{"id":103776,"date":"2025-09-15T16:44:57","date_gmt":"2025-09-15T13:44:57","guid":{"rendered":"https:\/\/onlinestandart.com\/?p=103776"},"modified":"2025-09-15T16:44:57","modified_gmt":"2025-09-15T13:44:57","slug":"medical-devices-healthcare","status":"publish","type":"post","link":"https:\/\/onlinestandart.com\/en\/medical-devices-healthcare\/","title":{"rendered":"Medical Devices &#038; Healthcare"},"content":{"rendered":"\n<h2 class=\"wp-block-heading\">Key standards<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>IEC\u202f60601 (medical electrical equipment safety), ISO\u202f13485 (quality management), ISO\u202f14971 (risk management), 21\u202fCFR\u202f820 (U.S. FDA Quality System Regulation).<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Documented issues<\/h2>\n\n\n\n<p>An FDA warning letter to Becton, Dickinson and Company noted the firm <strong>failed to establish procedures<\/strong> for corrective and preventive action (CAPA) under 21&nbsp;CFR&nbsp;820.100. Inspectors found <strong>544 open tickets for software defects<\/strong> (including cybersecurity vulnerabilities) and <strong>256 open server software issues<\/strong>, showing inadequate control of CAPA process. <a href=\"https:\/\/www.fda.gov\/inspections-compliance-enforcement-and-criminal-investigations\/warning-letters\/becton-dickinson-and-companycarefusion-303-inc-691601-11222024#:~:text=1,100%28a\" target=\"_blank\" rel=\"noopener\">fda.gov<\/a>.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Typical challenges<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Medical device manufacturers often lack robust CAPA processes for software defects.<\/li>\n\n\n\n<li>Quality management systems may not integrate risk management (ISO\u202f14971) and design controls (IEC\u202f60601).<\/li>\n\n\n\n<li>Cybersecurity vulnerabilities are not tracked as part of CAPA.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Best Practice playbook<\/h2>\n\n\n\n<ol start=\"1\" class=\"wp-block-list\">\n<li><strong>Implement CAPA procedures<\/strong> that capture, analyse, and correct defects; verify actions and trend recurring issues. <a href=\"https:\/\/www.fda.gov\/inspections-compliance-enforcement-and-criminal-investigations\/warning-letters\/becton-dickinson-and-companycarefusion-303-inc-691601-11222024#:~:text=1,100%28a\" target=\"_blank\" rel=\"noreferrer noopener\">fda.gov<\/a>.<\/li>\n\n\n\n<li><strong>Integrate risk management<\/strong> (ISO\u202f14971) and design controls (IEC\u202f60601) into the quality system; document hazard analyses and mitigations.<\/li>\n\n\n\n<li><strong>Track cybersecurity vulnerabilities<\/strong> as nonconformities; include them in CAPA and risk management.<\/li>\n\n\n\n<li><strong>Conduct regular management reviews<\/strong> of open CAPA tickets to ensure closure and effectiveness.<\/li>\n\n\n\n<li><strong>Audit suppliers and software developers<\/strong> for compliance with ISO\u202f13485 and FDA regulations.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\">References<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>FDA warning letter describing BD\u2019s failure to implement CAPA and large number of open software defect tickets. <a href=\"https:\/\/www.fda.gov\/inspections-compliance-enforcement-and-criminal-investigations\/warning-letters\/becton-dickinson-and-companycarefusion-303-inc-691601-11222024#:~:text=1,100%28a\" target=\"_blank\" rel=\"noreferrer noopener\">fda.gov<\/a>.<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Key standards Documented issues An FDA warning letter to Becton, Dickinson and Company noted the firm failed to establish procedures for corrective and preventive action (CAPA) under 21&nbsp;CFR&nbsp;820.100. Inspectors found 544 open tickets for software&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_blocks_custom_css":"","_kad_blocks_head_custom_js":"","_kad_blocks_body_custom_js":"","_kad_blocks_footer_custom_js":"","_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"_kad_post_classname":"","footnotes":""},"categories":[166],"tags":[],"class_list":["post-103776","post","type-post","status-publish","format-standard","hentry","category-case-studies"],"taxonomy_info":{"category":[{"value":166,"label":"Case Studies"}]},"featured_image_src_large":false,"author_info":{"display_name":"Online Standart","author_link":"https:\/\/onlinestandart.com\/en\/author\/online-standart\/"},"comment_info":0,"category_info":[{"term_id":166,"name":"Case Studies","slug":"case-studies","term_group":0,"term_taxonomy_id":166,"taxonomy":"category","description":"","parent":0,"count":16,"filter":"raw","cat_ID":166,"category_count":16,"category_description":"","cat_name":"Case Studies","category_nicename":"case-studies","category_parent":0}],"tag_info":false,"_links":{"self":[{"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/posts\/103776","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/comments?post=103776"}],"version-history":[{"count":0,"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/posts\/103776\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/media?parent=103776"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/categories?post=103776"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlinestandart.com\/en\/wp-json\/wp\/v2\/tags?post=103776"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}