Do you dread performing and documenting a product analysis from a field issue? Do you know where all the information you need resides, or do you spend time finding it (or filling out forms to get access)? Why is the information not readily available and searchable, like Google? Why are these tasks needlessly difficult?
After decades in the medical device industry, I’ve discovered the root cause: poorly designed business systems (particularly the Quality System).
Your Quality System was designed to meet the regulatory requirements, based on someone’s experience or concept for how those requirements must be met. However, thousands of ways to be compliant exist. All Quality Systems are built over time from the input of various consultants and experts to solve specific problems or requirements. Issues found during a FDA inspections, internal audits or new European regulations probably drove changes to processes and associated tools. Did your company chose a software package based on the persuasiveness of the salesperson versus meeting the functional requirements? Did you then discover that the cost to customize, configure and implement was high? Did your legal group tell you to lock information down to protect intellectual property?
Whatever the reason, it takes you weeks to solve problems that should only take hours, because your Quality System was designed piecemeal. The solution is to architect all your processes to work for all the users. Think of it this way. When you move into a new building, do you have the building contractor determine the layout? Or maybe the carpenter? Or worse yet—the security guards! All these people have legitimate needs for how the building will work, but none of them are architects looking at the whole picture. When the Quality group (or Legal, or Finance) designs business processes to be compliant, they usually focus on the requirements and not how users across the company need to do their work. I often see “penny wise and pound foolish” decisions about software tools; in order to save money, few user licenses were purchased. Then you have silos of information, and people breaking procedures to store and maintain information outside of the limited-access system, in order to make their tasks easier.
But wait, don’t the ISO 13485 and the FDA regulations tell us how to design our Quality System? Let me be perfectly adamant: this idea is 100 percent WRONG. Laws and regulations only provide you with requirements, not design. They are like building codes that just tell an architect to design a building to withstand the weather or prevent the rapid spread of fire. Do you have an architect in your company designing all of the business processes? I am including everything from manufacturing, design, IT, finance, legal, health and safety to corporate governance. Does your company have a current blueprint for your business, and is there a plan for the future structure? Does it include all of your “utilities” such as your information architecture, tool architecture, business process interactions and where your master datasets are stored?
If a company-wide effort to properly design business processes and information to serve the people doing the work sounds too monumental to tackle, know that you do not have to start from scratch. Until recently, no “best practice” architecture for medical device companies existed prior to the publication of Consiliso: The Blueprint for Integrating Business Processes in Medical Device Companies.
After 30 years in this industry, I’ve become known as someone who can work with start-ups or established companies to not only fix their Quality Systems, but ensure that all aspects of the business integrate properly. However, I wanted to share this information as widely as possible, so I invented the concept of Consiliso (the unity of processes and information throughout an organization). Consiliso tells you “how to architect” over fifty business processes and their associated interactions across fourteen business systems (the Quality System is just one of the fourteen). Consiliso provides the concepts, templates and lists of all the applicable laws, regulation, guidance documents and standards needed by any medical device company.
Essentially, Consiliso is a DIY model that any company can implement, from a startup to an international conglomerate. But in order to implement Consiliso, you need to have an open information architecture where everyone can see all information, unless it is specifically restricted. In my experience, most reasons for restricting information from employees are based on misunderstandings of compliance rules or a false assessment of the risk of “too much” openness. Of course, there are areas (employee records, patient data, in-process patents, etc.) that people don’t need in order to do their jobs.
Consiliso requires upending the “this information belongs to my department” kind of thinking…you need to ask yourself instead “What’s the worst that could happen if most employees can find and see this information?”
To adopt Consiliso, you map your current policies and procedures into the Consiliso process architecture; you then see the gaps in your information flow and process oversight. You will also need to give up on preconceived, antiquated notions of compliance “musts” such as the need to have a backroom for an audit, a signature on training record or the ability to hide old document versions. If you want your company to grow and become best-in-class for the types of products you make, it’s time to stop fighting your business systems. Start designing them to work for you, leveraging an open architecture across your company’s processes. Then, when it’s time to do a product analysis, your system will work more like Google.