FDA Posts Recall of Computerized Record System
William A. Hyman
Professor Emeritus, Biomedical Engineering
Texas A&M University, w-hyman@tamu.edu
Read other articles by this author
While EHRs are not regulated as medical devices, some similar products are regulated by the FDA and thus are subject to a number of FDA processes including publicly announced recalls. A case in point is the recent FDA reported recall of a computerized anesthesia record system that collects, processes and records patient data. The reason given for the recall was that when reviewed the patient record could include data from another patient. The FDA’s report of why this occurred was a software design problem.
This misfiling of information is one of the now classic potential failure modes of patient data systems. Besides wrongly filed data, another classic is when part of a patient record disappears as the records are saved or manipulated. This loss of data occurred in another FDA reported recall for an image archiving system that happens to come from the same vendor. A third type of software error is when data gets garbled or changed as I discussed here in an earlier post.
Besides illustrating things that can go wrong, the two recalls cited here are interesting because the products at issue were officially medical devices as indicated by their prior regulatory history of pre-market scrutiny, as well as by the recalls themselves. When and how it was determined that these products needed to go through the FDA, and by whom it was so determined, is not clear from the outside. (My inquiry to the vendor about the anesthesia recall resulted in referring me to www.fda.gov for more information). Also of interest is that this first product was “cleared” by the FDA as Version 15.0 in 2012, but there is discussion of at least a form of the product being used at least as early as 2008. One wonders how many versions there were before 15.0 and therefore before clearance? Were earlier versions not medical devices while 15.0 is, or did the earlier products simply avoid FDA scrutiny?
While regulation certainly has its detractors, it does set a standard for product development methodology, pre-market scrutiny, and post market activities including mandatory adverse event reporting and their public listing, and ultimately recalls as necessary. Had these products not been medical devices, would there have been a public recall? If not, would this have endangered the public? Even if all users were notified directly in these recall examples, public recalls are a good reminder of the scope of problems that can occur with patient information systems, and they forewarn developers (if they pay attention) that such risks need to identified, designed out, and tested for. These problems also provide a good example of the lack of utility of saying that the user should be careful and watch for such anomalies. While in some cases it might be noticeable and noticed that data is missing or added, in many cases the user would have no way of knowing this and thus could not be expected to cover for design created errors, even if there is one of those sneaky check boxes that asks the user to accept the record.
Read Dr. Hyman’s recent post in Medical Connectivity, A Medical Device Recall of an EHR-like Product, on this same subject.