# Regulatory Affairs & Quality Management Skills - Claude Code Guidance

This guide covers the 13 production-ready RA/QM compliance skills for HealthTech/MedTech companies.

## RA/QM Skills Overview

**Strategic Leadership (2 skills):**
- regulatory-affairs-head - RA strategy, regulatory intelligence, authority relations
- quality-manager-qmr - QMS oversight, management review, quality culture

**Quality Systems (3 skills):**
- quality-manager-qms-iso13485 - ISO 13485 compliance, process management
- capa-officer - CAPA system management, root cause analysis
- quality-documentation-manager - DHF, DMR, DHR management

**Risk & Security (2 skills):**
- risk-management-specialist - ISO 14971 compliance, risk analysis
- information-security-manager-iso27001 - ISO 27001, data protection, ISMS

**Regulatory Specialists (2 skills):**
- mdr-745-specialist - EU MDR 2017/745 compliance, technical documentation
- fda-consultant-specialist - FDA 510(k), PMA, QSR compliance

**Audit & Compliance (4 skills):**
- qms-audit-expert - Internal audits, ISO 13485 certification
- isms-audit-expert - ISO 27001 audits, security assessments
- gdpr-dsgvo-expert - GDPR/DSGVO compliance, data privacy
- soc2-compliance - SOC 2 Type I/II compliance, trust service criteria, audit readiness

**Total:** 13 specialized compliance skills for medical device industry

## Compliance Frameworks

### ISO 13485 (Medical Device Quality Management)

**Managed by:** quality-manager-qms-iso13485, qms-audit-expert

**Key Areas:**
- Management responsibility
- Resource management
- Product realization
- Measurement, analysis, improvement

**Tools:**
- QMS process mapping
- Document control systems
- Change management workflows

### ISO 14971 (Medical Device Risk Management)

**Managed by:** risk-management-specialist

**Key Areas:**
- Risk analysis and evaluation
- Risk control measures
- Residual risk evaluation
- Risk management review

**Tools:**
- Risk assessment templates
- FMEA/FMECA analysis
- Risk-benefit analysis

### MDR 2017/745 (EU Medical Device Regulation)

**Managed by:** mdr-745-specialist

**Key Areas:**
- Technical documentation (Annex II, III)
- Clinical evaluation (Annex XIV)
- Post-market surveillance
- UDI (Unique Device Identification)

### FDA Regulations (US Medical Device Compliance)

**Managed by:** fda-consultant-specialist

**Key Areas:**
- 510(k) premarket notification
- PMA (Premarket Approval)
- QSR (Quality System Regulation)
- Post-market reporting

### ISO 27001 (Information Security Management)

**Managed by:** information-security-manager-iso27001, isms-audit-expert

**Key Areas:**
- ISMS establishment and maintenance
- Risk assessment and treatment
- Security controls (Annex A)
- Continuous improvement

### GDPR/DSGVO (Data Protection)

**Managed by:** gdpr-dsgvo-expert

**Key Areas:**
- Data protection impact assessment (DPIA)
- Privacy by design
- Data subject rights
- Breach notification

## Regulatory Workflows

### Workflow 1: New Medical Device Development

```
1. Risk Management (ISO 14971) → risk-management-specialist
2. QMS Process Setup (ISO 13485) → quality-manager-qms-iso13485
3. Technical Documentation (MDR) → mdr-745-specialist
4. FDA Submission → fda-consultant-specialist
5. Clinical Evaluation → regulatory-affairs-head
```

### Workflow 2: QMS Audit Preparation

```
1. Internal Audit → qms-audit-expert
2. CAPA Implementation → capa-officer
3. Document Review → quality-documentation-manager
4. Management Review → quality-manager-qmr
5. Certification Audit → qms-audit-expert
```

### Workflow 3: Data Protection Compliance

```
1. GDPR Assessment → gdpr-dsgvo-expert
2. ISMS Implementation → information-security-manager-iso27001
3. Security Audit → isms-audit-expert
4. Continuous Monitoring → information-security-manager-iso27001
```

## Integration Patterns

**RA/QM ↔ Engineering:** Regulatory requirements inform technical design decisions

**RA/QM ↔ Product:** Compliance requirements shape product features and roadmap

**RA/QM ↔ Security:** ISO 27001 aligns with security engineering practices

## Additional Resources

- **RA/QM Overview:** `README.md`
- **Complete Skills Collection:** `final-complete-skills-collection.md`
- **Start Here:** `START_HERE.md` (if exists)
- **Main Documentation:** `../CLAUDE.md`

---

**Last Updated:** November 5, 2025
**Skills Deployed:** 13/13 RA/QM skills production-ready
**Focus:** Medical device compliance (ISO 13485, MDR, FDA, ISO 27001, GDPR)