Hacker News new | ask | show | jobs
by lostlogin 4366 days ago
Thanks - this has been in the back of my mind and is a reason I'm trying to be patient. A 2 line message saying what was happening would remove my frustration. Usually I get a corporate speak reply with a suggestion it is my fault though. What does the FDA code review do? If it isn't catching bugs that take the scanner offline for hours at a time, what is the point?
2 comments
kohanz 4366 days ago
I've worked on several FDA-regulated products and have never had the FDA review my code. I would guess this only happens in extenuating circumstances. The FDA does not have the resources to do this for most products out there.

We are required, however, to review our own code and maintain records of those reviews.

link
vardump 4365 days ago
Exactly. FDA doesn't review code!

If there are complaints, FDA does sometimes review is the mountain of device related documentation. Design, assembly, maintenance, end user manuals, etc. Checking the paper trail. Is the paperwork done correctly, signed by a competent employee and reviewed by appropriate persons. There also needs to be watertight trail of employee training. Failure to have that does not end well!

Traceability (both physical and code) is another thing you better get right as a medical company. You need to know where, when, etc. each major component of the device came to be.

Medical companies literally generate so much paperwork, that separate storage facilities are needed for it. While you'd obviously have it in digital format for yourself, all of it is also printed out and signed.

link
laurenstill 4365 days ago
Compliance officer for a med device company, can confirm. Even vendor audits don't look at code, just SOPs and spreadsheets documenting that you have the processes in place to log the shit out of everything.
link
snom380 4365 days ago
There's a difference between bugs that cause downtime and bugs that endanger the life of the patient, and I think the FDA is primarily concerned with the latter. I would think a bug that caused the wrong image to be captured and could cause doctors to make the wrong decisions would be taken very seriously.
link