Home | Contact Us | Newsletter | Usersclub | Books | Audio Seminars

Labcompliance News, June 2005

June 13, 2005

Lack of Software Validation and Inadequate Supplier Management Draws FDA Warning Letter

An FDA inspection of a device manufacturer in March 2005 revealed a number of Part 820 violations that resulted in a warning letter. According to the warning letter, the company failed to validate software for a device. "Specifically, the xxx controller unit, software version xxx was changed to xxx. The change in the software allowed for adjustment in the speed of the water pump, and inverse pulsing from the A valve to the B valve when the speculum was clogged. Your firm did not have any documentation showing that the current software version was validated". Furthermore, the company was cited for failing to develop and maintain a quality requirements for suppliers, contractors and consultants and for failing to audit a contract manufacturer, The warning letter can be downloaded from the Labcompliance Usersclub. Non members can preview excerpts.

June 13, 2005

Lack of Risk Analysis Cited in FDA Warning Letter

Risk based compliance has been promoted by the FDA to optimize resources at the FDA and industry. For example, the new FDA part guidance on scope and controls states that the extent of validation should be based on a justified and documented risk assessment and the Part 820 requires spells out the requirement for risk assessment. The FDA seems to begin to look into risk assessment for computer systems. This became obvious in an inspection for compliance with 21 CFR 820 from Dec 7-21, 2004 which resulted in a warning letter. According to the warning letter, the company failed to "Establish and maintain adequate procedures for validating the device design to ensure that the device conforms to user needs and intended uses and include risk analysis, as required by 21 CFR 820.30(g) (FDA 483, Item 151. For example, a formal risk analysis of the original system design and software changes to correct software bugs that caused incorrect functionality or performance problems, and to enhance the product, has not been documented. Although your software release notes briefly describe the nature of unresolved software bugs in a particular software version, they do not explain the impact of these software bugs on user needs and intended uses". Furthermore, the company was cited for insufficient documentation of installation, for missing procedures for finished device acceptance, and for inadequate inspections, The warning letter can be downloaded from the Labcompliance Usersclub. Non members can preview excerpts. To learn about risk based validation of computer systems and other part 11 requirements, click here.



June 13, 2005

 

New FDA Warning Letter with Part 11 Issues

After there has been silence in FDA Warning Letters about part 11 for more than two years it seems that the FDA is taking this serious again. in the April Newsletter Labcompliance had already reported about a 483 inspectional observation with deviations related to electronic records. Now the FDA has published a warning letter where part 11 is spelled out directly without making reference to a predicate rule. the system under inspection was an electronic medical record (EMR) system to maintain medical and other clinical data for your patients, including study subjects. The warning letter stated that "Title 21, Code of Federal Regulations, Part 11, "Electronic Records; Electronic Signatures" outlines specific requirements that must be met for any system that is being used to maintain required records". The FDA asked the company to submit documentation for validation of the EMR system to ensure accuracy, reliability, and the ability to detect invalid or altered records, - documentation of the ability to generate accurate and complete copies of records suitable for inspection, review, and copying by the agency, and- documentation of a secure, computer-generated, time-stamped audit trail that can independently record the date and time of operator entries and actions that create, modify, or delete electronic records, and to verify that record changes do not obscure previously recorded. information. The warning letter can be downloaded from the Labcompliance Usersclub. Non members can preview excerpts.