09
Apr
1999

GE Solar Model 7000/8000 Patient Monitors

0

GE 9-April-99 Solar Model 7000/8000 Patient MonitorsJohn Welch, Jr.
Chief Executive Officer
General Electric Company
3135 Easton Turnpike
Fairfield, Connecticut 06431

Dear Mr. Welch:
We are writing to you because on March 8-12, 1999, investigators from the Food and Drug Administration (FDA) collected information from your Marquette Medical Systems, Milwaukee, WI, facility that revealed a serious regulatory problem involving the software for your Solar Model 7000/8000 Patient Monitors.
Under a United States Federal law, the Federal Food, Drug, and Cosmetic Act (Act), these products are considered to be medical devices because they are used to diagnose or treat a medical condition or to affect the structure or function of the body. Patient Monitors and their associated software are medical devices as defined by Section 201(h) of the Federal Food, Drug, and Cosmetic Act (the Act).
Our inspection found that the devices are adulterated within the meaning of Section 501(h) of the Act in that the methods used in, facilities or controls used for manufacturing, packing, storage, or installation of the medical devices are not in conformance with the Good Manufacturing Practices (GMP) requirements set forth in the Quality System Regulations for Medical Devices as prescribed by Title 21, Code of Federal Regulations (CFR), Part 820.

Our inspection found your products are in violation of the law because of:
1. Failure to establish the appropriate responsibility, authority, and interrelation of all personnel who manage, perform, and assess work affecting quality [21 CFR 820.20] in that there is no provision in your firm’s Quality Manual for the coordination of responsibilities and activities concerning the corrective and preventive action system (FDA-483 item #7).

2. Failure to establish and maintain procedures for validating the device design, and failure to assure that devices conform to defined user needs and intended uses, including testing under actual or simulated use conditions, as required by 21 CFR 820.30(g). For example:

a. The decision to not perform a hazard assessment for the software version change from 5C to 5D was not justified (FDA-483 item #1).

b. Proper installation and verification of functionality was not performed for software version 5D loaded into a Model 7000/8000 already possessing versions 5A, 5B, or 5C (FDA-483 item #3).

c. The version 5C to 5D software change was not properly validated prior to the original release of 5D (FDA-483 item #4).

d. Validation Procedure MDM 5002, Rev F, MEF 28’s and MEF 66’s for _____ “cuts” do not include proper instructions for thorough validation of software changes. After version 5D was changed, version 5D was not loaded into the Model 7000/8000 unit to assure that the essential functions would properly operate (FDA-483 item #5).

3. Failure to establish and maintain procedures for verifying the device design so that the design output conforms to the design input [21 CFR 820.30(f)] in that proper execution of version 5D software was not tested or verified for all critical modes in a Model 7000/8000 unit prior to release of version 5D (FDA-483 item #2).

About the author

Amy enjoys researching and writing about developments in medical technology and how that intersects with US law. She received her J.D. from the University of Florida Levin College of Law in 2020 and now works as a Regulatory Associate for SoftwareCPR®, a general-purpose regulatory consulting firm that is recognized globally for their expertise with standards and national regulations pertaining to medical device, mobile medical app, and HealthIT software.

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 

 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 

 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.