21 CFR 820.75 Process Validation for Medical Device Software

Hello,
Can anyone provide examples of how 21 CFR 820.75 Process Validation would apply to a medical device that is strictly software (clinical laboratory information system.) I understand the concept of process validation as it applies to a physical device (i.e. sterility), but cannot determine a scenario where process validation (where the results of a process cannot be fully verified by subsequent inspection and test) would apply to the manufacturing of software.

Any input would be appreciated.

My assumption is that you're asking about validating the installation of software onto a recording device. If you're asking about actually validating the writing of software code... skip this message

One way I've seen it done is that the tool used to burn the CD (assuming this is the process) that you use to distribute the software is Validated. From there the size of the program is compared to the original and assuming you have a successful copy your sizes should be comparable. From there you would demonstrate (Sample size 3 or so) that the software you call 'good' will be what you want it to do.

I'm not a software expert but in my dealings in software land that's what I've seen on the manufacturing floor.

Thank you for your input...here's my problem.

The actual text of the regulation is "Where the results of a process cannot be fully verified by subsequent inspection and test, the process shall be validated with a high degree of assurance and approved according to established procedures."
The process that you described seems like it's one that could be verified by subsequent inspection and test, since as you stated you could verify files sizes and also test out the CD.

I'm interested in any part of the software development life cycle that would apply to this reg, both coding, and transfer to CD or via other means.

Thanks again for your post.

gholland is certainly on the right track. You note that the CD replication proces could be verified, but you don't say that you do perform 100% verification of the process output.

Practically speaking,though,there is little chance that the software would install if the CD was corrupted. So you could argue that the output is verified bythe fact that the software installs. You could take that a step further and putting in a checksum test as part of the install process.

Generally speaking, though, there's just not much in the software 'production' that will require such process validation. We typically do the checksum thing and that has been well received. We (or our clients) have not been called to the carpet on this.