“Specifically, your firm has not conducted quality audits and established adequate procedures for … acceptance activities and computer software validation … your firm has not established written procedures describing how it evaluates, verifies or validates, documents, and approves design changes. Failure to validate software used as part of production and quality system for its intended use according to an established protocol, and failure to document the results of the software validation, as required by 21 C.F.R. § 820.70(i). FDA 483 Item 8. Specifically, your firm has not maintained documentation of the validation of the computer software used to (a) receive encrypted patient treatment data and decrypt/encrypt it; (b) convert decrypted patient treatment data into […] codes that are converted into […] codes that are then sent to your contract manufacturer’s […] milling machine to produce the compensators.”
View the original warning letter.