Tag Archives: medical device

Root Cause Analysis

Regulators ask hard questions about blood testing startup Theranos

By Kim Smiley

The biotech startup Theranos has been all over headlines in recent years.  At first the company made news for its ambitious goals of running comprehensive laboratory testing on just a few drops of blood.  The company has claimed to have created a handheld medical device (nicknamed Edison) that uses only a finger prick of blood and makes blood testing less painful, faster and cheaper.  Theranos’ young and compelling founder Elizabeth Holmes has been featured in multiple magazines, gave a popular Ted talk and has even been compared to Steve Jobs and Bill Gates. In 2014, the company was valued at $9 billion.

Lately, the type of headlines the company has made have changed as the company has been embroiled in controversy.  The multiple concerns about Theranos can be visually represented in a Cause Map, a visual format for performing root cause analysis.  A Cause Map intuitively breaks down a problem to the basic cause-and-effect relationships and visually lays them out.  (Click on “Download PDF” to view an intermediate Cause Map of these issues.)  Many of the issues raised haven’t been proven yet and require more evidence so a question mark is used to note this open question within the cause box.

The problems for the company started coming to a head in the latter half of 2015. A December 2015 report by The Wall Street Journal, At Theranos, Many Strategies and Snags, raised concerns about the accuracy of the company’s propriety handheld blood testing device.  Studies showed that the results of the Edison device differed from testing done by traditional blood testing methods. Additionally,  inspections over a three-week period in August and September 2015 at two Theranos facilities found multiple issues.  Specifics on the exact problems found during the inspections have not been released, but they have been described generically as problems with record keeping, quality audits, and handling of consumer complaints. The FDA has also raised concerns about the approval of a medical device called a nanotainer that is used by Theranos. The nanotainer was classified as a Class I exempt device during the approval process and it should have been classified as a risky Class II device that would have received greater scrutiny during the approval process.

A federal criminal investigation into Theranos is now underway looking into claims the company made about its technology.  A separate probe by the Securities and Exchange Commission is working to determine whether the company misrepresented its new blood testing technology and its claim that it could run a full range of laboratory tests from just a prick of blood from a finger.

As of right now, Theranos has taken a beating in the court of public opinion, but the company has not been convicted of anything and is still selling blood tests from 40 Walgreens in Arizona.  Only time will tell the fate of the company, but the issues it has faced can be seen as a cautionary tale for other biotech startups.  Even if the company is cleared of all wrongdoing, there are lessons to be learned about ensuring laboratories meet all appropriate standards and ensuring proper approvals of all medical devices.

Root Cause

Medical Device Vulnerable to Hacking

By Kim Smiley

The Food and Drug Administration (FDA) made headlines when they issued a warning that a computerized pump used for infusion therapy, Hospira Symbiq Infusion System, has cybersecurity vulnerabilities. Hacking is scary enough when talking about a laptop, but the stakes are much higher if someone had the ability to alter the dosage of critical medication.

A Cause Map, a visual format for performing root cause analysis, can be used to analyze this issue.  The first step in the Cause Mapping process is to fill in an Outline with the basic background information, including how the issue impacts the overall goals.  Defining the impacts to the goals helps define the scope of an issue.  Once the Outline is completed, one of the impacted goals is used as the starting point to building the Cause Map itself.  For example, the potential risk of serious injury or death is an impact to the patient safety goal and would be the first cause box on the Cause Map.  The rest of the Cause Map is built by asking “why” questions and documenting the answers in cause boxes to intuitively lay out the cause-and-effect relationships.

So why is there potential for injury or death with the use of the Hospira Symbiq Infusion System?  It is possible for a patient to receive the incorrect dosage of medication because the system could be accessed remotely by an unauthorized user who could theoretically change the settings.  There have been no reported cases where this infusion pump system has been hacked, but both Hospira and an independent researcher have confirmed that it is possible.

This system is vulnerable to hacking because it is designed to communicate with hospital networks and the design has a software bug that could allow it to be accessed remotely via a hospital’s network.  The infusion system was designed to interface with hospital networks to help reduce medication dosage errors because the dosage information wouldn’t need to be entered multiple times.

The final step in the Cause Mapping process is to develop solutions to help reduce the risk of similar errors in the future.  In this specific example, the FDA has strongly encouraged healthcare facilities to transition to alternative infusion systems as soon as possible.  Hospira discontinued this specific design of infusion system in 2013, reportedly due to unrelated issues, but it is still available for sale by third-party companies and used by many healthcare facilities. There will not be a software patch provided or any other means to make the Hospira Symbiq Infusion System less vulnerable to hacking so the only option going forward will be to switch to a different infusion system. During the time required to transition to new equipment, the FDA has provided specific steps that can be taken to reduce the risk of unauthorized system access that can be read here.

Root Cause

FDA To Device Maker: Complaints Not Properly Investigated

By ThinkReliability Staff

The Food and Drug Administration (FDA) issued a warning letter – a possible precursor to regulatory action – to a manufacturer of pulse oximeters challenging its response to violations identified during a facility inspection in 2013.  Specifically it found that:

1) Complaints of device failures were not adequately investigated,

2) Investigation records did not include required information,

3) Procedures did not identify all potentially affected product, and

4) Causes of failures were not investigated.

The company’s response to the initial violations found during the FDA inspection was found to be unacceptable.  Some of the comments to the FDA regarding the violations were: “The reported event poses no risk to user or patient safety, therefore, no Corrective and Preventive Action required”, “The cable and sensor that were returned with the instrument were also investigated and no problem was found”, “Through the investigation process, it was determined that Masimo’s product did not malfunction”. To each of the violations, the company claimed that either no problem was found, or that the problem did not involve any failures of the pulse oximeters identified in the complaints.

This doesn’t ring true to Diana Zuckerman, the president of the National Center for Health Research.  She says, “It may well be that it’s a user error. But you have to investigate that and show that it’s a user error and not a device error… When a company refuses to respond in any way to the FDA other than to say that the FDA is wrong on every issue, that’s not very credible.  Especially when users made complaints that the company’s product put patients at risk.”

Included in the complaints are that the manufacturer’s pulse oximeters failed to alarm in a patient that died and that they resulted in burns on both an 11-month old and 33-year-old and a skin tear on another patient.  Complaints also indicated issues with consistency of readings and exposed wires at the connection points.  The failures are getting attention not only because FDA warning letters are fairly rare – this is the first such letter to the company in its 25-year history – but also because of the company head’s views on medical errors and funding of the nonprofit Patient Safety Movement Foundation.

Pulse oximeters are used to monitor a patient’s pulse and blood oxygen.  Abnormal readings can indicate a change in a patient’s condition which may require medical intervention.  If the device fails to function, it can lead to patient injury or even death.  Because the devices are intended for use in diagnosis, they are regulated by the FDA and have to conform with FDA practices.  If the violations identified by the FDA in the warning letter are not corrected, the company may face regulatory action.

For now, the company has not released its plans to ensure compliance with the FDA requirements.  The FDA is clearly looking at updates to the investigation process used to respond to customer complaints and ensuring that causes identified as part of those reviews result in changes to other processes, such as manufacturing and quality control.

To view an outline and analysis (in the form of a Cause Map, a visual form of root cause analysis) of the FDA’s findings, click on “Download PDF” above.

Root Cause

Helping the Blind See

By ThinkReliability Staff

Retinitis pigmentosa is an eye disease which results in the degeneration of photoreceptor cells in the retina.  Although it is uncommon, it is estimated that 100,000 Americans suffer from it, but a new device may be able to help them.

In normal sight, the light from a signal enters the eye and contacts photoreceptor cells in the retina.  The photoreceptor cells generate electrical impulses, which are sent to the brain by the optic nerve, allowing the vision to be interpreted by the brain.  In retinitis pigmentosa, their photoreceptor cells deteriorate, short-circuiting the vision process, eventually to the point where there is no vision at all.

To assist in our understanding of the normal vision process, and the problems with it resulting from retinitis pigmentosa, we can use a process map, or a visual step by step diagramming of any process that is examined as part of a root cause analysis.  Although in this case the process is a biological one, diagramming any process that is not producing the desired results can provide important information to develop solutions that allow the process to  again provide the desired results.

With advanced retinitis pigmentosa, all vision can be lost.   Although researchers continue to attempt to discover ways to restore as much vision as possible, any improvement can improve quality of life.  A device called the Argus II, which was approved by the FDA for use in the US on February 14, 2013, aims to help those with retinitis pigmentosa – and possibly in the future those who are blind from macular degeneration.  The device was approved in Europe in 2011 for any type of outer retinal degeneration.

The device uses a camera, video process and electrodes which do the processing work normally performed by photoreceptor cells and the optic nerve.  The electrode provides a pixelized light/dark pattern to the brain, which can allow sufferers to  see outlines and differentiate between light and dark.  Again, a process map can help demonstrate how the device works to bypass the normal vision process.

To view a process map of normal vision, and partial vision provided by the Argus II device, please click “Download PDF” above.  Or click here to read more.

Never Event, Root Cause Analysis

Patient Deaths Caused by Defective Defibrillator Wires

By Kim Smiley

A recent study determined that at least 20 patients have died as a result of defective defibrillator wires.  The wires, also called leads, connect the defibrillator to the heart to both monitor heart rhythms and deliver electric shock if needed.  Defective defibrillator wires have the potential to affect many people since more than 79,000 in the United States and 49,000 abroad have the implants.

This issue can be explored by building a Cause Map, an intuitive, visual root cause analysis method.  To begin a Cause Map, the first step is to determine what the impacts have been on the overall organizational goals.  In this example, the safety goal will be focused on since the study determined at least 20 patients have died as a result of this issue.  Once the impact to goals is found, the Cause Map is built by asking “why” questions and adding the information.

In this case, the patients died because their heart stopped.  The heart stopped because the patients were at risk of heart issues, had defibrillators implanted and the defibrillators malfunctioned.  Implanting defibrillators is a common treatment for certain heart conditions and many people have them.

The defibrillators malfunctioned because the wires used to connect the defibrillator to the hearts weren’t properly insulated and a short circuit developed, preventing the defibrillator from shocking the heart when it was needed.  The wires aren’t properly insulated because the silicone coating on the wires is breaking down over time.  The defibrillators are also malfunctioning because the issue with the wires isn’t one that can be found by routine monitoring so the problem isn’t identified until it’s too late.

The company that makes the wires is questioning the findings of the study and says that the information used was incomplete.

It’s also not clear at this time what the best course of action is at this time beyond continuing to monitor patients.  Removing the wires is considered to be a risky operation.

To view a high level Cause Map of this issue, click “Download PDF”.