FDA Requirements for Disinfectant Efficacy Test of iPhone

[wangyang]

My device is a BGMS which can connect with IPHONE/IPAD/ITOUCH, and we have to do disinfectant efficacy test on the device, since the device is physical connected to the device, so FDA told me that we have to perform the test on IPHONE as well, it is really a difficult right? since IPHONE have many different materials and its new generation is emerging very fast. What do you think about it?

Any input will be appreciated,

 

[Mikishots]

Depending on when your test will be complete and when your product is released; you will certainly not be responsible for ensuring efficacy on products that were not publicly available at the time of your test acceptance.

 

[MIREGMGR]

Depending on when your test will be complete and when your product is released; you will certainly not be responsible for ensuring efficacy on products that were not publicly available at the time of your test acceptance.

That statement might be correct per the wording of IEC60601-1, but I believe it is incorrect in regard to general medical device responsibilities...at least for US FDA.

If a medical device's instructions for use state that it is to be used in connection to, or as an accessory of, external product X and those instructions either don't specify product X's version or say something to the effect of "the current version and any subsequent versions", then my understanding would be that yes, you are responsible for ensuring safety and effectiveness in conjunction with a version of product X that wasn't yet available when you initially tested.

Ditto if the instructions for use aren't specific, or mention a particular version of product X, but the device's marketing is later updated to include later versions of product X.

If you want to avoid this responsibility, you must either:

1. State in your instructions for use that your device is to used only with product X, version Y, where version Y is the one for which you have validated; and, your marketing must be consistent with this; or

2. When a new version of the connected product is released, validate your device's use with it.

Note that at least for FDA, if they determine that you have a reasonable knowledge that your device is being used in a manner that is outside of the scope of its validation, and you haven't taken action to strengthen the instructions for use and/or make your marketing more clearly state that use outside of the validation scope is not intended, they may declare your device misbranded for inadequate instructions for use or misleading marketing.

Also note in regard to option 2 above that (in many instances) Apple, and other similar manufacturers, have programs for provision of product examples to makers of connected devices ahead of public release, so that validation can be done before that public release.

 

[MIREGMGR]

My device is a BGMS which can connect with IPHONE/IPAD/ITOUCH, and we have to do disinfectant efficacy test on the device, since the device is physical connected to the device, so FDA told me that we have to perform the test on IPHONE as well, it is really a difficult right?

Getting back to your original question:

The company for which I work is a maker of disposable (single-use) sterile-barrier covers for a wide variety of equipment types, and we have a number of customers who are using such a disposable cover over a handheld visual/tactile/audible personal-electronics-type device, most often for use in a sterile field. If the active device can be completely barrier-enclosed, this approach is one way of avoiding the need to clean and disinfect the active object.

This obviously won't work for a blood glucose meter that's directly connected to an iPhone or similar device, though. If your device is well along in its design and the direct-connection approach is already locked-in, I don't know what options to suggest to you that might satisfy FDA.

 

[Mikishots]

That statement might be correct per the wording of IEC60601-1, but I believe it is incorrect in regard to general medical device responsibilities...at least for US FDA.

If a medical device's instructions for use state that it is to be used in connection to, or as an accessory of, external product X and those instructions either don't specify product X's version or say something to the effect of "the current version and any subsequent versions", then my understanding would be that yes, you are responsible for ensuring safety and effectiveness in conjunction with a version of product X that wasn't yet available when you initially tested.

Ditto if the instructions for use aren't specific, or mention a particular version of product X, but the device's marketing is later updated to include later versions of product X.

If you want to avoid this responsibility, you must either:

1. State in your instructions for use that your device is to used only with product X, version Y, where version Y is the one for which you have validated; and, your marketing must be consistent with this; or

2. When a new version of the connected product is released, validate your device's use with it.

Note that at least for FDA, if they determine that you have a reasonable knowledge that your device is being used in a manner that is outside of the scope of its validation, and you haven't taken action to strengthen the instructions for use and/or make your marketing more clearly state that use outside of the validation scope is not intended, they may declare your device misbranded for inadequate instructions for use or misleading marketing.

Also note in regard to option 2 above that (in many instances) Apple, and other similar manufacturers, have programs for provision of product examples to makers of connected devices ahead of public release, so that validation can be done before that public release.

I'd be interested in a citation or reference for this. I cannot see how anyone could possibly be expected to assure safety and effectiveness of their product with another product that doesn't yet exist.

 

[MIREGMGR]

Just looking at the issue from an FDA perspective:

A medical device must be validated/verified to be safe and effective for its intended use before that medical device may be marketed. This is basic throughout the FD&C Act, 21CFR 820, and various FDA guidances. See for instance 21CFR 820.30(f) and (g).

In this case, my understanding is that the subject medical device's intended use involves connection to another product, and reliance on the computational and user interface functionality of that other product's hardware and software. Because software is involved, a specific software validation is required, per 21CFR 820.30(g).

We know that major versions of the iPhone and similar personal electronic devices have significant changes to their hardware and software between versions. Sometimes minor versions exist within a given major version, with software changes.

It would be impossible to validate/verify a device's safety and effectiveness with another product, or in this case a major or minor version of a product that may involve hardware changes and usually involves software changes, that does not yet exist at the time of validation/verification.

At least in my reading, there is no exception in the "validate/verify before marketing" requirement that allows an intended use that hasn't been validated/verified because the hardware/software that constitutes a key intended-use condition didn't yet exist when the product was first introduced.

 

[Mikishots]

Just looking at the issue from an FDA perspective:

A medical device must be validated/verified to be safe and effective for its intended use before that medical device may be marketed. This is basic throughout the FD&C Act, 21CFR 820, and various FDA guidances. See for instance 21CFR 820.30(f) and (g).

In this case, my understanding is that the subject medical device's intended use involves connection to another product, and reliance on the computational and user interface functionality of that other product's hardware and software. Because software is involved, a specific software validation is required, per 21CFR 820.30(g).

We know that major versions of the iPhone and similar personal electronic devices have significant changes to their hardware and software between versions. Sometimes minor versions exist within a given major version, with software changes.

It would be impossible to validate/verify a device's safety and effectiveness with another product, or in this case a major or minor version of a product that may involve hardware changes and usually involves software changes, that does not yet exist at the time of validation/verification.

At least in my reading, there is no exception in the "validate/verify before marketing" requirement that allows an intended use that hasn't been validated/verified because the hardware/software that constitutes a key intended-use condition didn't yet exist when the product was first introduced.

OK, I'll bite: It's the "it doesn't say you can't" argument; what I'm trying to get my brain around is if one concedes that there is no exception, HOW could one go about validating/verifying their product against something it may or may not be attached to that hasn't been designed yet? When does this time period into the future end? Two years from now? Five? Or just the life of the product?

I agree with your explanation up until the last paragraph. If you were in the OP's position, how would you go about this? Just test with the most current iPhone available, or state that it'll comply with any future model of iPhone Apple produces?

 

[MIREGMGR]

HOW could one go about validating/verifying their product against something it may or may not be attached to that hasn't been designed yet? When does this time period into the future end? Two years from now? Five? Or just the life of the product?

I agree with your explanation up until the last paragraph. If you were in the OP's position, how would you go about this? Just test with the most current iPhone available, or state that it'll comply with any future model of iPhone Apple produces?

The point is, you cannot market a medical device for a use for which you have not validated it. So, if you've validated it for use with personal-electronics-product versions 1, 2, 3 and 4 (the highest number being the current one), your marketing and intended use statement has to state that it's intended for use with personal-electronics-product versions 1, 2, 3 and 4.

If at a later time you want to extend your marketing and intended use statement to say that it's also for use with personal-electronics-product version 5, you have to validate for version 5 first.

If you market your device for use with all past, present or future versions of a personal-electronics-product...explicitly or implicitly...you're wide open to being gigged for marketing a device for a non-validated intended use, because it'll be obvious to FDA that software and maybe hardware changed and (in our scenario) you won't have validated for those changes.

What would your defense be...that you assumed everything would work OK? That it's up to a version 5 user to determine if their use of your device is safe and effective?

This is all inherent in creation of devices that connect to multi-purpose, non-medical products that provide computational functionality. These issues have been in the open since the first computers. They're nothing new.

 

[Mikishots]

As I stated in my first post:

"you will certainly not be responsible for ensuring efficacy on products that were not publicly available at the time of your test acceptance."

I don't see where I stated that you are not responsible for ensuring efficacy for your device when a new version becomes available.