Tag

warningletter

Software Warning Letters

We regret to inform you that your certification is incomplete, and therefore inadequate, as submitted. Your certification states that “the computer hardware, firmware and software in my laser allow it to perform all the procedures of the PMA approved device in an identical manner. ” A certification must establish that the limitations of operation required...
Read More
Nucletron Corporation 5/21/97 Brachytherapy products b. Specific versions of Veriflex software are ordered, but no SOPs exist which require verification of the version received. Furthermore, the Purchase Order database, used to check incoming components against part numbers, lists obsolete software versions under the current part number. 3. Failure to follow complaint procedures and to maintain...
Read More
Lack of written procedures to identify quality assurance problems reported in complaints and repair requests; failure of screening repair and serice requests to identify complaints; and failure of engineering change orders to include a record of software source code changes 3. Software revisions have been made without Engineering Change Order (ECO) control, resulting in the...
Read More
Bernafon-MAICO Inc. 5/06/97 3. Software revisions have been made without Engineering Change Order (ECO) control, resulting in the distribution of audiometers with unapproved software. ECOs do not include a record of software source code changes and obsolete versions are not archived [21 CFR Part 820.100 (a)(2)]. Software source code is not controlled under the document...
Read More
LKC Technologies 5/2/97 Opthlamic Diagnostic Units b. The device history record for a UTAS E-2000 Electrodiagnostic System, serial number “0322,” failed to indicate that the “Final Test” (software virus scan) was performed.
Read More
On April 9, 1997, Mr. Mark Tseng and Mr. Emir Galevi of the United States (U.S.) Food and Drug Administration (FDA) conducted a pre-announced inspection of the computer monitor manufacturing facility, Daesun Industrial Co., Ltd., in Kyunggi-Do, South Korea. The FDA inspectors reported several serious deficiencies found in Daesun Industrial Co., Ltd.’s quality control and...
Read More
Walter Graphtek GMBH 4/29/97 Digital electroencephalography devices 1. Failure to assure that specification changes shall be subject to controls as stringent as those applied to the original device, as required by 21 CFR 820.100(a)(2). For example, there are no documented procedures for the initiation, verification, validation, approval, implementation and documentation of device hardware and software...
Read More
IRIS software program. During a Food and Drug Administration (FDA) inspection of your firm located in Frederick, Maryland, on March 23 and 26, 1997, our Investigator determined that your firm manufactures the IRIS software program used for calculating bone density, which is a device as defined by Section 201(h) of the Federal Food, Drug, and...
Read More
Institute for Radiological Image Sciences 4/23/97 Software for calculation bone density During a Food and Drug Administration (FDA) inspection of your firm located in Frederick, Maryland, on March 23 and 26, 1997, our Investigator determined that your firm manufactures the IRIS software program used for calculating bone density, which is a device as defined by...
Read More
We regret to inform you that your certification is incomplete, and therefore inadequate, as submitted. Your certification states that “the computer hardware, firmware and software in my laser allow it to perform all the procedures of the PMA approved device in an identical manner. ” A certification must establish that the limitations of operation required...
Read More
Irwin Memorial Blood Centers 3/20/97 Blood Center Please be advised that the agency’s memorandum dated April 6, 1988, entitled “Recommendations for Implementation of Computerization in Blood Establishments” indicates as a data security issue that “if key elements of the database are changed, these changes should be traceable as to the time and person making the...
Read More
Cordis Corporation 3/19/97 Stent Delivery 2. The validation of the balloon forming machines conducted from April 1995 to February 12, 1996 is inadequate due to the following: A. The Programmable Logic Controller which controls the balloon forming machine was not qualified.
Read More
Fischer Imaging Corporation 3/19/97 X-ray and mammography systems (a) At least [purged word] systems observed with in-process component and system mis-assemblies such as miswired parts; incorrect or defective printed circuit boards (PCB); missing hardware; defective computer or monitor; incorrect labeling; and defective components such as hand switches, foot switches, collimators, radiation detectors, x-ray tube, cables,...
Read More
Automated Voice Systems 3/18/97 Environmental controller 1. Failure to control written manufacturing specifications and processing controls to assure that a device conforms to its original design or any approved changes in that design [21 CFR 820.100]. For example, our investigation determined that your firm failed to ensure that all changes made to your Mastervoice ECU...
Read More
Multimedia Medical Systems 3/18/97 Therapac-Plus and Compute-Rx-Plan Software 2. Failure to have approved, dated, and signed Device Master Records for Therpac-Plus Software and related Standard Operating Procedures (SOP) 100 through 133 [21 CFR 820.181]. 3. Failure to establish written procedures for the manufacturing and processing of the finished device [21 CFR 820.160]. There is no...
Read More
Separation Technology 3/7/97 Centrifuges 4. Failure to document, review, approve, and validate changes to components, finished devices, labeling, packaging or manufacturing process specifications [21 CFR 820.100(b)(1),(2) & (3)], e.g., there is no documentation of the prior approval of the software specification change initiated 1/24/97 that was an attempt to correct the failures described above. Also,...
Read More
Medical Information Technology 3/6/97 Blood Bank Software Manufacturer c. Quality Assurance audits do not cover any quality assurance activities associated with the software customization program. 4. Failure to establish an adequate complaint handling program for the [purged text] as required by 21 CFR 820.198 in that complaints are not reviewed by a formally designated unit...
Read More
Internazionale Medico Scientifica 3/5/97 Mammography Systems The above-stated inspection revealed that these devices are adulterated under section 501(h) of the Act, in that the methods used in, and the facilities or controls used for the manufacturing, packing, storage, and installation are not in conformance with the Good Manufacturing Practice (GMP) for Medical Devices Regulations, as...
Read More
Sunquest Information Systems 3/3/97 Blood Bank Software manufacturer 1. Failure to implement and verify solutions to quality assurance problems [21 CFR 820.20(a)(3)]. For example, our investigation disclosed that representatives of your quality assurance program made recommendations to correct software defects which were not been implemented in a timely manner. Specifically, our investigation determined that some...
Read More
Synaptic Corporation 2/28/97 2. Failure to establish a Device Master Record which includes all device specifications including appropriate drawings, composition, formulation and component specifications. For example, the Master Record for the [purged text] does not include the checksum value of the software, which is used to assure that [purged text] are correctly programmed.
Read More
Diagnostic Specialties 2/10/97Microplate processor 5. Your firm failed to qualify the [purged text] microplate processing instrument, as well as, the [purged word] Control Software and the [purged text] Software, for their intended use.
Read More
Abbott Laboratories 1/31/97 Internal Complaint Handling System During the inspection, our investigator identified a serious limitation inherent in your firm’s complaint database software system. Your current database software system does not provide for the recording of multiple complaint codes for a single complaint. Consequently, some computer generated reports for management review of complaint trends may...
Read More
8. Failure to adequately validate the _____ system software used for inventory tracking of quarantined, rejected, and released materials for finished products and for release and materials transfer functions [21 CFR 211.68].
Read More
a. The reason for changes made to the CNC software programs was not documented nor signed off by a designated individual. b. When the CNC software is changed, the previous versions are overwritten or lost, thus making traceability of the software’s evolution impossible. 4. Failure to conduct processing control operations in a manner designed to...
Read More
WARN 12/05/96 Lady of the Lake Blood Bank Deviations noted included: 1) lack of proper validation of computer system software; 2) failure to establish and implement adequate computer security in allowing software vendor unrestricted modem access and not consistently documenting this access; 3) not conducting a secondary review of computer software modifications; 4) lack of...
Read More
WARN 12/03/96 Berlex Appropriate controls are not exercised over the [purged text] Software, used by Quality Control and Technical Services, to assure that changes in laboratory control records are instituted only by authorized personnel. There are no written procedures defining the appropriate use for the abort, terminate, suspend, restart, and stop functions which are accessible...
Read More
WARN 11/27/96 Stedim S.A. Failure to validate software programs by adequate and documented testing, when computers are used as part of an automated production or quality assurance system, as required by 21 CFR 820.61. For example: The previous inspection revealed that your firm had not performed any validation of the computer software which controls the...
Read More
WARN 11/14/96 Digisonics 1. Failure to establish and implement adequate quality assurance procedures that provide detailed descriptions of the procedures to be used to perform regression testing after changes to the software have occurred [21 CFR 820.100(a)(2)]. We acknowledge your response to the FDA-483 dated July 10, 1996. The information in your response is inadequate...
Read More
WARN 09/06/96 S&W MEDICO TEKNIK A/S -Patient monitoring 1. The software for the device identified as the Diascope traveller has been modified to add color to the monitor display. This is a very significant change since a new graphic controller (new hardware) had to be used in addition to a new color LCD display and...
Read More
09/09/96 NEURODYNE MEDICAL CORPORATION – Biofeedback units Product labeling for the MEDAC System/3R states, “MEDAC System 3R–is a new configuration for rehabilitation & pain management applications where more than 2 EMGs are needed. All of the stress assessment software features of the standard MEDAC along with 4 channels of surface, PPG (heart rate, pulse height,...
Read More
WARN 09/06/96 NIDEK CO., LTD. Our investigator determined that your firm manufactures sterile and non-sterile products which include ophthalmological, optometrical, semiconductor measurement equipment, and intra-ocular lense. 2. Failure to prepare and implement quality assurance procedures adequate to assure that a formally established and documented quality assurance program is performed. For example: a) The firm has...
Read More
Bennett subsidiary of Trex medical Corp. 8/15/96 (component supplier of high frequency programmable generators for use in imaging systems) 2. Validation protocols for software revisions fail to always specify test parameters such as normal input values, boundary values, out-of-range values and the expected outputs values
Read More
Soring Germany 8/9/96 ultrasonic dissection/aspiration devices 2. Failure to establish and implement specification control measures to assure that the design basis for the device is correctly translated into approved specifications, as required by 21 CFR 820.100(a)(1). For example, there is no documented software validation for the software which operates all devices manufactured by your firm....
Read More
Walter Graphtek Germany 7/1/96 EEG devices 3. Failure to perform planned and periodic audits in accordance with written procedures by appropriately trained individuals not having direct responsibility for the matters being audited, as required by 21 CFR 820.20(b). For example, the following areas were identified as having not been audited under your internal quality assurance...
Read More
GE Medical 6/16/96 X-Ray France Failure to validate software programs by adequate and documented testing, when computers are used as part of an automated production or quality assurance system, as required by 21 CFR 820.61. For example, the software control processes have not been validated to correct the most serious faults. Failure to subject any...
Read More
Somerset Medical Center Blood Bank 5/29/96 1. The validation of the Meditech Computer System is incomplete and/or inadequate for the following reasons: a. Computer documentation did not include testing procedures, system requirements, and system specifications which were specified to Somerset Medical Center. b. There is no assurance that all program changes resulting from the software...
Read More
Planmed OY 5/9/96 Finland 3. Failure to routinely calibrate measurement equipment, to establish adequate calibration procedures, and to maintain records of calibration, including the next calibration date; and failure to validate software programs by adequate and documented testing, when computers are used as part of an automated production or quality assurance system, as required by...
Read More
Cobe 4/16/96 Hemodialysis 10. Failure to have adequate checks designed and implemented to prevent inaccurate data output, input, and programming errors when automated data processing is used for manufacturing or quality assurance purposes, as required by 21 CFR 820.195. For example, the computer search process for complaints by serial number is not designed to detect...
Read More
Abaxis 4/5/96 blood analyzer 1. Failure to validate computer software programs by adequately documented testing, when computers are used as part of an automated production or quality assurance system (21 CFR 820.61). The computer programs which control the automated assembly of rotor parts, loading of reagent beads, dispensing of reagent beads into proper cuvettes, and...
Read More
Barton Carey Medical Products 4/3/96 our Investigator determined that your firm manufactures vascular and burn compression garments. These garments are devices as defined by Section 201(h) of the Federal Food, Drug and Cosmetic Act (the Act). The Inspection revealed that your devices are adulterated in that, the methods used in, or the facilities or controls...
Read More
PIE Medical Equipment 4/1/96 Netherlands ultrasound 1. Failure to maintain records documenting that production and quality assurance measurement equipment is routinely calibrated, inspected, and checked according to written procedures and to validate software programs by adequate and documented testing, when computers are used as part of an automated production or quality assurance system, as required...
Read More
Cabrini Medical Center Blood Bank 2/8/96 14. Failure to maintain written standard operating procedures for the blood bank’s computer system that include: integration of the computer into daily operations; reverting to manual operations when the system is not functioning; control of changes in hardware and software; security procedures to prevent unauthorized access; and maintenance procedures...
Read More
McGHAN Medical Corporation 2/16/96 mammary prostheses The validation of the computerized dip timer system for software version [purged word] and [purged word] fails to assure that the previous files are overwritten when the maximum number of files [purged word] is reached. This is demonstrated by the fact that there was no verification of the file...
Read More
Ionetics 1/29/96 electrolyte analyzers 1. Failure to ensure specification changes are subject to controls as stringent as those applied to the original specifications of the device [21 CFR 820.100(a)(2)]. For example, your firm failed to document and approve changes made to components and software for your electrolyte analyzers.
Read More
1 7 8 9

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 


 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 


 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.