Built It Right vs. Built the Right Thing: The Vocabulary That Shapes Medical Technology

1.0 Introduction: The Hidden Rules of Medical Technology

From a simple diagnostic test strip to a complex surgical robot, medical devices are an integral part of modern healthcare. Behind their polished exteriors lies a world of immense complexity, governed by strict rules and regulations designed to ensure one thing above all else: patient safety. For those operating within this industry, success isn't just about innovation; it's about precision in every action, decision, and word.

In the highly regulated field of medical technology, the precise meaning of a few key words is not merely an academic exercise—it is a fundamental pillar of safety, compliance, and business survival. These terms do not exist in a vacuum; they are interconnected components of a single regulatory philosophy focused on proactive safety management. Misunderstanding this core vocabulary can lead to flawed products, failed audits, and significant regulatory penalties. This article explores the most impactful and surprisingly nuanced terms from the industry's core rulebook, ISO 13485, to reveal how this hidden language shapes the devices we all rely on.

2.0 Takeaway 1: A "Medical Device" is Defined by Intent, Not Just Function

The first and most fundamental term is "medical device" itself. The official ISO 13485 definition is comprehensive, but its most critical component is that a product's classification hinges on the manufacturer's intended use. This means that software, an accessory, or even a service can be legally classified as a medical device if the manufacturer intends for it to be used for purposes such as:

• Diagnosis, prevention, monitoring, treatment, or alleviation of disease
• Alleviation of, or compensation for an injury
• Investigation, replacement, modification, or support of anatomy
• Control of conception

Critically, the definition also includes a fundamental clarifying clause: a product is a medical device only if it "does not achieve its primary intended action by pharmacological, immunological, or metabolic means." This distinction is what separates devices from drugs and biologics.

This nuance is profoundly impactful because it places the full responsibility on the manufacturer to correctly classify their product from its very inception. A common and serious audit failure is the incorrect exclusion of products that meet this definition, often because a company overlooks borderline products. An auditor's primary goal is to understand this intent.

“What is the intended use, and who defines it?”

3.0 Takeaway 2: In Medical Devices, "Risk" Means One Thing: Patient Harm

While most industries define risk broadly to include financial, operational, or market concerns, ISO 13485 defines it with a laser focus on safety. The official definition is the "combination of the probability of occurrence of harm, and the severity of that harm."

This distinction is critical because it forces a company's entire Quality Management System (QMS) to prioritize patient and user safety above all else. This isn't limited to the device's design; every decision must be viewed through the lens of potential harm. This applies to manufacturing processes, supplier controls, software, data integrity, and distribution. Disconnected or static risk management is a major nonconformity indicator for auditors, who are trained to look for how risk influences behavior across the entire organization.

• Auditors won't ask: “Do you have a risk file?”
• They will ask: “How does risk influence decisions across your QMS?”

4.0 Takeaway 3: The Critical Difference Between "Verification" and "Validation"

Verification and validation are two of the most frequently confused terms in product development, but confusing them in the medical device industry can lead to major regulatory problems. They answer two very different but equally important questions.

• Verification: "Did we build it right?" This is the process of confirming, through objective evidence, that the device meets all its specified requirements. This includes activities like inspections of components against specifications, software code reviews, and dimensional measurements.
• Validation: "Did we build the right thing?" This is the process of confirming that the device meets the user's needs for its specific intended use. This involves activities like clinical evaluations, simulated-use testing with actual users, and process validation.

The stakes of this distinction are incredibly high. A validation failure—proving you built the wrong thing for your users—is often considered a high-risk regulatory finding, while verification failures are often minor in comparison. Auditors are explicitly trained to never accept verification evidence (proof that you met your own specifications) in place of validation evidence (proof that you met the user's needs), and a common audit finding is "validation performed after release," which indicates a systemic failure in the quality process.

5.0 Conclusion: More Than Words

In the world of medical devices, specific terminology isn't just jargon—it's the operational language of safety and compliance. These words define responsibilities, shape design processes, and form the very foundation of patient safety. They are deeply interconnected: a manufacturer’s stated intended use defines a product as a medical device, which then mandates a risk management process focused on patient harm. This process, in turn, dictates the required verification and validation activities to prove the device is both built correctly and is the correct solution for its users.

This precise vocabulary guides every action, ensuring that the technology intended to heal and support life does so safely and effectively. If the language we use shapes our actions, what does this precise vocabulary tell us about the values at the heart of medical innovation?

Share This Article

Found this useful? Share it with your network: