Request A Demo!

Case Study: Cutera – Slashes Time Spent on Governance, Risk Management and Compliance (GRC)

Case Study: Cutera – Slashes Time Spent on Governance, Risk Management and Compliance (GRC)

Cutera Slashes Time Spent on Governance, Risk Management and Compliance (GRC) by More Than 80%

We wanted a cost-effective solution that was easy to operate yet flexible.” – Hemant Buch, Cutera QA Manager


  • Increasingly inefficient paper-based GRC system unable to scale for additional needs evolving from growth and expansion
  • Maintained both paper and online sets of records to comply with ISO 13485 and FDA Title 21 CFR Part 820
  • Cumbersome CAPA and supplier CAPA processes
  • Lack of closed-loop controls and follow-up resulted in documentation errors during audits
  • Company size too small despite global reach to accommodate elaborate or costly solution

Solution Results:

  • Reduced 10 hours of weekly administrative paperwork to 1-2 hours
  • Raised employee training results from 80% to 97%
  • Increased efficiency of Cutera’s Quality system maintenance personnel by more than 50%
  • Since solution implementation, zero non-conformities related to Quality system records

# Power Users:


# Assessment Responder Users:


# Third-Party Supplier Users:

40 (though expandable to unlimited supplier contacts)

Aruvio subscription package selected:

Professional (with additional 10 Power Users for reporting)

Implementation completed:

May 2013

About Cutera, Inc.:

Brisbane, California-based Cutera is a leading provider of laser, light and other energy-based aesthetic systems for practitioners worldwide. Since 1998, Cutera has been developing innovative, easy-to-use products that enable physicians and other qualified practitioners to offer safe and effective aesthetic treatments to their patients. For more information, call 1-888-4CUTERA or visit


For more than 15 years, Cutera has been developing high-performing, state-of-the-art devices that medical aesthetic professionals use for applying face & body treatments on their patients.

Cutera had been managing GRC using an increasingly inefficient paper-based system. Furthermore, the company must adhere to strict rules and requirements including both the International Organization of Standardization (ISO) 13485 and United States Food and Drug Administration (FDA) Title 21 CFR Part 820 Quality System Regulation. ISO 13485 requires validation of a properly maintained quality system for medical device design, manufacturing and certification; FDA Title 21 CFR Part 820 requires all finished medical devices to be safe, effective and compliant with the Federal Food, Drug, and Cosmetic Act. Thus, the company’s paper-based GRC system inevitably took more time, labor and cost than desired to process internal ISO 13485 and FDA Title 21 CFR Part 820 compliance controls such as audits and software documentation proofs.

Cutera’s GRC of third-party relationships was also becoming more burdensome. The company works closely with more than 50 suppliers and 50 partners to deploy industry-first laser-based products for removing skin discoloration, unwanted tattoos and more. These suppliers and partners, integrated into Cutera’s Corrective and Preventive Action (CAPA) system and processes, were e-mailed a form to complete and return detailing root cause and corresponding corrective action when lapses or errors occurred. The resulting back-and-forth communication often proved difficult for Cutera when attempting to validate third-party compliance in a timely, organized manner.

Though a global company with several offices worldwide, Cutera was still small enough with little more than 200 employees that it could afford neither an elaborate nor a costly solution.


Cutera’s Quality & Compliance Group initiated a search to replace its paper-based GRC system with a scalable, cloud-based GRC system automated and optimized for both conveying industry regulations – particularly ISO standards and FDA requirements – and validating internal and third-party compliance. Hemant Buch, QA Manager for Cutera, heard about Aruvio through word-of-mouth. According to Hemant, “We wanted a cost-effective solution that was easy to operate yet flexible enough for adding and modifying modules that are relevant to our particular compliance needs.”

The Quality & Compliance Group selected four competitive solutions along with Aruvio to evaluate. All four GRC software providers presented product demonstrations, though Aruvio’s demonstration impressed the selection team the most; in addition, Aruvio was the only provider willing to invest in new capabilities or, which other providers considered prohibitive from a budgetary standpoint, customize its current capabilities to help Cutera exceed its GRC goals. Lastly, during the selection process, the company was prompt and responsive to any and all questions and requests. The Quality & Compliance Group chose Aruvio to serve Cutera as it clearly provided the optimal GRC solution given resource and budgetary constraints.

Once selected, Aruvio created an implementation schedule. When the schedule and budget were agreed upon and finalized, Aruvio enabled their GRC solution to meet all of Cutera’s product requirements. During implementation, Aruvio migrated the company’s paper-based historical data into the solution’s single, cloud-based repository for regulatory reference.


Aruvio achieved all of Cutera’s project goals and objectives. Even better, time and cost actuals for planning and implementation were achieved lower than budgeted. The solution was so intuitive and easy to use that providing additional instruction of company employees for operating it proved unnecessary.

The automated, cloud-based Aruvio solution significantly improved storage and retrieval of Cutera’s formerly paper-based historical data. The effect on efficiency was stunning: by Hemant’s calculation, using its automated follow-up and single documentation system reduced ten hours of weekly administrative paperwork to merely one to two hours. Now it was incredibly quicker and easier to prove compliance processes for ISO 13485, FDA Title 21 CFR Part 820 and other rules and requirements.

Aruvio deployed two GRC modules, employee training and CAPA, as Cutera required. These modules had tremendous impact on the company. Hemant noted, “Aruvio’s training module stunned our executives with employee training results leaping from 80% to a phenomenal 97%, not only internally at Cutera headquarters but also with our nationwide U.S. sales force and international offices. With CAPA, our suppliers and partners can now simply give root cause and demonstrate corrective action online just by attaching the document and updating it at various stages of completion. All in all, these two modules alone have increased Cutera’s labor efficiency by more than 50%.”

What next for Cutera? Hemant stated without hesitation, “Cutera will definitely move other processes to the Aruvio solution and add corresponding modules. We can’t wait to see what compliance successes we achieve next.”

Share this post

Let Us Help Your Business

Request A Demo!