ASQ: Meeting the Compliance Challenge Perspectives from Government, Industry and Quality Professionals: April 28, 2010 Software Recalls Issues and Challenges Jeme Wallace Director Regulatory Affairs GE Healthcare Barrington, IL
Summary There are challenges in assessing software defects to determine if a recall of the product should be performed. Implementing an adequate risk assessment process is key to this decision. Crossfunctional teams assess risk and implement a recall decision. Several examples are provided for discussion of recall appropriateness. 2/
Agenda Recall Regulations US, EU, Canada Complaints Risk Assessment What s a recall? Examples 3/
Regulations - US Food and Drug Administration 21 CFR 7.40-7.59: Recall policy Recall is a voluntary action that takes place because manufacturers and distributors carry out their responsibility to protect the public health and well-being from products that present a risk of injury or gross deception or are otherwise defective. Why carry out this voluntary action? Manufacturers and distributors have a responsibility to protect the public health and well-being from products that present a risk of injury, or are otherwise defective. 21 CFR 806: Corrections and Removals Manufacturers and importers are required to make a report to FDA of any correction or removal of a medical device(s) if the correction or removal was initiated to: reduce a risk to health posed by the device remedy a violation of the act caused by the device which may present a risk to health http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfcfr/cfrsearch.cfm 4/
Regulations EU Medical Device Directives COUNCIL DIRECTIVE 93/42/EEC: Medical Device Directives Article 10: Information on incidents occurring following placing of devices on the market Member States are required to ensure that any information brought to their knowledge regarding incidents involving a medical device is recorded and evaluated for: any malfunction or deterioration in the characteristics/performance of a device any inadequacy in the labeling or the instructions for use which might lead to or might have led to the death of a patient or user or to a serious deterioration in his state of health; any technical or medical reason in relation to the characteristics or performance of a device http://eurlex.europa.eu/lexuriserv/lexuriserv.do?uri=consleg:1993l0042:20071011:en:pdf 5/
Regulations Health Canada Health Products and Food Branch Inspectorate Recall Policy POLICY-0016 Recall: any action taken by the manufacturer, importer or distributor of the device to recall or correct the device, or to notify its owners and users of its defectiveness or potential defectiveness, after becoming aware that the device: a) may be hazardous to health b) may fail to conform to any claim made by the manufacturer or importer relating to its effectiveness, benefits, performance characteristics or safety c) may not meet the requirements of the Act or the Regulations. http://www.hc-sc.gc.ca/dhp-mps/compli-conform/info-prod/drugs-drogues/pol_0016_tc-tm-eng.php 6/
Stand-Alone Software-classification: Examples United States: PACS: Class II (LLZ) Digital Image Storage Device: Class I (LMB) Electronic Medical Record: Currently unclassified Canada: PACS: Class II Digital Image Storage Device: Class I Electronic Medical Record: Class I/II EU: PACS: Class IIa Digital Image Storage Device: Class I Electronic Medical Record: Class I Class I = lowest risk Class IIa/IIb = moderate risk Class III = highest risk 7/
Product Complaints/Investigation Complaint Handling procedure Ability to capture all product issues from internal & external sources Cross-functional team: Engineering, Clinical/Medical, RA, QA, Product Surveillance assesses complaint determines if investigation is required performs Risk Assessment cross-checks the Risk Management file recommends adverse event and/or recall reporting 8/
Risk Assessment: Based on ISO 14971 Categorization of risks are chosen and justified by the product owner Severity of hazard: ex: Minor, Serious, Critical, Catastrophic Probability of occurrence (Pocc): quantitative vs qualitative (may be better for S/W) ex: Improbable, Remote, Occasional, Frequent Likelihood of harm (LOH): ex: Rare, Unlikely, Likely Outcome of risk assessment process is a risk matrix to determine the: Probability of harm (POH): LOH x Pocc = POH, then POH x Severity = final risk rating ex: Acceptable, Risk Mitigation Required, Unacceptable 9/
Risk Assessment and Recall Decision Complaint: The lab results of all the patients in the hospital with the last name of Smith are getting placed in the incorrect patient record. Severity: Critical Pocc: Frequent Likelihood: Likely Improbable Remote Occasional Frequent Reportable Recall Minor Serious A A A RMR A RMR RMR UA Critical RMR RMR UA UA Catastrophic RMR UA UA UA 10 /
Why is Software Different? Potential for Defects Device (you can see it, touch it) Software defect User error Interoperability Usability/Human factors Requirements incorrect Component tolerances inadequate. Component at EOL Component spec changes Supplier changes: specs, new Sterilization changes Manufacturing changes Stability changes Material/formulation changes Labeling changes Environment Expiration period changes Performance specs Power sources Shock/fire hazards Software Software defect User error Interoperability Usability/Human factors Requirements incorrect What others can you add? 11 /
Samples/Examples A software product named BestEver was developed and released over 5 years ago. The system requirements were heavily researched and took into account every potential workflow sequence possible the developers were confident that all bases were covered and released the product for clinical use. Workflow sequences A and B were an instant success, however user sites did not immediately utilize C and D workflows. A year ago, due to an increase in reimbursement for workflow C, a user site began utilizing it. The Complaint Handling Unit noted several complaints from this site regarding this workflow. Investigation demonstrated a software defect in workflow C. If only one user reports the issue, is this a recall? 12 /
Samples/Examples A software change was made on BestEver per a user request. The development team completed testing and sent it to the requesting site for acceptance testing. One user at the site follows a specific workflow sequence and likes the change. Another user at the same site follows a different workflow sequence. He does not like the change and detects a S/W defect based on his workflow. Is it desirable to make this change since it uncovered a defect?? Is it a recall? 13 /
Samples/Examples Every year the developers of BestEver software test and release an upgrade so that the product continues to be the best ever. User sites are encouraged to install each upgrade and are offered a free stuffed bear when the upgrade is complete. One site decides they have enough stuffed bears for everyone and refuses an upgrade. About 6 months later, the user site detects a defect in their existing software and files a complaint. After investigation by the development team, an adverse event report is filed with the regulatory agency. Is this a software recall? 14 /
Samples/Examples The developers of BestEver know that their software can work with other software packages. They even state in the labeling that it is compatible with any other software that uses the commonly used Special Connecting software. A user site decides to connect BestEver software to EvenBetter software using Special Connecting. One day routine upgrades are installed and the system is re-booted. BestEver doesn t work as it did before and a complaint is filed with the developers of BestEver. Investigation into the complaint determines that, while no upgrades were made to BestEver, an upgrade was made on EvenBetter. The changes caused a latent defect in BestEver to become apparent. Is it a recall? 15 /
Conclusion In spite of the complexities of software and making decisions on recalls, it s an exciting time to be in this field Changing regulations globally Increase in technology rapidly advancing Great potential to help the public health 16 /
Thank you 17 /