-loop, responsible innovation, AI assurance, EU AI Act, risk literacyAbout James PinkJames Pink is a leading voice in medical device safety and risk management with over 25 years of global experience spanning clinical engineering, notified bodies, and regulatory consulting.He is the Managing Partner at James Pink Advisory Services and Module Leader for Data Management and Digitalisation in Regulatory Affairs at TOPRA.A respected educator and expert witness, James has trained thousands of professionals worldwide and previously held senior leadership roles at Element Materials Technology and NSF International. He also founded the Medical Device Safety Risk Management and AI Safety Officer groups on LinkedIn, fostering global collaboration on responsible innovation and patient safety.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“If you’re a small company and feel stuck in the QMSR transition, use that startup energy. Get creative, tap your network, and find the experts who can help you get unstuck.”In this episode of the Let's Talk Risk Podcast, Megan Kane joins host Dr. Naveen Agarwal to unpack what the FDA’s new Quality Management System Regulation (QMSR) means for startups and small MedTech companies. She explains how the shift from checklist compliance to process-based assurance challenges teams to think differently - embedding risk management early, strengthening design controls, and elevating competence beyond routine training.Drawing from her diverse experience across AI-enabled SaMD, diagnostics, and implantables, Megan shares how agile organizations can turn regulatory change into an advantage. She discusses building risk-based quality systems, tapping external expertise through fractional leadership, and fostering a culture of continuous learning where expertise grows with every project.Chapters00:00 Why QMSR matters now02:00 Inside the startup mindset: energy, agility, and chaos04:30 From checklists to connected processes06:45 How FDA’s expectations are evolving09:50 Integrating risk management with design controls13:30 Competence vs. training: what QMSR really demands15:30 Startups and global thinking: harmonization as opportunity18:00 Leveraging networks and external expertise22:00 Building courage and translating skills to new domains24:00 Overcoming imposter syndrome and redefining expertise26:30 Final takeaways and Megan’s vision for ReliaSuggested links:* LTR: A 90-day plan to review QMSR readiness. * LTR: Risk, CAPA and FDA inspections under QMSR. * LTR: QMSR QuickTake #1: From compliance to assurance.Key Takeaways* The QMSR transition signals a shift from procedural compliance to process-based assurance.* Startups have a unique advantage. Their speed and adaptability can drive faster QMSR readiness.* The new regulation demands earlier integration of risk management into design and development.* FDA reviewers are already expecting deeper risk-to-design traceability, even premarket.* Competence, not just training, will define readiness under QMSR.* Leadership must create cultures that encourage learning and vulnerability, not perfection.* “Experts” aren’t the goal; continuous growth and shared learning are.* For startups, external networks and fractional leadership can fill critical capability gaps.* Global harmonization is coming; QMSR is the first step toward a unified framework.* Success depends on collaboration across the quality community, not isolated effort.KeywordsQMSR, ISO 13485, FDA, risk management, competence, startups, leadership, regulatory strategy, AI/ML, medical devicesAbout Megan KaneMegan Kane is a fractional regulatory and quality executive with expertise spanning medical devices, digital health, and AI-enabled SaMD. As Founder and Executive Director of Rellia, she helps early-stage MedTech companies navigate global regulatory pathways and develop practical, risk-based quality systems. Her career spans startups, global corporations, and contract manufacturing, giving her a unique lens on how to simplify complex regulations into sustainable systems. Rellia is an incubator for digital health startups, helping the next generation of healthcare innovators.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“This conference is really by the community and for the community - a place where people passionate about MedTech safety can come together to share ideas, learn, and make a difference.”In this Let’s Talk Risk! conversation, host Dr. Naveen Agarwal welcomes back renowned safety risk management expert Bijan Elahi to discuss the upcoming International MedTech Safety Conference 2026 in Boston.Bijan shares the inspiring story of how a grassroots effort among passionate professionals has grown into a global movement for advancing safety risk management in medical devices. From its beginnings at Medtronic headquarters to a sold-out conference in Amsterdam, this event has become a central hub for knowledge exchange between industry, academia, and regulators, including keynote participation from FDA CDRH Director Dr. Michelle Tarver.Together, Naveen and Bijan explore emerging themes shaping MedTech risk management today - AI and machine learning, combination products, and proactive safety by design - and highlight the many ways professionals can get involved in shaping the future of safety science.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:00 Introduction and welcome01:40 Emerging themes in MedTech risk: AI and combination products03:30 Why Bijan created the MedTech Safety Conference05:00 From Medtronic to Amsterdam: a 400% growth story06:45 The 2026 theme: Proactive Safety by Design08:30 Academic and regulatory collaboration (Northeastern, MIT, FDA)10:00 QMSR and the growing role of risk-based assurance12:00 Conference structure: workshops, keynotes, collaboration day15:00 How to participate: speak, teach, or lead a discussion18:00 Abstract selection and deadlines21:00 New ISO documents on AI/ML and combination devices23:00 Early-bird registration and next steps25:00 Closing thoughts and key takeawaysIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:Conference Website: Program, Abstract Submission, Early Bird Pricing.LTR: Tips for Improving Collaboration in Risk Management.ACHIEVE Workshop: Using ChatGPT to Analyze Recalls and Adverse Events. Key Takeaways* The MedTech Safety Conference 2026 will be held at Boston at Northeastern University, from June 2-5, 2026.* The conference theme: “Proactive Safety - From Clinic to Home” emphasizes the focus on building safety into devices from concept.* The event has grown 400% since its first year, proving global momentum.* Dr. Michelle Tarver (FDA CDRH) is an invited speaker to deliver a keynote, highlighting the importance of safety in medical devices.* New ISO guidance documents 24971-2 (AI/ML) and 24971-3 (Combination Devices) are expected to launch just before the event.* The conference includes an expanded four-day program includes workshops, keynotes, and a “Day of Collaboration.”* It brings together industry, academia, and regulators in one shared forum.* AI and combination products are today’s top emerging risk themes.* Abstracts open through Dec 31, 2025; early-bird registration at medsafety.net.* This conference is a grassroots, non-commercial movement: by the community, for the community.KeywordsMedTech Safety Conference 2026, Proactive Safety by Design, Risk Management, QMSR Readiness, AI/ML in Medical Devices, Combination Products, ISO 24971-2, ISO 24971-3, FDA CDRH, Medical Device SafetyAbout Bijan ElahiBijan Elahi is the founder of MedTech Safety and a globally recognized expert on safety risk management of medical devices. Bijan is a technical fellow, and an affiliate professor at Drexel University, USA. Bijan is also a lecturer at Eindhoven University of Technology in the Netherlands, where he teaches risk management to doctoral students in engineering. He is a frequently invited speaker at international professional conferences, and is also a contributor to ISO 14971, the international standard on the application of risk management to medical devices. He has trained over 10,000 people worldwide and his book Safety Risk Management of Medical Devices, now in its second edition, is a bestseller.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Be diligent, because one day, you might rely on the very device you helped design.”In this deeply personal and technically insightful episode of the Let's Talk Risk Podcast, host Naveen Agarwal speaks with Rick Wedge, a seasoned expert in risk management and design control for drug-device combination products.Rick shares his remarkable journey - from developing biosensors early in his career to depending on a glucose monitoring system to manage life without a pancreas. His story bridges the technical and human sides of medical innovation, revealing how living with diabetes transformed his understanding of patient experience, vigilance, and empathy in risk-based decision-making.Together, Naveen and Rick explore:* The evolution of continuous glucose monitoring (CGM) technology* What held back CGMs for decades, and what finally made them viable* How real-world data and device reliability shape patient trust* Why risk management must include emotional and psychological dimensions of user experience* The leadership challenge of turning “patient-centricity” from a slogan into a daily practiceThis conversation reminds every MedTech professional that behind every risk file is a real human story—and sometimes, that story could be our own.Chapters00:00 – Introduction: The human side of risk and living with diabetes02:00 – Rick’s medical journey and sudden onset of diabetes06:00 – Emotional and psychological recovery after surgery10:30 – From biosensors to combination products: a full-circle career13:30 – The rise of CGM technology and what made it possible18:00 – Data overload, trust, and the benefit-risk balance24:00 – Failures, vigilance, and lessons for risk professionals26:00 – Empathy as a leadership skill in risk management29:00 – Closing reflections: patient-centricity as personal missionSuggested links:* LTR: Why risk practitioners must build the empathy muscle. * LTR: The most important question - who is taking the risk?.* FDA: Dexcom G6 De Novo database entry.Key Takeaways* Risk is personal: The devices we design may one day keep us alive.* Empathy is technical: Design controls must reflect real human experience.* Patient-centricity needs proof: It’s shown in practice, not posters.* Data empowers, and overwhelms: More information isn’t always better.* Reliability builds trust: Every sensor failure is a lesson in vigilance.* Benefit-risk is dynamic: Even mature devices demand continuous balance.* Innovation carries responsibility: Breakthroughs require humility and care.* Experience changes perspective: Living the risk reshapes professional judgment.* Leadership starts with listening: Empathy drives safer, smarter teams.* Technology evolves, so must we: Staying curious sustains both progress and safety.KeywordsRisk management, design control, combination products, empathy, patient experience, diabetes, continuous glucose monitoring, benefit-risk, medical devices, leadershipAbout Rick WedgeRick Wedge is a risk management and design control leader with extensive experience in drug-device combination products. Over more than two decades in MedTech and pharma, he has led global initiatives in quality systems, design controls, and risk management aligned with ISO 13485, ISO 14971, and FDA 21 CFR Part 820.A trained scientist with a Ph.D. background in electrochemical biosensors, Rick began his career developing glucose sensors - technology that later became essential to his own health journey. Today, he combines deep technical expertise with a passion for patient-centric design and regulatory excellence, inspiring professionals to view risk management through both a technical and human lens.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Talk to the people you are building the device for. Assumptions may speed development, but they often miss the human realities that determine whether a product succeeds or fails.”In this Let’s Talk Risk! conversation, host Dr. Naveen Agarwal sits down with Hannah Walter to explore the human side of medical technology. From robotic surgery consoles to AR/VR-assisted procedures, Hannah explains why human-machine interaction has become a critical design priority, and why early conversations about inclusivity can make or break product safety and adoption.They discuss how differences in motion sickness between male and female users, or colorblindness among technicians, can introduce hidden usability risks if overlooked. Hannah emphasizes the value of partnering with universities, learning from real users, and fostering open feedback loops between engineers and healthcare professionals.Her message is clear: by recognizing human variability, building empathy into design, and communicating early, teams can create safer, more effective medical devices, and avoid costly human factors failures that derail regulatory approval.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:30 Introducing Hannah Walter02:39 Human Factors in Emerging Technologies05:25 Behavioral Adaptation in Virtual Environments07:50 Motion Sickness and Gender Differences10:45 Inclusive Design and Colorblindness13:32 Design Evolution and Adaptation17:18 Early Human Factors Conversations19:54 Practical Strategies for Inclusivity20:59 Standards, Guidance, and Research24:31 Key Takeaways and Closing ReflectionsIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Think of human factors for AI as levels of automation.LTR: Understanding human factors aspect of AR applications in MedTech.LTR: Medical device recalls deep dive series - Part 1.Key Takeaways* Human factors must be integrated early, not treated as a final test.* Inclusivity isn’t optional - gender, color perception, and physical comfort all affect usability and safety.* Failure examples (e.g., color-blind-unfriendly devices) can be powerful motivators for change.* Academic partnerships can extend research beyond product-development constraints.* AR/VR environments highlight motion-sickness differences that designers must account for.* The FDA cites human-factors issues as a leading reason for product-clearance delays.* Iconography, feedback cues, and adaptive interfaces reduce user error.* Open dialogue with nurses, lab techs, and other users drives innovation.* Human-centered design is also business-centered - better usability means fewer recalls and more adoption.* “Don’t forget the human in human factors.”KeywordsHuman factors, inclusive design, usability engineering, AR/VR, motion sickness, robotic surgery, colorblindness, medical devices, human-machine interface, user experience, ergonomics, product development, safety, innovation, FDA guidanceAbout Hannah Walter, Ph.D.Hannah Walter is a Senior Human Factors Engineer specializing in usability engineering, cognitive and physical ergonomics, and accessibility in medical devices. She has extensive experience supporting the full product development lifecycle - from early user research and formative usability testing to validation, risk analysis, and regulatory submissions.Hannah earned her Ph.D. in Kinesiology (Human Movement Science) from the University of Minnesota, where her research explored motion sickness, postural adaptation, and human interaction in virtual environments. Before transitioning to industry, she served as an adjunct professor at the University of Minnesota, teaching courses on motor development and human perception.Her passion lies in advancing inclusive, human-centered design practices that bridge research, engineering, and user experience to make technology safer and more intuitive for everyone. Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“You can’t walk away from risk. If people did, no one would ever develop a product this complex. The key is learning how to manage risk intelligently through data and a structured process.”In this episode of the Let's Talk Risk Podcast, host Dr. Naveen Agarwal sits down with Viral Thakkar, Chief Operating Officer of Lungpacer Medical, Inc., to explore the inspiring story of a device that helps patients on mechanical ventilators recover their natural breathing ability. Viral recounts how the idea to stimulate the phrenic nerves trans-venously evolved from a university lab concept into a first-in-kind, FDA-approved technology. He explains how early investment in quality and risk management systems enabled Lungpacer to navigate three clinical trials, to achieve Breakthrough Device Designation, Emergency Use Authorization during COVID-19, and ultimately PMA approval.The conversation dives into how risk-based decision-making shaped each phase of development - from material selection trade-offs to parallel-path prototyping - and how transparent communication with regulators and investors built confidence in a novel approach to respiratory care. Viral also reflects on leadership lessons from his transition from engineer to executive: balancing innovation with safety, thinking strategically as a QA/RA professional, and having the courage to stay the course through uncertainty. The episode closes with a glimpse into Lungpacer’s future - preventing diaphragm atrophy before it begins through next-generation technology.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:42 Introducing Viral Thakkar01:30 Origins of Lungpacer and early development hurdles04:30 Understanding ventilator-induced diaphragm atrophy06:30 Clinical results and patient impact08:00 How the device works and when it’s used10:15 The EUA experience during COVID-1912:00 Making risk-based trade-offs in materials and design15:15 Communicating risk strategy to management17:37 Strategic role of QA/RA professionals in startups21:13 Career evolution from engineer to executive24:00 Personal story and lessons learned25:00 Future direction and closing commentsSuggested links:* LTR - Collaboration that drives innovation, not delays. * LTR: Understanding risk-based thinking.* LTR: Leadership in the age of AI.Key Takeaways* Mechanical ventilation saves lives but causes rapid diaphragm atrophy and lung injury.* Lungpacer helps recover diaphragm strength to activate the natural breathing pathway via phrenic-nerve stimulation.* Early implementation of quality and risk systems accelerates innovation safely.* FDA granted Breakthrough Device Designation in 2016 and PMA approval in 2024.* COVID-19 EUA demonstrated safety and efficacy under crisis conditions.* Parallel development reduced risk while maintaining speed to clinic.* Data-driven, structured decision-making earns management and regulatory trust.* Cross-functional teamwork and communication are vital for success.* Courage, patience, and strategic thinking define MedTech leadership.* The next frontier: using stimulation proactively to prevent ventilator-induced injury.KeywordsMedTech innovation, breakthrough device, risk-based decision making, regulatory strategy, leadership in startups, quality, risk management, patient safety, strategic decision making, medical device development, transformative healthcare technologyAbout Viral ThakkarViral Thakkar PEng, is Chief Operating Officer at Lungpacer Medical Inc., a company dedicated to developing therapeutic solutions for patients requiring mechanical ventilation.He has over 20 years of experience in the medical device industry, specializing in the design and development of innovative medical technologies. Viral has led the development of critical care, cardiovascular, robotic surgery, respiratory, and neurostimulation devices. He has been instrumental in bringing to market first-of-their-kind products, including power-actuated surgical stapling devices, cardiovascular and peripheral stents, stent delivery systems, embolic protection devices, and catheter-based intra-vascular temperature management devices. He has successfully led the concept-to-commercialization of seven regulated Class II and III medical devices.With over 100 global patents his extensive experience includes leadership roles at ZOLL Medical Corporation, Boston Scientific Corporation, Radiant Medical, SMTPL, and Power Medical Interventions.Viral’s commitment to innovation has contributed to the advancement of the medical device industry, helping improve patient outcomes.DisclaimerInformation and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards.Let's Talk Risk! is a reader-supported publication. To receive new posts and support my work, consider becoming a free or paid subscriber. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

In this audio brief, we unpack a recent Class I recalls of the Boston Scientific Watchman TruSeal Access System. What began as a rare but catastrophic risk of air embolism evolved into a global procedural-safety lesson for the entire MedTech industry.Key themes:* Procedural vs. device risk: How the true hazard emerged from workflow variation, not product failure.* Scale-driven exposure: Commercial success amplified rare risks as adoption expanded to community hospitals.* Narrative analytics: Text mining of MAUDE reports uncovered 43 % of events that structured codes missed - a three-to-four-month early warning.* Regulatory blind spot: Substantial-equivalence pathways preserved untested procedural assumptions.* Strategic mitigation: Boston Scientific chose updating information for safety as the appropriate risk control measure and not product removal.* Industry-wide signal: Similar Abbott access-system recalls revealed a shared procedural vulnerability, highlighting the need for peer vigilance.* Evolving vigilance: Turning post-market surveillance from a compliance task into strategic intelligence.Actionable takeaways for QA/RA leaders:* Integrate narrative analytics to detect weak procedural signals early.* Bridge verification gaps with proactive human-factors and workflow validation.* Adopt cross-manufacturer vigilance: treat competitor recalls as intelligence triggers, not isolated events.* Align risk management with growth: ensure vigilance capacity scales with commercial expansion.* Reframe safety as a value driver: invest in foresight tools before crisis forces the case.🎧Listen to the audio brief above for an overview of this case and lessons learned. Thanks for reading Let's Talk Risk!. This post is public so feel free to share it.Note:This audio brief was prepared using Google NotebookLM, an AI-enabled research tool. Here is the list of resources used in our analysis:* WATCHMAN TruSeal Access System Class 1 Recall, FDA recalls database entry. * Boston Scientific Urgent Field Safety Notice, Issued 29 July 2025. * Boston Scientific WATCHMAN TruSeal Recall Analysis, Unpublished reportThe text summary was created using ChatGPT-5 (October 2025) with expert review. It distills publicly available information on the Boston Scientific WATCHMAN TruSeal Access System recall and related regulatory insights. While reviewed for accuracy and relevance, it does not constitute legal, regulatory, or medical advice. Medical-device safety and vigilance practices continue to evolve, and details may change after publication.We encourage listeners to interpret these findings in the context of these constraints. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Risk management is nothing without asking questions. And just as important, we need to create a culture where people aren’t afraid to ask them, because without that, everything grinds to a halt.”In this Let’s Talk Risk! conversation, host Naveen Agarwal welcomes Edward Ball, Manager of Intelligence and Strategic Execution at RQM+. Ed shares insights from his 20+ years in medical devices, including his unique perspective gained through roles at MHRA, ConvaTec, Fresenius Kabi, and now RQM+. The conversation dives into his role in monitoring regulatory intelligence, supporting clients in navigating evolving global requirements, and making sense of the shifting landscape of risk and compliance.Ed and Naveen explore key themes from the recent RAPS Euroconvergence Conference, including the growing influence of AI in regulatory processes, the importance of standardized IMDRF coding for vigilance and trending, and the need to bridge gaps between post-market surveillance, risk management, and complaints handling. They also reflect on how language and interpretation such as “indicators,” “benefit-risk ratio,” and “state of the art” are shaping our understanding and regulatory expectations. Ed closes with a reminder that asking the right questions, building systems that deliver actionable answers, and fostering a culture of curiosity are essential to effective risk management.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters* 00:10 – Introducing Edward Ball* 02:41 – Insights from the RAPS Euroconvergence Conference* 04:41 – AI in MedTech regulation and FDA’s use of AI tools* 07:00 – AI for vigilance reporting and trending of adverse events* 09:00 – Importance of IMDRF coding and challenges with standardization* 12:00 – Disconnect between vigilance, complaints, and risk management files* 16:20 – Indicators vs. thresholds in post-market surveillance* 18:30 – Misinterpretations of “benefit-risk ratio” and “state of the art”* 22:00 – Regulatory expectations vs. manufacturer practices* 23:47 – Announcements, Key takeaways and Closing CommentsIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Defining state of the art can be challenging - here are a few tips.LTR: AI use cases in MedTech regulatory applications.ACHIEVE: PMS Workshop.Key Takeaways* AI is increasingly used by regulators for trending and vigilance, but its outputs are only as reliable as the inputs.* Standardized IMDRF coding is critical for consistent vigilance reporting and meaningful trend analysis.* Many companies still struggle to align internal complaints data with standardized codes, creating disconnects in risk management.* Post-market surveillance (PMS) is not new, but it must be integrated into the quality and risk management system, not treated as a silo.* “Indicators” in PMS are not always numeric; a single new signal or case can be just as important as statistical thresholds.* Misinterpretation of terms like “benefit-risk ratio” or “state of the art” can cause regulatory confusion and misaligned expectations.* Regulators, notified bodies, and manufacturers often use different definitions, underscoring the need for clearer common language.* Building PMS systems around the questions you need to answer ensures data is actionable for patients, regulators, and companies.* A culture of curiosity where people feel safe asking questions is essential for effective risk management.* Continuous learning and diverse perspectives strengthen both regulatory understanding and organizational decision-making.KeywordsAI in MedTech, Vigilance reporting, IMDRF coding, Post-market surveillance (PMS), Risk management, Regulatory intelligence, Benefit-risk ratio, State of the art, Trend reporting, Complaints handling, Patient safetyAbout Edward BallEdward Ball is a seasoned medical device specialist with over 20 years of experience spanning regulatory compliance, risk management, product safety, quality systems, and post-market surveillance. He has held leadership roles at RQM+, Fresenius Kabi, ConvaTec, and the UK’s MHRA, where he led complex investigations, vigilance reporting, and technical reviews of medical devices.With a strong foundation in medical engineering (MSc, University of Liverpool), Edward brings deep expertise in design controls, incident investigation, and CAPA systems, helping organizations navigate evolving global regulatory frameworks and ensure patient safety.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Ethical and compliant AI adoption isn’t a barrier to innovation. It makes your business stronger and more resilient.”In this Let’s Talk Risk! conversation, host Naveen Agarwal reconnects with longtime friend and Silicon Valley tech leader Ajay Dankar, Co-Founder of Trussed AI. Ajay shares insights from his career at Google, AWS, Adobe, and PayPal, and explains how generative and agentic AI are reshaping industries from healthcare to finance.Together, they explore the promise and uncertainty of AI adoption, and how regulations like the EU AI Act and America’s new AI Action Plan will shape compliance, why trust and governance are central to enterprise deployment, and what skills QA and RA professionals need to thrive in an AI-driven world. Ajay emphasizes that ethical and proactive AI governance isn’t a barrier to innovation, rather a pathway to building better, more resilient businesses.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters* 00:26 – Introducing Ajay Dankar* 01:12 – How AI is Shaping Everything We Do* 03:32 – Generative vs. Agentic AI* 06:02 – Regulations and the U.S. AI Action Plan* 10:13 – What Senior Executives are Asking* 16:17– Opportunities for QA/RA Professionals* 23:32 – Announcements, Key Takeaways and Closing ThoughtsIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Kevin Schawinski on Building Trustworthy AI and MedTech Readiness.LTR: Contrasting US and EU approaches to AI regulation.ACHIEVE: PMS Workshop.Key Takeaways* AI is fundamentally reshaping how work gets done across industries.* Generative AI creates new content, while agentic AI aims for autonomous decision-making.* The U.S. AI Action Plan offers a blueprint for compliance, innovation, and governance.* Regulations will require proactive integration of AI governance into development pipelines.* Trust is a central challenge. Enterprises must ensure compliance, transparency, and reliability.* Most organizations have moved past AI pilots and now face execution and scaling challenges.* QA and RA professionals have a unique opportunity to lead enterprise-level AI governance.* Skills in AI literacy and critical thinking are essential for future career growth.* Compliance is no longer a “checkpoint”; it must be embedded into workflows from the start.* Ethical, well-governed AI adoption strengthens business resilience and customer trust.KeywordsAI governance, generative AI, agentic AI, compliance, trust, regulatory landscape, medtech, enterprise adoption, ethical AI, proactive governanceAbout Ajay DankarAjay Dankar is a seasoned product and engineering leader with deep expertise in cloud infrastructure, enterprise-grade platforms, and AI-driven innovation. Currently the Co-Founder of Trussed AI, he is focused on making generative and agentic AI trusted and enterprise-ready. Ajay has held senior leadership roles at Google, Amazon Web Services, Adobe, Aviatrix, and PayPal, where he drove large-scale product strategies, cloud transformations, and SaaS platform development.An entrepreneur and innovator at heart, Ajay has co-founded multiple startups, authored four U.S. patents in multi-factor authentication, and successfully built Finsphere—a fintech company acquired by Visa. With a proven track record of leading multi-geo teams, mentoring talent, and aligning technology with customer needs, he brings a rare blend of business acumen, technical depth, and customer empathy. Ajay holds degrees in Electrical Engineering from the Indian Institute of Technology, Delhi, and the University of Florida.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

In this audio brief, we unpack the practical implications of the FDA’s Final Guidance on Computer Software Assurance (CSA), issued September 2025.The debate highlights two perspectives:* Quality professional’s view: CSA cuts unnecessary documentation, aligns validation with patient safety risk, and supports agile manufacturing.* Auditor’s view: CSA’s reliance on qualitative judgment, binary risk classification, and vendor dependence creates new challenges for audits, SOPs, and Part 11 compliance.Key themes include:* The distinction between CSA process risk vs. ISO 14971 medical device risk.* The binary “high vs. not high process risk” classification and its audit implications.* Use of unscripted testing (exploratory, scenario, error guessing) and the challenge of proving rigor.* Vendor accountability in cloud/SaaS environments and continuous deployment.* The cultural shift required for manufacturers to define and defend “profound judgment” in risk decisions.Ultimately, CSA is framed as both an opportunity for efficiency and a test of organizational maturity in risk-based quality management.🎧Listen to the audio brief above for an overview of the AI/ML device recalls, emerging vulnerabilities and trends to watch. Thanks for reading Let's Talk Risk!. This post is public so feel free to share it.Note:This audio brief was prepared using Google NotebookLM, an AI-enabled research tool. Here is the list of resources used in our analysis:* Computer Software Assurance for Production and Quality System Software, Final Guidance issued on September 24, 2025. This summary was created using ChatGPT-5 with expert review. It distills publicly available information on the FDA’s Final Guidance on Computer Software Assurance (CSA). While reviewed for accuracy and relevance, it does not constitute legal, regulatory, or medical advice. Software assurance practices in healthcare are rapidly evolving, and details may change after publication.We encourage listeners to interpret these findings in the context of these constraints. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Compliance can’t just be a once-per-year audit anymore. It has to be continuous, proactive, and built into the way we work every day.”In this Let’s Talk Risk! conversation, Naveen Agarwal speaks with Adam Foresman, Co-Founder and CEO of Ryden Solutions, about building the first platform for continuous compliance gap analysis in the life sciences industry. Adam shares his journey from leading quality and regulatory affairs at a diagnostic AI startup, where he managed hundreds of requirements as a department of one, to envisioning a “virtual FDA inspector” that continuously highlights QMS health and compliance gaps. The discussion explores how regulatory bodies like FDA and EU notified bodies are already deploying AI to review submissions, why trust and validation remain critical for adoption, and how companies can prepare their culture and QMS for this shift. Adam emphasizes that while AI can streamline audits, inspections, and submissions, Quality professionals must remain vigilant, collaborative, and open to continuous improvement. The message is clear: proactive compliance, powered by AI, is quickly becoming the new standard for life sciences organizations.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:08 – Introducing Adam Foresman01:00 – From Quality Leader to Startup Founder02:56– What Proactive Compliance Really Means04:23 – AI Agents for Regulatory Gap Assessments07:21 – Trust and Validation in AI Systems13:00 – Real-World Use Cases and Benefits19:06 – Preparing for an AI-Enabled Future22:16 – Standardization, Culture Shift & Key TakeawaysIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Databases and automation tools for clinical evaluation.LTR: Contrasting US and EU approaches to AI regulation.ACHIEVE: PMS Workshop.Key Takeaways* Proactive compliance shifts QMS from periodic audits to continuous monitoring.* A “virtual FDA inspector” can highlight compliance gaps in real time.* Seamless EQMS integration is critical for adoption and user trust.* AI-driven platforms must be validated with rigorous accuracy testing.* Regulators like FDA and EU notified bodies are already using AI for submissions.* Trust in AI systems depends on transparency, validation, and human oversight.* Real-world use cases show benefits in inspections, audits, and onboarding.* False positives are manageable if systems allow human review and override.* Culture shift toward openness and continuous improvement is essential.* Quality professionals should focus on collaboration and adaptability in an AI-driven future.KeywordsProactive Compliance, Continuous Auditing, QMS, Regulatory Affairs, FDA, EU MDR, AI in Quality, Gap Analysis, EQMS Integration, Trust in AIAbout Adam ForesmanAdam Foresman is Co-Founder and CEO of Ryden Solutions, a platform that automates compliance gap analysis and audits for life science companies. He has led global quality and regulatory affairs at VideaHealth, driving approvals and compliance for AI/ML diagnostics, and held senior roles at Midmark Corporation, Dentsply, and Hollister. Adam holds engineering degrees from Purdue University, an MBA from Indiana University’s Kelley School of Business, and multiple ASQ certifications, including Six Sigma Black Belt.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“EU MDR is the spiritual ancestor of the EU AI Act”.In this Let’s Talk Risk! conversation, host Naveen Agarwal welcomes Kevin Schawinski, astrophysicist turned AI entrepreneur and CEO of Modulos AG. Kevin shares his journey from studying black holes to building AI governance solutions, and explains how the EU AI Act is modeled after the EU Medical Device Regulation (MDR). He highlights the parallels between product safety regimes in MedTech and emerging AI regulation, offering practical insights for organizations preparing for compliance.The conversation explores ISO 42001 as a baseline AI management system standard, the implications of fine-tuning large models, and why medical device professionals may actually be better prepared than most industries to navigate AI regulation. Kevin emphasizes the importance of responsible deployment across culture, processes, and technology, and leaves listeners with a clear message: MedTech organizations already have the tools and mindset to take a leadership role in shaping trustworthy AI.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters00:10 Introducing Kevin Schawinski - From Black Holes to AI03:29 How EU AI Act Parallels EU MDR07:00 MedTech Readiness for AI Compliance11:00 Defining and Building Responsible AI20:13 Managing Risks Across Supply Chain23:19 Announcements and Key TakeawaysIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: Contrasting US and EU Approaches to AI Regulation.LTR: Eight Practical Actions to Future-Proof Your AI Enabled Medical Devices.ACHIEVE: PMS Workshop.Key Takeaways* The EU AI Act mirrors MDR’s risk-tiered framework.* MedTech pros are better prepared than most for AI rules.* ISO 42001 is the new baseline for AI management.* 42001 helps, but doesn’t ensure AI Act compliance.* Fine-tuning AI models shifts full responsibility to you.* Responsible AI needs culture, process, and tech alignment.* EU and U.S. AI laws are moving fast but differ in approach.* U.S. states push ahead, driving calls for federal law.* AI supply chains create hidden liability risks.* MedTech can lead in trustworthy AI using existing practices.KeywordsEU AI Act, MDR, Risk-tiering, ISO 42001, Compliance, Liability, Fine-tuning, Responsible AI, Trustworthy AI, Supply chain, MedTech, GovernanceAbout Kevin SchawinskiKevin Schawinski is the Co-Founder & CEO of Modulos AG, where he leads the development of AI governance solutions that align with global standards such as the EU AI Act and the U.S. NIST AI Risk Management Framework. An astrophysicist turned entrepreneur, he previously served as an assistant professor at ETH Zurich, published in leading journals like Nature and Science, and pioneered the use of machine learning in astrophysics. Today, Kevin contributes to international AI policy efforts with NIST and the European Commission, advocating for responsible and trustworthy AI innovation.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

In this audio brief, We unpack an academic study that compares the EU’s MDCG 2019-16 and the FDA’s cybersecurity guidance, benchmarking them against international best practices. Both documents cover the basics, but each leaves troubling gaps, especially in areas like authentication, secure coding, network security, and resilience.Key points in this audio brief:* The biggest risks of connected medical devices and why cybersecurity is now inseparable from patient safety.* Where the EU and FDA guidance converge, and where they diverge.* Thematic gaps: authentication, cryptography, secure coding (EU) vs. network security and resilience (FDA).* Why existing vulnerabilities often stem from implementation failures, not policy gaps.* A proposed structural fix: separating high-level principles from device-specific technical guidance.* How stronger enforcement or penalties could change manufacturer behavior.For professionals in regulatory affairs, risk management, and MedTech development, this conversation highlights where guidance is falling short, and what’s needed to drive consistent, secure practices across the industry.🎧Listen to the audio brief above for an overview of the AI/ML device recalls, emerging vulnerabilities and trends to watch. Thanks for reading Let's Talk Risk!. This post is public so feel free to share it.Note:This audio brief was prepared using Google NotebookLM, an AI-enabled research tool. Here is the list of resources used in our analysis:* Cybersecurity requirements for medical devices in the EU and US - A comparison and gap analysis of the MDCG 2019–16 and FDA premarket cybersecurity guidance, Research Letter | Computational and Structural Biotechnology Journal, July 2025.This summary was created using ChatGPT-5 (September 2025) with expert review. It distills publicly available information on EU and FDA cybersecurity guidance for medical devices. While reviewed for accuracy and relevance, it does not constitute legal, regulatory, or medical advice. Cybersecurity in healthcare is a rapidly evolving field, and details may change after publication.We encourage listeners to interpret these findings in the context of these constraints. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe

Summary“Wireless coexistence is not a checkbox. It’s a risk management approach”.In this Let’s Talk Risk! conversation, Dr. Naveen Agarwal sits down with Omar Al Kalaa, PhD, Founder of Inovectrum and former FDA wireless scientist, to explore the challenges and opportunities of integrating wireless technology into medical devices. Omar shares his journey from academic research on wireless coexistence to leading FDA initiatives on 5G-enabled medical devices, offering a unique perspective at the intersection of MedTech, telecom, and regulatory science.The conversation covers key issues manufacturers face when adopting wireless connectivity, such as defining quality of service, assessing risk categories, and ensuring coexistence in crowded spectrum environments. Omar explains why medical devices must be viewed as connected systems rather than standalone products, highlighting risks from Bluetooth- and Wi-Fi-enabled devices, lessons from real-world recalls, and the growing need to integrate safety, cybersecurity, and interoperability into design. His takeaways emphasize a holistic, systems-based approach to innovation and evaluation in connected healthcare.Listen to the full 30-minute podcast or jump to a section of interest listed below. Chapters01:00 Omar’s Journey - From Academia to FDA to Entrepreneurship03:35 Understanding First Principles of Wireless in MedTech06:14 Risk Categories for Wireless Functions08:16 Understanding Wireless Coexistence13:00 Thinking in Systems, Not a Stand Alone Device15:35 Real-World Recall Example19:17 Wireless Immunity and 5G24:42 Announcements, Key Takeaways and Closing ThoughtsIf you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.Suggested links:LTR: A new paradigm for building connected medical devices.LTR: FDA guidance on interoperable devices.ACHIEVE: PMS Workshop.Key Takeaways* The FDA wireless guidance is crucial for incorporating wireless technology.* Understanding the risk category for wireless functions is essential.* Wireless coexistence is a risk management approach, not just a checkbox.* Medical devices should be viewed as interconnected systems.* Cybersecurity must be considered alongside other technical aspects.* Evaluating the end-to-end system is vital for safety and performance.* Device manufacturers should consult relevant technical documents for guidance.* The introduction of new technologies requires updated evaluation standards.* Communication between devices can impact performance and safety.* A holistic approach is necessary for effective risk management.KeywordsMedical devices, wireless technology, risk management, FDA guidelines, wireless coexistence, medical systems, cybersecurity, connectivity, healthcare innovation, regulatory complianceAbout Omar Al KalaaOmar Al Kalaa is the Founder and Principal of Inovectrum, a technology practice bridging MedTech and telecom through wireless innovation. He helps companies design and deploy high-performance connectivity solutions for medical devices, clinical environments, and digital health systems.Before founding Inovectrum, Omar spent over eight years at the FDA, where he led regulatory science initiatives on 5G-enabled medical devices, developed wireless coexistence standards, and guided industry on complex compliance challenges. With a PhD in Electrical and Computer Engineering from the University of Oklahoma, he combines deep technical expertise with regulatory insight to advance future-ready connected health technologies.Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.DisclaimerInformation and insights presented in this podcast are for educational purposes only, and not as legal advice. Views expressed by all speakers are their own and do not reflect those of their respective organizations.Parts of this article were created using AI-generated content, which was subsequently reviewed, edited, and fact-checked by the author to ensure accuracy and alignment with our standards. This is a public episode. If you'd like to discuss this with other subscribers or get access to bonus episodes, visit naveenagarwalphd.substack.com/subscribe