Medical devices have the power to improve the quality of people’s lives. They also have the power to harm the very people they are intended to help. For this reason Congress passed the Federal Food, Drug, and Cosmetic Act, which is a series of laws designed to have the government oversee the safety of devices, drugs and other products.
To explain the laws, FDA published regulations defining specific requirements that device firms had to meet to be in compliance. The FDA regulations state what firms have to do, but leave it up to the firms to decide how they accomplish the specific requirements.
In terms of documentation, Comment 13 to the Preamble to FDA’s Quality System Regulation states, “The extent of documentation necessary to meet the regulatory requirements may vary with the complexity of the design and manufacturing operations, the size of the firm, the importance of the process and the risk associated with the failure of the device…”
During my career, while working as an FDA prosecutor, at AdvaMed as counsel for health technology companies, and lately teaching good documentation practices to FDA and industry officials, I’ve come to appreciate that industry is frightened by FDA’s authority to institute criminal and civil proceedings or to embarrass them by issuing warning letters that are posted on FDA’s website.
Individuals who want to make sure that they satisfy FDA requirements want FDA to tell them not only what to do, but how to do it. FDA officials see their role as communicating the requirements and inspecting firms to see if they meet those requirements.
When firms ask FDA for advice about what to do to meet a specific requirement, FDA officials say that their role is not to be consultants to industry. At public seminars, FDA’s Quality System Expert, Kim Trautman, is known to consistently answer questions about whether a procedure or system will satisfy FDA requirements with the words, “It depends.” Firms need to create processes that are appropriate for their products and their organizations.
At the July 14-15, 2011 Medical Device Summit in Washington, DC, Kim Trautman responded to a question about software tools for CAPA. Kim said that the tool should not drive the process, but should be configured to enhance the process. See a short video of Kim’s explanation.
I couldn’t agree more with what Kim said, and I’d add that the best software vendors are the ones that leverage their experiences within the industry to identify a starting point for best practices, but allow the firm to tailor the system to the firm’s specific needs. Any vendor that says their system is the only way to do it or, worse yet, suggests that the FDA actually blessed their system/process is either untruthful or unaware of what FDA compliance actually means.
Companies make a variety of products from hospital beds to heart valves that vary in the risk they pose to patients. The quality systems that firms would need to build to meet those requirements vary accordingly.
Using a software system where “one size fits all” that is not configurable for the type of product or the size of the company will cause major problems when the software doesn’t exactly correspond with the firm’s operations. Such a system would doubtless include inappropriate fields that company officials would either ignore or complete with irrelevant information. The system might then produce reports with questionable or meaningless information that would put the effectiveness of the firm’s quality system in doubt, and could subject the firm to Form 483 observations during an FDA inspection.
If you ask an FDA official to endorse a system, or for a recommendation about which system to buy, he or she will tell you to first determine your requirements, and then implement a system that will meet those requirements.
Compliance of a software system for CAPA is primarily a result of its successful application to the specific requirements of a firm. Looking for FDA compliance as an attribute of the software is wishful thinking.