Regulatory Open Forum

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much. 

The tracking of software anomalies (e.g. "software problem report") is a separate process from complaint management.  If the software anomaly impacts released product, however, a complaint may need to be opened, with reference to the originating anomaly.  Reference IEC 62304, Section 9 (and 5.8.2, 5.8.3), for further guidance.

------------------------------
Eric Henry
King & Spalding
Washington DC
United States
------------------------------

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.

Hello Anonymous

Problem reports are such a funny term..... A problem means something isn't working as it should (per specification), therefore it is a complaint.  Remember complaints can come come any source, internal or external.  I would call them out.

If this is associated with software not yet released to market in theory it would be a non-conformance.. But is it a software also out in the field and you found the bug internally when reusing code or doing more development?  

You should treat each bug as a complaint and investigate what this affects and risk to decide further actions.  I had a software team once come to me and say they were repurposing code and found an error that swapped patient data inside metadata wrapper... And this was.in the field globally.  We did a full on recall globally concurrent with root cause and fix plan, V&V and deployment by patch. 

Train your software guys well to notify you if they see things.  I encourage you to study up on types of software "bugs" that have caused recalls.   Software CPR's website has great resources to track these things. Www.softwarecpr.com


Good luck!

------------------------------
Ginger Cantor, MBA, RAC
Founder/Principal Consultant
Centaur Consulting LLC
River Falls, Wisconsin 54022 USA
715-307-1850
centaurconsultingllc@gmail.com
------------------------------

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.

From my perspective, this depends on whether it was found internally or found externally.  If found internally a software problem report would in essence be a Nonconformity report that should be handle by the process in QMS - including bug/error tracking, correction, and updating.  Also if found internally there needs to be an assessment on the current version that is available in the market, that if there is a significant issue could result in a field correction.  If found externally a software problem report is a customer complaint.

Just as an aside, fixing software problems need to be handled very carefully.  There are some regulatory agencies with strong views on correcting bugs or fixes that are moved out to the field.  You must have a strong system in place to evaluate the regulatory, safety, hazard, patient risk impact because so many "fix a bug" that falls under scope of 21 CFR 806 as a market correction.

------------------------------
Richard Vincins RAC
Vice President Global Regulatory Affairs
------------------------------

Original Message:
Sent: 24-Apr-2019 10:14
From: Ginger Cantor
Subject: Software problem report versus complaint

Hello Anonymous

Problem reports are such a funny term..... A problem means something isn't working as it should (per specification), therefore it is a complaint.  Remember complaints can come come any source, internal or external.  I would call them out.

If this is associated with software not yet released to market in theory it would be a non-conformance.. But is it a software also out in the field and you found the bug internally when reusing code or doing more development?

You should treat each bug as a complaint and investigate what this affects and risk to decide further actions.  I had a software team once come to me and say they were repurposing code and found an error that swapped patient data inside metadata wrapper... And this was.in the field globally.  We did a full on recall globally concurrent with root cause and fix plan, V&V and deployment by patch.

Train your software guys well to notify you if they see things.  I encourage you to study up on types of software "bugs" that have caused recalls.   Software CPR's website has great resources to track these things. Www.softwarecpr.com


Good luck!

------------------------------
Ginger Cantor, MBA, RAC
Founder/Principal Consultant
Centaur Consulting LLC
River Falls, Wisconsin 54022 USA
715-307-1850
centaurconsultingllc@gmail.com

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.

Ginger,

I would disagree that all "bugs" are complaints, but I would agree that all "bugs" / software anomalies should be evaluated to determine if they impact released product.  If the answer to that question is "yes", then I would agree that a complaint should be created.  Keep in mind that "bugs" / software anomalies can be found at all points in the software development lifecycle, so a blanket statement equating "bugs" / software anomalies to complaints might put issues found during unit verification and integration testing into a category that makes efficient resolution of these issues problematic.

This does, however, bring up a good point, which is to determine what you call issues found at different phases of the SDLC and what process you will use for resolving them at each of those phases.  One size likely won't fit all.

------------------------------
Eric Henry
King & Spalding
Washington DC
United States
------------------------------

Original Message:
Sent: 24-Apr-2019 10:14
From: Ginger Cantor
Subject: Software problem report versus complaint

Hello Anonymous

Problem reports are such a funny term..... A problem means something isn't working as it should (per specification), therefore it is a complaint.  Remember complaints can come come any source, internal or external.  I would call them out.

If this is associated with software not yet released to market in theory it would be a non-conformance.. But is it a software also out in the field and you found the bug internally when reusing code or doing more development?

You should treat each bug as a complaint and investigate what this affects and risk to decide further actions.  I had a software team once come to me and say they were repurposing code and found an error that swapped patient data inside metadata wrapper... And this was.in the field globally.  We did a full on recall globally concurrent with root cause and fix plan, V&V and deployment by patch.

Train your software guys well to notify you if they see things.  I encourage you to study up on types of software "bugs" that have caused recalls.   Software CPR's website has great resources to track these things. Www.softwarecpr.com


Good luck!

------------------------------
Ginger Cantor, MBA, RAC
Founder/Principal Consultant
Centaur Consulting LLC
River Falls, Wisconsin 54022 USA
715-307-1850
centaurconsultingllc@gmail.com

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.

We managed this internally by differentiating between a bug and a complaint - a bug is found during testing/internally and a complaint is customer submitted.
I agree with Eric on the 62304 reference, that is what I have done as well.

------------------------------
Emilia Gonzalez
Lyndhurst OH
United States
------------------------------

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.

From the definition:

Complaint means any written, electronic, or oral communication that alleges deficiencies related to the identity, quality, durability, reliability, safety, effectiveness, or performance of a device after it is released for distribution.

It does not matter whether it was found internally or externally according to the FDA definition of a complaint.  If it is released for distribution (not even technically delivered to the customer yet), and if any person alleges a deficiency (even internally), it meets the FDA's definition of a complaint.  I don't see any way around that. 

That means there must be an investigation and a risk analysis, then based on these items - a disposition decision to: take field corrective action, improve on the next design revision, or potentially do nothing.  Finding "bugs" internally is not a blank check when it comes to ensuring patient safety.  You might use the "Software Problem Report" to communicate the software issues to the software design team, but that does not negate the need to ensure that the software problem does not pose a risk to public health.

------------------------------
Bobby McVay
Director of Quality Consulting
Union NJ
United States
------------------------------

Original Message:
Sent: 26-Apr-2019 11:53
From: Emilia Gonzalez
Subject: Software problem report versus complaint

We managed this internally by differentiating between a bug and a complaint - a bug is found during testing/internally and a complaint is customer submitted.
I agree with Eric on the 62304 reference, that is what I have done as well.

------------------------------
Emilia Gonzalez
Lyndhurst OH
United States

Original Message:
Sent: 23-Apr-2019 09:27
From: Anonymous Member
Subject: Software problem report versus complaint

This message was posted by a user wishing to remain anonymous

Hi  everyone,

For a company that specializes in mobile apps, is the software problem report equivalent to a complaint form? Or is the software problem report simply used for tracking bugs internally, a separate process from complaints?  Thanks so much.