The medical device industry has long relied on auditing standards designed for physical products, devices with packaging, sterilization processes, and tangible labels. But as software becomes increasingly central to healthcare, from diagnostic tools to digital therapeutics, the industry often strains under a system that was never built to govern software. As Rob Packard, founder of Medical Device Academy, explains, "Software is different in one fundamental way from everything else in the medical device industry. It's virtual. So how do you audit something that doesn't physically exist?"
Despite revisions in 2016, Packard notes that the existing international standards for quality management systems of medical devices reflect a framework conceived for hardware. He argues that the model is fundamentally misaligned with the realities of software development. "We're in 2025 but we're still using project management tools from 1910," he says. "This is antiquated. It doesn't work. We need something new, specifically for software, because software is virtual."
The mismatch becomes more apparent in practice. Traditional audits can often involve teams sitting in conference rooms for days, with binders or projected documents. Yet even in cases where the product is entirely digital, auditors are still expected to perform audits as if it were a physical device.
"An auditor is told, well, you need to audit the incoming inspection. But, an inspection of what? How do you inspect a service?" Packard asks. "It makes no sense."
He points out that developers themselves aren't often aware of where to "place" instructions or labels because the framework assumes they are attaching something to a box. The language of the standards, replacing "product" with "product and service" and inserting "software" a mere handful of times, can fall far short of what is needed when half the industry now revolves around software.
"Medical device software developers use the V-Diagram model which ignores the need to freeze the development process for regulatory review and approval," Packard explains. "What is missing is a quality system standard dedicated to software." He calls for a hybrid project management approach, one that draws from both traditional device design and agile software methodologies.
Current standards provide guidance on physical product safety, usability, and risk management, but cybersecurity and resilience, critical issues for software, are yet to be addressed. "We need a hybrid project management system," Packard says. "One that is a combination of traditional and agile project management. In the current landscape, that's hard to acquire."
Packard recognizes that gap. Outdated processes create inefficiencies and risks for companies and regulators alike. For Packard, the solution lies not in using old documents but in embracing the very tools that the software industry itself relies on.
He points to an open source model which allows global contributors to propose updates, with moderators ensuring quality and accuracy. "That's how we should develop a standard for software," he explains. Such an approach would make standards transparent, accessible, and adaptable to rapid technological change. It would allow experts worldwide to contribute in real time rather than requiring lengthy, costly meetings where debates stall over minor edits.
Packard is clear about what he believes will not work: traditional, paper-bound, copyrighted standards reviewed by committees that still insist on in-person sessions. "We're not going to get any groundbreaking revolution from people sitting around a room nitpicking on every word," he says. "We need to be using the right tools."
The call to action for Packard lies in the belief that regulatory systems must evolve from static, hardware-era frameworks to agile, collaborative models that reflect the virtual nature of modern medical devices. And in doing so, he advocates for usability, security, and accelerated innovation in an industry where lives depend on safety and effectiveness.
Medical Device Academy has long guided startups and established companies alike through the regulatory landscape, helping a plethora of devices reach the market each year. But Packard's vision extends beyond compliance for individual firms. His leadership is pushing the industry to reimagine its foundations, urging regulators and innovators to come together to build standards that work for the digital age.
The challenge is immense, but so is the opportunity, and in the face of such a dynamic, Packard imagines a system that not only keeps pace with technological change but also ensures that healthcare innovation is safe, secure, and easy to use.
© 2025 ScienceTimes.com All rights reserved. Do not reproduce without permission. The window to the world of Science Times.
