02
Feb
2019

Learning from FDA Safety Communications

,
, , ,
0

FDA issued a Safety Communication on January 31, 2019, (see Safety Communication Link) warning of the risk of air being introduced in a blood vessel (air-in-line) and air embolism for infusion pumps, fluid warmers, rapid infusers, and accessory devices.  This communication is directed toward users (both clinical and service personnel) and patients.  However, what can system architects, system engineers, software engineers and developers, verification and validation specialists, quality assurance and other product development staff learn from these communications?  We also post recalls and warning letters that involve software on this site … why?  So we all can learn from it and consider safety and risk as we design product updates and next generation products.

When this safety communication posted, I reached out to one of our expert affiliates, Stan Hamilton, to see how he analyzes a published safety communication such as this to consider software implications:

“First, I would consider the relationship between software hazard causes and controls, and usability  causes and controls.  Are there designed-in risk controls included in the device software to help prevent users from setting the air detection sensitivity to inappropriate levels for the patient or procedure they are performing?  We would call this a “software risk control for a usability cause.”

 

It is common for a software subsystem to perform the actual air detection, separate from the user interface processor.  What if the value programmed by the user is not accurately communicated to the sub system actually doing the air detection?  Can the software facilitate a user risk control, such as requiring a complete loop confirmation of the value being used and reporting that back to the user to verify?  We would call this a “risk control involving the user for a software cause.”

 

The risk scenarios implied in the safety notice clearly involve multiple points where users are involved, and possibly different users, as well as different software units and functions that can ultimately affect proper air detection.  We can certainly see how that working through software risk analysis or usability risk analysis in isolation would not be helpful for understanding these interactions, and this should encourage us to do a thorough analysis with all these factors considered holistically.  Fault trees, or maybe we should say “cause trees”, that consider more than just hardware faults or generalized software faults can be great tools to work this out, when usability causes and risk controls are integrated into the analysis.”
To be successful at medical device and HealthIT product development, we must be cognizant of “real world” use.  There are many way to learn this … studying safety communications and recalls from FDA is certainly one VERY good way to learn.
About the author

Partner and General Manager, Brian Pate is ISO 1385:2016 Lead Auditor certified for Medical Device Quality Management Systems (MD), and ISO 19011:2018 Management Systems Auditing (AU) and Leading Management Systems Audit Teams (TL). Brian started his medical device career in anesthesia clinical research in 1985 and has since worked both academia and industry including many years with Johnson & Johnson, Baxter Healthcare, and GE Medical. Brian’s roles have included software engineering, systems engineering, quality assurance, and regulatory affairs. Brian has served on multiple AAMI TIR working groups, including TIR32-2008 (Application of ISO 14971 Risk Management to Software; now IEC 80002-1) and TIR45-2012 (Guidance on the use of Agile practices in the development of medical device software) and served as a reviewer for the 2nd edition of TIR45. Brian serves on the AAMI Software Committee and as an AAMI instructor for the software, design controls, and agile methods courses. Brian also is a member of the Underwriters’ Laboratories (UL) Standards Technical Panel for UL1998 (Software in Programmable Components) and or UL5500 (Remote Software Updates).

SoftwareCPR Training Courses

ISO13485:2016 ISO 13485 Internal Audit(or) Training Course (Live, 3-day)

IEC 62304 and other Emerging Standards Impacting Medical Device Software (Live, 3-day)

Being Agile & Yet CompliantISO 14971 SaMD Risk Management

Software Risk Management

Medical Device Cybersecurity

Software Verification

IEC 62366 Usability Process and Documentation

Or just email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.