Resources
Engineering knowledge for medical device teams. Standards explained, methodologies unpacked, and the thinking behind how MANKAIND works.
Articles
How to write medical device requirements that hold up under FDA review
EARS notation, the six quality attributes FDA reviewers apply, the five most common mistakes, and how to build traceability into requirements from the first line.
EngineeringUsing AI to write medical device requirements — what works and what doesn't
An honest assessment of what general-purpose LLMs get right, where they consistently fail in a regulated context, and what changes when AI is purpose-built for medical device development.
EngineeringFrom spreadsheet to graph — a better way to think about traceability
The traceability matrix is what you submit. Traceability is the thing you either have or don't. This guide reframes requirements traceability as a directed graph — and why that changes how you develop.
StrategyThe medtech CTO's first 90 days — a regulatory decision framework
What to decide in the first 30, 60, and 90 days: device classification, QMS architecture, tool selection, team structure — and the three patterns that cost startups 12 months.
StandardsSOUP management for SaMD teams — a practical 2025 guide
IEC 62304 requires every third-party dependency to be treated as a regulated artifact. How to build a SOUP inventory, evaluate risk per item, handle version updates, and manage ML frameworks as SOUP.
EngineeringHow to do a risk analysis for a device that uses AI or machine learning
ISO 14971 applied to AI/ML failure modes: model drift, distribution shift, dataset bias, confidence miscalibration, and how PCCP intersects with post-market risk management.
StrategyHow to build a quality system before you have a quality team
The minimum viable quality system for a pre-Series A medical device startup — what FDA design controls actually require, stripped of ceremony, and the five elements you cannot defer.
StandardsPredetermined Change Control Plans — what FDA wants and how to write one
FDA finalised PCCP guidance in December 2024. The four required components, a worked example for retraining a diagnostic AI, and what makes a PCCP defensible versus vague.
EngineeringContext engineering for regulated products: why what you feed the agent matters more than the prompt
Context engineering replaced prompt engineering as the dominant AI practitioner framing in 2025-2026. For medtech, the discipline is even more consequential — the four failure modes, context architecture for specific regulatory documents, and what good retrieval design looks like.
EngineeringWhy the reviewer agent is the most important part of your AI documentation stack
Multi-agent orchestration with self-verification is the dominant enterprise AI architecture in 2026. The reviewer-agent pattern is the production answer to LLM hallucination in regulated settings — where hallucination rates on domain-specific queries still run 15–23%.
EngineeringMCP in medtech: the protocol that lets your AI agent talk to your QMS, ERP, and CAD files
Model Context Protocol (MCP) is the architecture that lets one AI agent read your PLM, QMS, test management system, and FDA database in real time — with every access logged for audit. What it looks like in a regulated environment, including governance, version pinning, and write gates.
StrategyThe FDA is using agents to review your 510(k). Are you using agents to write it?
The FDA deployed agentic AI agency-wide in January 2026 for premarket reviews, 510(k) processing, and postmarket surveillance. What FDA's internal agents actually do, how hand-assembled submissions fail automated consistency checks, and what a submission-ready engineering record looks like.
StandardsFive months to EU AI Act enforcement: what medical device teams need to do before August 2026
EU AI Act full enforcement hits August 2, 2026. Most AI-embedded medical devices face dual conformity under both MDR and the AI Act. The six Annex IV documentation requirements, which MDR artifacts satisfy them, and the four things you cannot defer.
EngineeringRAG is winning in regulated industries. Here's the architecture that explains why.
In a regulatory submission, every technical claim needs a traceable source. RAG generates citations alongside output by design — fine-tuned models bake stale standards into weights. Corpus design, chunking strategy, hybrid retrieval, and evaluation for regulatory documentation.
StandardsIEC 62366 usability engineering — what medical device teams actually need to document
IEC 62366-1 governs the usability engineering process for medical devices. Formative vs summative evaluation, hazard-related use scenarios, the UEF, and the structural linkage to ISO 14971.
StandardsFDA medical device cybersecurity under Section 524B — what changed and what you now have to prove
Section 524B made cybersecurity binding for every cyber device. SBOM, threat modeling, post-market vulnerability management, and the distinction between security and safety risk.
StandardsISO 10993 biocompatibility — from evaluation planning to the test battery
ISO 10993 is an evaluation standard now, not a testing checklist. Contact categorization, ISO 10993-18 chemical characterization, and the shift from testing-first to biological evaluation.
StandardsMDSAP — the single audit that satisfies five regulators
One audit, five jurisdictions: FDA, Health Canada, TGA, ANVISA, PMDA. The seven-process audit model, the 5-grade scoring system, and what MDSAP does — and does not — replace.
StandardsIEC 60601 medical electrical equipment — the standards hierarchy, explained
IEC 60601-1 Edition 3.2, collateral standards, particular standards, essential performance, and the EMC immunity shift in 60601-1-2 Edition 4.1.
Guides & glossary
What is an eQMS for medical devices?
An eQMS manages CAPAs, NCRs, complaints, audits, and document control — and why it belongs on the same platform as PLM.
GuideWhat is a Design History File (DHF)?
Required by 21 CFR 820.30, a DHF captures every design decision from input through validation. Why it should generate itself, not compile at the end.
GuidePLM vs eQMS for medical devices
PLM and eQMS have been separate systems for decades. The architectural argument for unification — and what the separation actually costs.
StandardsIEC 62304 compliance for SaMD teams
Software lifecycle requirements across three safety classes. What Class A, B, C mean; how SOUP management works; and the V&V documentation cascade.
StandardsMedical device regulatory frameworks — a guide
FDA 21 CFR 820, 510(k), PMA, De Novo, EU MDR, EU IVDR, IEC 62304, IEC 60601, ISO 14971, ISO 13485 — how they interrelate for engineers.
GuideClass III medical device development & PMA
Class III devices follow the PMA pathway — the most rigorous in FDA regulation. Design controls rigor, full traceability, and V&V depth in practice.
StrategyFDA compliance automation for medical devices
FDA submissions start in design decisions, not Word documents. How engineering intelligence generates submission-ready DHF documentation automatically.
TrustMedical device data security standards
Engineering decisions are the most sensitive IP your company holds. SOC 2 Type II, ISO 27001, ISO 42001, AES-256, and zero data retention.