The FDA's new Quality Management System Regulation (QMSR), which replaces the 21 CFR Part 820 Quality System Regulation (QSR) and incorporates ISO 13485:2016 by reference, represents a significant harmonization effort in the medical device industry. While viewed by some as a mere streamlining, the change is mandatory, with an effective and fully enforceable date of February 2, 2026. The episode addresses industry complacency and details critical steps manufacturers must take immediately.

The episode debunks the myth that familiar quality documents like the DHF, DMR, and DHR are being eliminated. While the specific terms are removed from the regulation's language, their substance is retained and mapped to new, ISO-aligned conceptual requirements: the Device Master Record (DMR) becomes the Medical Device File (MDF), the Design History File (DHF) becomes the Design and Development File (DDP), and the Device History Record (DHR) is captured in the Batch or Lot Record. The host emphasizes that internal documents can retain the old terminology, provided a clear regulatory mapping is established.

Crucially, compliance requires more than just an ISO 13485 certificate. Two major philosophical shifts must be addressed: the explicit requirement for integrating lifecycle risk management as the DNA of the entire QMS, and the loss of the audit privilege, which makes internal audit reports, supplier audit reports, and management review records inspectable regulatory evidence. Furthermore, manufacturers must comply with retained, US-specific requirements under the QMSR's prevalence rule, especially concerning mandatory record content (§ 820.35) and specific labeling and packaging controls (§ 820.45).

1. [0:50] QMSR: The biggest shakeup to US quality requirements since 1996.
2. [2:00] Effective Date: February 2, 2026—the clock is ticking.
3. [2:42] The Goal: Harmonization with ISO 13485:2016 to reduce redundancy for global manufacturers.
4. [3:50] Myth 1 Busted: The FDA is eliminating the DHF, DMR, and DHR (Documentation Dissolution).
5. [5:10] Terminology Shift: DMR > Medical Device File (MDF, ISO 13485 Clause 4.2.3).
6. [6:30] Terminology Shift: DHF > Design and Development File (DDP, ISO 13485 Clause 7.3.10).
7. [7:40] Terminology Shift: DHR > Batch or Lot Record (ISO 13485 Clause 7.5.1).
8. [8:40] The Practical Takeaway: Internal naming is fine, but regulatory mapping is mandatory.
9. [10:30] Critical Shift 1: Risk Management is the DNA of the QMS—Explicitly required across all clauses.
10. [13:00] Critical Shift 2: Loss of the Audit Privilege—Internal audit and management review records are now inspectable.
11. [17:00] Critical Shift 3: Retained FDA Specifications (Prevalence Rule).

The MedTech talent landscape has undergone a significant "reset" in the two years since Elena Kyria, founder and CEO of Elemed, last joined the podcast. Driven by factors like the rise of AI, economic volatility, and post-pandemic shifts, the dynamic has swung from a "war for talent" (many jobs, few candidates) to a market flooded with applicants, often overwhelming internal recruitment teams. This shift, exacerbated by simple application processes like LinkedIn's Easy Apply, makes it challenging for good candidates to cut through the noise and for companies to manage high application volumes.

To thrive in this new environment, MedTech professionals, particularly those in Quality Assurance (QA) and Regulatory Affairs (RA), must expand their focus beyond technical competence. Elena stresses the growing importance of transverse skills (the essential human skills like communication, negotiation, and leadership) and, critically, AI literacy. With the pressure on companies to "do more with less," AI is creating an environment where smaller, highly productive teams are favored. This doesn't mean roles will disappear, but professionals must embrace technology to eliminate tedious tasks and focus on high-value, strategic work.

Navigating the job market now requires a more intentional and proactive approach, especially to access the hidden job market where the best unadvertised roles reside. Tactics include direct networking with hiring managers and active professional branding. Furthermore, the global regulatory environment's fragmentation—especially between the US (FDA) and EU (MDR/IVDR)—is impacting how companies build their teams, favoring remote work and strategic location choices that factor in the local talent pool and employment laws.

• 1:50 - The MedTech Talent Shift: From "War for Talent" to a "Reset"
• 4:45 - The impact of high volume and "easy apply" on candidate experience
• 6:15 - Immediate disqualification criteria and "gaming" the application system
• 7:35 - Strategies for accessing the hidden job market (networking and strategy)
• 9:20 - The controversial impact of AI on QA/RA roles and the need for efficiency
• 11:30 - Future-proofing your career: Why leaders and junior professionals must embrace AI
• 13:55 - Understanding transverse skills (soft skills) and business acumen
• 15:40 - The QA/RA role in the age of AI: Focusing on the 30% of high-value expertise
• 17:00 - Tactics for achieving AI literacy: Small wins, experimentation, and habit stacking
• 19:45 - Why the "hidden job market" exists (confidentiality, exclusivity, and pipeline)
• 21:30 - Positioning yourself externally: The power of active contribution on LinkedIn
• 23:45 - The importance of speaking at industry events (e.g., RAPS) to build credibility
• 24:55 - Strategic advice for founders building remote, global teams
• 26:15 - The impact of US vs. EU regulatory fragmentation on talent selection

• Prioritize AI Literacy: MedTech professionals must proactively experiment with AI tools (like note-takers and regulatory intelligence systems) to automate up to 70% of tedious tasks. Waiting for...

This episode tackles the complex challenge of applying the hardware-centric clauses of ISO 13485 to Software as a Medical Device (SaMD). Adnan Ashfaq, founder of Simply Medica, joins Etienne Nichols to dissect how traditional standards intended for physical manufacturing must be creatively interpreted for the virtual world of software development, where apps update weekly and cloud-based systems evolve in real-time. The conversation zeroes in on the often-muddy areas of production and service provision (Clause 7.5), emphasizing that these clauses are far from non-applicable, requiring a "virtual manufacturing space" mindset.

A significant focus is placed on the Software of Unknown Provenance (SOUP), treating these building blocks as purchased components that require robust supplier evaluation and validation, bridging Clause 7.5 (production) with Clause 7.4 (purchasing). The discussion extends to crucial concepts like the Software Bill of Materials (SBoM), the complexity of Agile vs. Waterfall approaches within the standard's framework, and the essential role of the new FDA Computer Software Assurance (CSA) guidance in risk assessment.

Beyond production, the experts explore the application of resource management (Clause 6), specifically addressing infrastructure, contamination control (malware/ransomware), and the critical need for a well-documented Design Transfer to Production (Clause 7.3.8) evidenced by a complete software release package, including all 62304 requirements. The episode provides actionable insights for quality and compliance professionals struggling to maintain speed and innovation while strictly adhering to regulatory requirements.

• 01:45 - The changing landscape: Why traditional MedTech rules struggle with modern software updates.
• 03:50 - Historical context of ISO 13485 and its non-distinction between hardware/software.
• 05:05 - Starting Point: Clause 7.5 (Production and Service Provision) and the "Virtual Manufacturing Space" concept.
• 06:20 - Unpacking Software of Unknown Provenance (SOUP) and its link to Clause 7.4 (Purchasing).
• 08:35 - The necessity of validating the development environment (GitHub/GitLab) and building blocks.
• 11:10 - Applying Clause 4.1.6 (Software Validation) to SOUP items and master validation plans.
• 12:20 - Applicable vs. Non-Applicable Clauses: Sterilization/Cleanliness vs. Installation.
• 13:55 - Clause 4.2.3 (Medical Device File) for SaMD: E-labels, UDI, System Architecture, and SBoM.
• 16:30 - Cybersecurity controls and the manufacturer's responsibility for identifying state-of-the-art standards.
• 17:35 - Defining "Production" for continuously updating software and managing significant vs. non-significant changes.
• 20:15 - Clash of Standards: Agile development, ISO 13485, and the missing documentation for version control risk assessment.
• 21:30 - Clause 6.3 & 6.4 (Resource & Work Environment): Looking at data security, access controls, and contamination (malware/ransomware).
• 24:45 - Clause 7.3.8 (Design Transfer to Production): The need for a formal software release package and the importance of the Software Design Trace Matrix.
• 26:00 - The 16 essential documents needed to meet IEC 62304 requirements.
• 27:10 - Production controls when the user influences the outcome (customizable features,...