Agile development and regulatory compliance? Many medical device developers believe that the methodology is incompatible with the needs of highly-regulated product development. However, there are plenty of agile practices well-suited for such environments. Used the right way, they can even accelerate compliance efforts.
Innovative ways of working can often seem at odds with achieving regulatory compliance. Despite the promise of an edge in an increasingly competitive market, some medical device developers are wary of trying Agile. Why? Because medical device development must pay attention to regulatory compliance. This is in contrast to the areas where agile methods have emerged. They focus more on functional aspects, while regulatory compliance often involves nonfunctional requirements and process requirements like risk management procedures. When you combine this with the constantly changing requirements and decentralized development that characterize Agile development, it’s no wonder MedTech developers feel that Agile practices don’t fulfill the demands of their line of work.
That being said, software in and as a medical device is becoming more and more important, presenting limitless new opportunities to developers while also highlighting key challenges in the MedTech sphere. Between stringent regulatory compliance requirements, the struggle of combined hardware/software development, and the increasingly important role of software, is why MedTech companies all around the world are reimagining medical device development. Despite common industry concerns outlined above, Agile is in fact a reliable and proven way to help with that.
Unlike other working methodologies, the Agile Manifesto is not a prescriptive framework that lays out the perfect way to implement and use it. In other words, there isn’t one single way to ‘become Agile’.
Everything in Agile is rooted in providing as much value to consumers as possible, in the most efficient way possible. Familiarize yourself with the basic principles of Agile that you beginning your Agile journey.
The best suited Agile method for your organization will depend on a few factors such as organization size, team types, company culture. Choose from common proven frameworks such as Scrum, Kanban, LeSS, SAFe® and several others.
Since Agile is an umbrella term that refers to several agile methodologies, there is no single way to go about implementing them in your organization. Feel free to explore the variety of frameworks and come up with a combination of processes and best practices that best suit the needs of your project, team, or organization
There are a ton of Agile methods and they all come with recommended implementation approaches. Some may suggest a top-down or bottom-up rollout, and others recommend starting small and spreading incrementally as you go along.
Before your organization starts on its journey to Agile, it’s important to get the fundamentals right. You’ll need to carefully plan processes to align Agile with MedTech regulatory requirements. You might want to consider taking a hybrid approach to ease into Agile and control any risks related to this change. Finally, you’ll also need to build Agile GMS to ensure product quality in your new, high-velocity environment.
Once you have the basics figured out, the following best practices help make sure your Agile transition is successful:
The Definition of Done, or DoD as it’s commonly referred to, refers to a set of criteria that need to be fulfilled for each work item in an Agile project. It is particularly characteristic of an Agile methodology known as Scrum. Think of it as a checklist with a set of boxes that need ticking before you can label a task as done. In order for a piece of work to be included in an iteration’s product release, it needs to meet those listed conditions. Having a well-established DoD is also excellent for representing and ensuring the achievement of regulatory compliance requirements in Agile projects.
How to implement it? The Definition of Done needs to be an agreement between the product owner and developers, with buy-in from the whole team. In a situation with multiple teams, they must collaborate to establish the product’s Definition of Done to reflect organization-wide quality standards and make sure everyone’s on the same page. The DoD can be implemented and visualized using written lists, central online documentation, backlog checklists, or by using separate tasks in an interaction backlog.
Traceability across the chain of work items is a crucial requirement of being able to demonstrate that you have achieved regulatory compliance in a product. Instead of predefined work instructions, requirements tracing clearly connects the path between work products and results to demonstrate compliance. This is done by displaying the relationships between software artifacts and the overall product development lifecycle.
To give you an example, trace links can start with functional requirements to represent the demands of a legal regulation like EU regulation 2017/745, then connect to their implementations and test cases to document their status. This way it is easy to see how the product, or different parts of it, satisfy certain regulatory demands.
The most important thing to remember when tracing requirements using Agile is:
Too many projects still address regulatory compliance late in the development lifecycle. It’s often the case that most, if not all compliance activities are undertaken after finishing product development. Leaving it all to the end can cause untimely delays, unnecessary rework of what is supposed to be a finished product, and inevitably hikes up those pesky project costs.
Agile development encourages incremental compliance, giving you the opportunity to check in on compliance management efforts throughout the development lifecycle, instead of just at the end. This has a huge effect on your team’s productivity. The more you integrate compliance, the faster and more efficiently the team can go about their development activities.
To achieve incremental, and eventually, continuous compliance with agile:
Download the full white paper to read more about the above best practices. Click the Download PDF button on the top right of the page.
There are a whole host of other Agile practices worth exploring to see how you can mix and match them to your advantage. Choose practices that help establish regulatory compliance in Agile product development such as:
Unlock the full white paper to read more about these additional practices to consider in your development efforts. Click the Download PDF button on the top right of the page.
Collaborating with other Agile teams, targeting low-hanging fruits, and continuously improving as you go along by conducting retros for example are reliable ways to get started. You can also use hybrid development methods to leverage Agile benefits without fully divorcing the way your organization already works. Established Agile practices not only comply with healthcare regulations but can actually help you optimize the process of complying with them for increased speed, efficiency, productivity, and stakeholder satisfaction across the board.
PTC’s Codebeamer can help you transition to Agile processes and bring quality MedTech products to the market quickly and at optimal cost. Explore how Codebeamer’s templates for frameworks like SAFe®, Scrum, or Agile-Waterfall Hybrid help you tailor and adopt agile practices with minimal effort. Leverage MedTech templates with baked-in domain knowledge to simplify adherence to the requirements of ISO 13485, EU MDR, FDA Title 21 CFR, and more.