Warning Letter – Manufacturer lacks Design Control procedures

The United States Food and Drug Administration (FDA) conducted an inspection of your firm’s medical device operations at Denterprise International, Inc., 100 E. Granada Blvd. Ste. 219, Ormond Beach, Florida, from May 1, 2019 to May 6, 2019. During the inspection, an FDA investigator determined that your firm is a specifications developer, manufacturer of the FlashRay dental X-ray sensor and the MobileX, Model T-100, dental X-ray system. Under section 201(h) of the Federal Food, Drug, and Cosmetic Act (the Act), 21 U.S.C. § 32l(h), these products are devices because they are intended for use in the diagnosis of disease or other conditions or in the cure, mitigation, treatment, or prevention of disease, or to affect the structure or any function of the body.

Of particular note is finding number one which points out the absence of any procedures for design control, including SDLC.

1. Although not appearing on the Form FDA 483, failure to establish procedures for design control, as required by 21CFR820.30(a). Specifically, your firm has not established and maintained procedures to control the design of your FlashRay dental Xray sensor device to ensure specified design requirements are met. For example,

A. Procedures for design inputs have not been established, as required by 21 CFR 820.30(c), including procedures to ensure the design requirements are appropriate and address intended use of the device, including the needs of the user and patient.
B. Procedures for design outputs have not been established, as required by 21 CFR 820.30(d), including procedures containing acceptance criteria and those design outputs essential for the proper functioning of the device.
C. Procedures for design review have not been established, as required by 21 CFR 820.30(e).
D. Procedures for design verification have not been established, as required 21 CFR 820.30(f).
E. Procedures for design validation have not been established, as required by 21 CFR 820.30(g), including risk analyses to identify possible hazards associated with the design of your device in both normal and fault conditions.
F. Procedures for design transfer have not been stablished, as required by 21 CFR 820.30(h).
G. Procedures for design change have not been established, as required by 21 CFR 820.30(i).
H. Failure to establish and maintain a design history file (DHF) for each type of device, as required by 21 CFR 820.300).

The FlashRay dental X-ray sensor device is comprised of: (1) an intraoral detector which connects to a PC via a USB port ((b)(4)); and (2) an Image Management Software package ((b)(4)). Denterprise International Inc. does not have a design history file to demonstrate the device design was developed in accordance to an approved design plan and all the requirements of 21 CFR 820.30.

This deficiency was previously communicated to Denterprise International, Inc. in our Letter dated 08/08/2018 and 12/07/2018.

We have included an FDA guidance document titled, “Design Controls for Medical Device Manufacturers” to assist in your corrections. We request that you review this document and 21 CFR Part 820.30 and provide a summary of your corrections related to the design controls of these products when you feel they are complete to meet the requirements of your procedure. These will be further reviewed as part of your next inspection.

SoftwareCPR Training Courses:

Being Agile & Yet Compliant (Public)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for registration!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

3 days virtual (Zoom) with group exercises, quizzes, examples, Q&A.

Lead Instructor: Mike Russell

Next public offering: Dec 3, 4, & 5, 2024 – 12:00 pm to 5:00 pm CET

Register Now


 

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Call or email now to schedule a private, in-house class. The fall schedule is filling up!

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 


 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.