10
Sep
2024

Warning Letter: Medical Device Reporting and Quality System Regulation

,
0

WARNING LETTER

Micro-X Ltd. was issued a warning letter from the FDA. Excerpts from a warning letter of interest to software professionals:

CMS# 692084

Micro-X Ltd..

6 MAB Eastern Promenade, Unit 14Tonsley SA 5042Australia

Dates:  May 20, 2024, through May 23, 2024

Inspection Issue(s):

The report states, “This inspection revealed that these devices are adulterated within the meaning of section 501(h) of the Act, 21 U.S.C. § 351(h), in that the methods used in, or the facilities or controls used for, their manufacture, packing, storage, or installation are not in conformity with the current good manufacturing practice requirements of the Quality System regulation found at Title 21, Code of Federal Regulations (CFR), Part 820.”

These violations include, but are not limited to, the following:

  • “Failure to adequately establish and maintain procedures for the identification, documentation, validation or where appropriate verification, review, and approval of design changes before their implementation, as required by 21 CFR 820.30(i).  Specifically, your Design Change Control procedure, SOP002, and Design Change Management – Medical Devices, WI002A, address the processing of design changes, the former document requiring a determination of all actions for a design change, including validation and verification. However, multiple design changes were instead processed using Manufacturing Deviation, SOP025-5.1, intended for temporary deviations from manufacturing procedures.”
  • “Failure to establish and maintain procedures for validating the device design, as required by 21 CFR 820.30(g). Specifically, your firm failed to validate the use and integration of the (b)(4) software and (b)(4) panels used in the Micro-X Rover Mobile X-ray System MXU-RV71. Your firm failed to document justification for the decision not to validate.”
  • “Failure to adequately establish and maintain procedures for implementing corrective and preventive action (CAPA), as required by 21 CFR 820.100(a). Specifically, Quality Event and CAPA procedure, SOP006, fails to require that appropriate statistical methodology be employed where necessary to detect recurring quality problems, in order to identify existing and potential causes of nonconforming product.”

Finally, you should know that this letter is not intended to be an all-inclusive list of the violations at your firm’s facility. It is your firm’s responsibility to ensure compliance with applicable laws and regulations administered by FDA. The specific violations noted in this letter and in the Inspectional Observations, FDA 483, issued at the close of the inspection may be symptomatic of serious problems in your firm’s manufacturing and quality management systems. Your firm should investigate and determine the causes of any violations and take prompt actions to address any violations and bring the products into compliance.

For more information, see the link below:

Micro-X Ltd. – 692084 – 09/10/2024 | FDA

 

About the author

Allison joined SoftwareCPR in 2022, bringing along over ten years of passion for building teamwork and growth in organizations. This is established in part by the greatest University the South has to offer- Mississippi State.

SoftwareCPR Training Courses:

Being Agile & Yet Compliant (Public)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for registration!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

3 days virtual (Zoom) with group exercises, quizzes, examples, Q&A.

Lead Instructor: Mike Russell

Next public offering: Dec 3, 4, & 5, 2024 – 12:00 pm to 5:00 pm CET

Register Now

 

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Call or email now to schedule a private, in-house class. The fall schedule is filling up!

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 

 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.