regulatory and quality system professionals | 919.313.3960
10 Things You need to know about Human Factors Validation

10 Things You need to know about Human Factors Validation

As medical devices become more complex, the FDA will continue to place greater emphasis on ways to improve safety and effectiveness before products are commercialized. One relatively recent method is Human Factors Engineering, also known as Usability Engineering, which is used to identify and mitigate use errors. Of course, this can place additional burdens on manufacturers to justify that their device has accounted for as many of these potential risks as possible. The list below, which is by no means exhaustive, is intended to point you in the right direction as you prepare for meeting FDA requirements for Human Factors Validation Testing. Human Factors should be considered throughout the design and development process, not just when you’re ready to go to market. Formative evaluations, such as focus groups and expert interviews, can and should be conducted throughout the design and development process. These studies usually consist of 5-8 people and can be conducted somewhat informally. Valuable information can be gleaned from formative evaluations, such as design improvements and identification of potential use errors that could be mitigated by making adjustments to the device interface. Additionally, the FDA and other notified bodies often want to see how your design has been influenced based on the results of these studies. Summative evaluations are the formal validation studies conducted for the final version of the device. These studies are your Human Factors Validation Testing that must follow the requirements of the FDA guidance, Applying Human Factors and Usability Engineering to Medical Devices, and the EU standard, IEC 62366-1: Medical devices – Part 1: Application of usability engineering to medical devices. These studies...

How the 21st Century Cures Act Impacts Medical Device Software

There has been a lot of discussion surrounding medical device software and how it should be regulated. Concern about software of this nature will continue to rise to the forefront of conversations because there will be an increasing number of these products in the marketplace. The 21st Century Cures Act specifically addresses which types of medical device software will be exempt from regulation. Section 3060, Clarifying Medical Software Regulation, identifies five categories of medical software that will not be regulated as medical devices by the FDA due to their potential low level of risk to patients. The software categories that may be excluded from device regulation include: Administrative & Operational Software: that provides administrative support of a healthcare facility, such as that for appointment scheduling, health benefit eligibility and processing financial records. While this software is included in the provision, it was not considered a medical device to begin with. Wellness Apps: for maintaining or encouraging a healthy lifestyle that is unrelated to the diagnosis, cure, mitigation, prevention, or treatment of a disease or condition. This is consistent with FDA’s General Wellness and Mobile Medical Applications guidance documents. Electronic Patient Record Software: provided that it is only intended to transfer, store, convert formats or display the equivalent of a medical chart. There are some caveats to this exception, however: Records must be created, stored, transferred or reviewed by healthcare professionals; Records must be part of health information technology certified under section 3001(c)(5) of the Public Health Service Act; and The software must not be intended to interpret or analyze patient data or images for the diagnosis, cure, mitigation, prevention, or...
What Happens When the FDA says, “I don’t know”

What Happens When the FDA says, “I don’t know”

The FDA is now trying to track what it’s calling “emerging safety signals.” Recently, a study found a possible link between reduced leaflet mobility in TAVRs and the incidence of stroke in the fall. When people turned to the FDA looking for insight, the agency responded with, “Limited available data do not allow us to fully characterize the causes, incidence, and short- and long-term risks of reduced valve leaflet motion, or to recommend appropriate treatment.” This basically equates to the FDA saying, “I don’t know.” The FDA has recently released a guidance, which will formalize its practice on notifying the public of situations when the agency is monitoring risks that have not yet been fully validated, and therefore, do not have FDA recommendations. Historically, the FDA has communicated important medical device post-market information after having analyzed available data and, in most cases, after having reached decision about relevant recommendations and about whether or not further regulatory action is warranted. According to the guidance, timely communication about emerging signals is intended to provide health care providers, patients, and consumers access to the most current information concerning the benefits and risks of marketed medical devices so they can make informed treatment choices based on all available information. Such communication may also reduce or limit the number of patients exposed to the potential risk while the issue is being further evaluated. Considerations for Determining FDA Public Notification will include: Seriousness of the adverse event(s) relative to the known benefits of the device Magnitude of the risk (e.g., likelihood of occurrence) Magnitude of the benefit Strength of the evidence of a causal relationship...
FDA Oversight of Laboratory Developed Tests (LDTs) is on the Horizon

FDA Oversight of Laboratory Developed Tests (LDTs) is on the Horizon

How Do Laboratory Developed Tests Impact Your Business? The Office of Public Health Strategy and Analysis recently issued a report that reviewed 20 products that relied on Laboratory Developed Tests (LDTs) to determine whether a lack of oversight may have caused actual harm to patients or not. Once, LDTs were relatively simple tests that may not have warranted regulatory compliance. However, these tests are playing an increasingly more important role in healthcare and have become significantly more complex. The concern is that these tests may present with inaccuracies that place patients at what would be considered otherwise avoidable risk. The report found that these 20 products, in fact, may have caused actual harm to patients. In some cases, patients were told they have conditions they do not really have, due to false-positive tests. This led to unnecessary distress and resulted in unneeded treatment. In other cases, the LTDs produced false-negative results, in which life-threatening diseases went undetected. These misdiagnosed patients failed to receive treatments. Additionally, some LTDs provided information with no relevance to the condition they were intended to be used for, and others were linked to treatments based on disproven scientific concepts. Not only do these situations cause harm to patients, but they are also costly to society.(1) The report found that FDA oversight of LTDs is needed to address the following: Lack of evidence supporting the clinical validity of tests Deficient adverse event reporting No premarket review of performance data Unsupported manufacturer claims Inadequate product labeling Lack of transparency Uneven playing field Threats to the scientific integrity of clinical trials No comprehensive listing of all LTDs being used...
Cybersecurity – A Real Threat to Medical Devices

Cybersecurity – A Real Threat to Medical Devices

The FDA is Taking Notice of Medical Device Cybersecurity The FDA just issued a Safety Communication on cybersecurity vulnerabilities of the Hospira Symbiq Infusion System. The Hospira Symbiq Infusion System is a computerized pump designed for the continuous delivery of general infusion therapy for a broad patient population. The pump is mostly used in hospitals, or other acute and non-acute health care facilities, such as nursing homes and outpatient care centers. This infusion system can communicate with a Hospital Information System (HIS) via a wired or wireless connection over facility network infrastructures. Unfortunately, it appears that it’s possible to access this pump remotely through a network, allowing unauthorized users to control the pump and change the dosage it delivers. This can potentially harm the patient. While it doesn’t appear that any unauthorized access occurred with this particular product, and Hospira is no longer selling this product, cybersecurity is still a real concern. It will be critical for manufacturers to implement appropriate safeguards now that more and more devices are connecting remotely to healthcare networks. In June 2013, the FDA outlined good practices to follow in Cybersecurity for Medical Devices and Hospital Networks. In this communication, the FDA recommends that medical device manufacturers and health care facilities take steps to assure that appropriate safeguards are in place to reduce the risk of failure due to cyberattack. These attacks could be initiated by the introduction of malware into the medical equipment or unauthorized access to configuration settings in medical devices and hospital networks. As products rely more heavily on networked communication, medical device cybersecurity is going to become an even greater concern....