06
Aug
2015

Mylan

0

Mylan.
Product: pharmaceutical manufacturing facility
Date: 8/6/2015

Your firm failed to exercise appropriate controls over computer or related systems to assure that only authorized personnel can change master production and control records, or other records (21 CFR 211.68(b)).

Your Siemens computer-based BMS and NVPMS do not require passwords to access the network and servers. Your contractors? access is uncontrolled. Responsibilities for system administrators are undefined.

This violation is recurrent. On September 9, 2013, we cited your firm in Warning Letter 320-13-26 for failure to exercise appropriate controls over computer or related systems

FDA District Office: CDRH

About the author

Amy enjoys researching and writing about developments in medical technology and how that intersects with US law. She received her J.D. from the University of Florida Levin College of Law in 2020 and now works as a Regulatory Associate for SoftwareCPR®, a general-purpose regulatory consulting firm that is recognized globally for their expertise with standards and national regulations pertaining to medical device, mobile medical app, and HealthIT software.

SoftwareCPR Training Courses:

IEC 62304 and other Emerging Standards Impacting Medical Device Software

Being Agile & Yet Compliant

ISO 14971 SaMD Risk Management

Software Risk Management

Medical Device Cybersecurity

Software Verification

IEC 62366 Usability Process and Documentation

Or just email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.