Medical device recalls reached record highs in the first three months of 2018 thanks to software complications that are likely to continue with the proliferation of high-tech devices.
Device recalls increased 126% in the first quarter of 2018. At 343 recalls, it was the highest number in a single quarter since 2005, according to a report by Stericycle’s Recall Index (PDF), which tracks recall data across several industries.
Software was the biggest driver of medical device recalls in the first quarter, accounting for 23% of all recalls. Software issues have been the leading factor in device recalls each quarter since the beginning of 2016.
Bethany Hills, an attorney at Mintz Levin in New York who chairs the firm's FDA practice, says the rapid increase is not totally unexpected. Medical device software is becoming increasingly complex, with analytics that provide a higher level of clinical decision support.
"The more complex the software, the more likely it is that the developers did not account for all variables in the clinical environment, increasing the risk of bugs and errors," she told FierceHealthcare. "This risk increases further if the device manufacturer outsources software development because integration of outside software and the inability to quickly modify the code can lead to additional errors slipping through the cracks."
All told, more than 208 million devices were recalled in the beginning of the year, more than the total number of recalled devices in all of 2017. There doesn’t appear to be one singular reason for the startling uptick, making it difficult to pinpoint an underlying trend.
Although it's possible the first three months of 2018 were an anomaly, and recalls could dip back down to a level more consistent with past quarters, software challenges aren’t likely to recede. Device manufacturers are building more innovative devices with software that requires frequent updates and patches.
“[Manufacturers] don’t have this figured out yet and it’s going to continue to be a driver,” Mike Good, vice president of marketing and sales operations at Stericycle, told FierceHealthcare.
At the same time, medical device cybersecurity has emerged as a growing concern among industry leaders and lawmakers. Legacy devices are particularly susceptible to attacks, and a recent report from analysts at Symantec indicated a hacker group known as Orangeworm has been launching targeted attacks on the healthcare imaging suites where devices run on outdated operating systems.
Although there have been a limited number of cybersecurity recalls—the most notable being a firmware update for Abbott-manufactured cardiac devices last year—regulators appear acutely aware of the issue. Food and Drug Administration Commissioner Scott Gottlieb, M.D., has asked Congress for funding to create a cybersecurity “go-team” that would be housed in a new Center of Excellence on Digital Health.
Hills expects the medical device recall trend to continue, particularly now that the FDA is accepting devices with artificial intelligence and more complex clinical decision support algorithms.
Although the agency is in the process of updating regulatory guidance, the industry is currently relying on software validation requirements from the early 2000s. Gottlieb has signaled that overhauling the approval process for digital health devices and AI software is one of his top priorities, but manufacturers will still have to balance the time it takes to evaluate the potential hazards of complex software with a potential recall.
Minimizing the number of devices recalled from the market requires a joint effort by manufacturers and the FDA to minimize risks prior to approval, but doing so is a "delicate balance," Hills says. Devices featuring complex algorithms that rely on large data sets may be particularly susceptible to recalls following widespread clinical use.
"Obviously, neither wants to see devices recalled from the market, but there needs to be a balance between constantly testing and validating software and the clinical benefits of using the software," she said. "FDA’s job is to ensure that the manufacturer has done a reasonable job to identify and address any outstanding safety issues before the device goes on the market, but it would be an impossible task to resolve every possible issue since the testing environments for investigational devices are so limited."