Medical Device manufacturing Facility Test audit

[Al Rosen]

Has anyone heard of a CB performing an audit of a medical device manufacturing facility in order to perform IEC 60601 related testing of a Programmable Medical Electrical Device at the facility?

They're calling it a "satellite audit" and weren't very clear as to the scope, but mentioned ISO17025 or parts of it (they weren't specific). It seems to me that the only thing they should evaluate is the environmental conditions, if that, since they performed all the testing with their equipment. I'm pushing back on this. They priced it at $6K.

 

[yodon]

PEMS is only applicable if the software provides basic safety or essential performance OR the risk analysis indicates that software failure leads to unacceptable risk - so I assume it's already been determined that section 14 is applicable.

The reference to 17025 does indeed seem rather odd.

When I submitted for review a technical file claiming compliance to 62304 (which I believe 60601 calls out somewhere), the reviewer said either he'd have to do an audit of that (for additional time and cost) or have an accredited test lab do an assessment (for additional time and cost... hmm...). They were able to do the review offsite (at considerable time and cost) and it included the relevant aspects of section 14 (PEMS). Maybe that's what they're saying?

I'm curious if your pushback was successful?

 

[Al Rosen]

PEMS is only applicable if the software provides basic safety or essential performance OR the risk analysis indicates that software failure leads to unacceptable risk - so I assume it's already been determined that section 14 is applicable.

The reference to 17025 does indeed seem rather odd.

When I submitted for review a technical file claiming compliance to 62304 (which I believe 60601 calls out somewhere), the reviewer said either he'd have to do an audit of that (for additional time and cost) or have an accredited test lab do an assessment (for additional time and cost... hmm...). They were able to do the review offsite (at considerable time and cost) and it included the relevant aspects of section 14 (PEMS). Maybe that's what they're saying?

There doing a review regarding 62304 as a separate item.

I'm curious if your pushback was successful?

They haven't responded yet and are probably trying to find a way to justify it.

 

[Peter Selvey]

It's probably due to the CB scheme rules for CTF (customer testing facilities). You can find the rules and the forms they had to fill out by searching "OD-2048". It's a bit of work.

Last year I did some software related failure simulation tests at the client's facility because it was easier to do there with the debugger etc. It took about 4 hours and everything was OK. Although the tests were part of a CB report for a particular standard, none of the tests involved any measurements, it was just observing that the fault was detected and alarmed, and the system shut down safety. So I in the report I wrote a little story to say that the normal CB scheme facility audit was not necessary due to the nature of the test.

On submitting the report for review, I was asked to delete the story and remove any reference to testing at the client facility in the report. They understood my story and agreed, but it was clear there was an element of fear when dealing with the CB scheme. Rules are rules.

I guess what they need in the CB scheme is the equivalent of Clause 4.5 in IEC 60601-1, the "alternate solution", which allows the lab to bend the rules if they don't make sense for the situation. As far as I know though there is no such get out of jail free clause in the operational documents.

What I would question is the $6k. Most of the forms should be N/A for PEMS on-site test. Or you can try to pre-screen at your facility and if anything requires a measurement, repeat the test at their facility.

 

[Al Rosen]

It's probably due to the CB scheme rules for CTF (customer testing facilities). You can find the rules and the forms they had to fill out by searching "OD-2048". It's a bit of work.

Last year I did some software related failure simulation tests at the client's facility because it was easier to do there with the debugger etc. It took about 4 hours and everything was OK. Although the tests were part of a CB report for a particular standard, none of the tests involved any measurements, it was just observing that the fault was detected and alarmed, and the system shut down safety. So I in the report I wrote a little story to say that the normal CB scheme facility audit was not necessary due to the nature of the test.

On submitting the report for review, I was asked to delete the story and remove any reference to testing at the client facility in the report. They understood my story and agreed, but it was clear there was an element of fear when dealing with the CB scheme. Rules are rules.

I guess what they need in the CB scheme is the equivalent of Clause 4.5 in IEC 60601-1, the "alternate solution", which allows the lab to bend the rules if they don't make sense for the situation. As far as I know though there is no such get out of jail free clause in the operational documents.

What I would question is the $6k. Most of the forms should be N/A for PEMS on-site test. Or you can try to pre-screen at your facility and if anything requires a measurement, repeat the test at their facility.

Thanks for the information. The 6k is only a small fraction of the cost to do this testing. Due to the nature of the device it's not practical to perform the testing at their facility. They've already done the routine 60601-1 safety testing, but have yet to perform some of the special testing that's required. I would have had less of an issue had they explained the requirement and performed the audit prior to any testing.