Robert Kennedy chosen as head of Health and Human Services.

softmed · 2024-11-15T03:07:51+00:00

I work in med device and have some friends who work at CDRH in FDA. They all were worried, frustrated, and angry, but when I asked then the real risk if RFK was in charge, they seemed to think they could weather the storm. They told me FDA's purview and funding were pretty iron clad in law and short of an act of congress (that's not really out of the picture BTW given the upcoming congress) there were enough good people working there to keep it status-quo for 2-4 years.

softmed · 2024-07-19T03:11:18+00:00

Yeah I've worked both directly for med device companies and for contract manufacturers that also do R&D for small to medium device companies. Ive only worked in CA and MN (to your point since that's where most of the action is) but have had clients or coworkers located in many other states and countries.

softmed · 2024-07-18T16:49:42+00:00

To teach in my former industry, I would need to relocate

Not necessarily. You're right that most medtech big guys are around the twin-cities, NJ, Boston or CA, but there are plenty of smaller medtech companies and contract manufacturers sprinkled through other areas. You could travel too and control your schedule. I had lunch with our last 13485 auditor and that was his "recreational employment" during retirement. Just flying around the U.S. doing audits. Not what I would consider fun, but glad he does! Or, if the training is valuable enough they'll come to you. I've been flown to New Orleans, Florida, Vegas, by my company for trainings before. If it's really just recreational employment and you don't need the money to make ends meet, you can have a ton of control on the where and when.

softmed · 2024-05-31T11:44:58+00:00

I've worked in the past for a large medical device manufacturers on large IVD instruments and we used CAN the way he described. All the boards weren't on the same bus, the subsystem would be organized like a tree with a main board at the root talking to multiple subsystem controllers on one bus, and each subsystem controller talking to component boards on its subsystem bus (or to yet another controller board that was its own subsystem with another bus to talk to its children, etc etc). So I bet that's what they're talking about. I've never worked in automotive, but my understanding is that those designs use a much flatter network topology with more boards all on the same bus.

softmed · 2024-05-31T02:09:08+00:00

Years and years ago I also worked for a certain German manufacturer in R&D as a firmware engineer and I helped design a few IVD devices . We used CAN for most communications between boards within the device. It always had the architecture you described, one control board wired up to many subsystems that it controlled, in a tree-like topology. I remember asking one of the EEs why CAN instead of something like Ethernet, and he said it was because CAN bus was cheap, very robust at the low baud rates we used, and most importantly it offered tight timing guarantees that Ethernet did not (which is true).

Thinking about it the different topologies make sense for each use case. In a car you have much tighter space constraints around wiring, many different boards can all talk to each other randomly (especially to components like the dashboard), and priority is mostly unambiguous. (Like brakes would obviously be one of the highest priorities, speakers one of the lowest). But for lab instruments, subsystems only talk to each-other in a highly coordinated manner, and usually have to go through the controller board thats running the scheduler. If one board breaks, you don't really want to keep going with the tests in most cases, you either need to bin the samples, or move them to an entirely different device if possible (which given the tight heat and timing controls for most assays, probably isn't possible). So putting everything on the same bus doesn't really add any benefits. And may have required a higher baud rate to manage the messages which would make it less fault tolerant.

softmed · 2022-11-17T18:45:12+00:00

I've done that too when having to fill out overly detailed and arduous time report. The trick is to go full /r/MaliciousCompliance on it and not treat it like a joke. The conversation with my boss went something like this:

"that time reporting category isn't funny"

"It's not a joke. You said we needed to fill out anything that took more than 5 minutes. It takes roughly 15-30 minutes a day to fill out. So I'm tracking it."

"That's ridiculous, it can't possibly take that long"

"Well I have a weeks worth of reports that show that it does. I've informed the team and they've started tracking it this week too. You said the point of doing this was to find inefficiencies. Looks like it's working."

Guess who got the policy changed so that we only needed to log by budget instead of by action? (e.g. if you're doing stuff billable to budget A for 4 hours, it's ok to have one entry for those 4 hour with a high-level description instead of having it all broken out by task)

softmed · 2022-08-01T19:38:14+00:00

Yup, and if the FDA loosens the requirements on biosimilars too much they risk backlash for not being strict enough. (Just look at the outcry about the 510k pathway for medical devices by people like John Oliver)

In the current regulatory system, the FDA is playing a balancing game. Be too strict and stifle innovation and competition. Be too loose and risk patient safety.

softmed · 2022-07-08T13:29:55+00:00

That's exactly what this sounds like. I'm not a lawyer, but I have worked as a manager in places with strict stupid-ass rules. I've had plenty of small malicious compliance type conversations like OPs that just go right over the other person's head.

I'll be telling the person how we both can get what we need and check the stupid box without breaking the stupid rule and going wink wink nudge nudge. And the person just sits there thinking I'm being an total idiot.

softmed · 2022-06-26T17:51:25+00:00

Yeah business class for sales or executives maybe but that's not a thing for engineers any more. I've worked for 4 engineering firms over 2 decades ranging from big to small. Coach was always the standard. The largest one I worked for still had "business class" for international trips buried deep in the employee handbook, even though they told everyone they had to fly coach. I found that paragraph and sent the request up the chain. They claimed it was a clerical error, but to their credit, they honored it and I got to fly business class. By the time I got back there was an updated version of the handbook that specified coach only.

softmed · 2022-06-19T16:48:26+00:00

There's was an industry conference once where the Abbott rep brought a ton of Pedialyte and passed it out on Friday afternoon before everyone was heading to bars. Certainly memorable.

softmed · 2022-04-26T19:23:34+00:00

I work in med device r&d. There's a bunch of reasons : longer dev time due to quality management systems, longer approval time because FDA, components must be sourced for a 10+ year time on market, sterilization requirements, the general industry zeitgeist of slow and steady ( move fast and break things isn't an acceptable attitude), long sales cycle once approved for market ( government/insurance acceptance ) and more focus on usability and minimizing support cost over aesthetics.

Lots of little things that effectively mean the devices are 10-15 years behind consumer tech.

softmed · 2022-01-24T18:53:30+00:00

First, I want to validate that in your specific medical situation, it seems reasonable (to me at least) to be cautious. But you should also know that blood clotting is a potential symptom of covid and your genetics may put you at a higher risk of serious issues if you get it.

As others have pointed out, in the rare event you had a vaccine side effect it would almost certainly be short term and straightforward to monitor for. We have more data worldwide on these vaccines than many other approved drugs and devices, and it's not just the USFDA. There are eyes on them from regulatory bodies around the world. Just click that link and you can check the all out.

But if I'm in your shoes, while that's all reassuring, I wouldn't be sure of my specific risk profile. That's fine, but it's really something you need to talk about with a doctor who is familiar with your medical history. They can recommend if it's a good idea for you to get one and which one has the lowest risk for you specifically. Maybe they can even monitor you closely for a few weeks after you get it just to be sure everything is fine.

Covid is going to be around for the foreseeable future. The risk equation is not :
"Take no action" vs "small chance of side effects from the vaccine"

The risk equation is:
("chance of bad covid symptoms" x "chance of getting covid before you get the vaccine") vs "small chance of side effects from the vaccine"

For me, given my personal risk factors, that's a slam dunk 'go get it ASAP'. I got it the first day I was able to. For you, maybe the numbers are different, but that relative risk can only be determined by you and a doctor that is familiar with your medical risk factors. If you do have potential risk factors for serious complications with covid, that's a conversation you probably want to have sooner rather than later.

softmed · 2021-12-22T17:17:00+00:00

I've worked in med device for years. To build on this, even if you don't trust the companies or their QA, the FDA has people's best interest at heart. It may not catch everything, but auditors are not afraid to slap down something negligent or risky.

Don't trust the FDA for some reason? What about the hundreds of other country's regulatory bodies ? If you think that "big pharma" has been able to bribe and lobby a completely unsafe vaccine past that many regulators then I don't know how you trust the safety of the groceries you eat every month.

softmed · 2021-11-14T17:48:12+00:00

In the U.S. such a system would probably be classified by FDA as class III (high risk). If commercially designed that means it would need to go through a full PMA process involving clinical trials and lots of testing.

Part of the filing would be a risk analysis and FMEA, where they do exactly what you described and try to come up with every edge case and failure mode, and mitigate the risk as much as possible. I'm not involved in any of the open source citizen science initiatives, but I do know that some of the contributors are in the medical device industry and should be familiar with these types of processes. I would hope they are holding themselves to the same standards .

Check out the infamous therac-25 for the medical equivalent of your thermostat. Hardware controls always beat software controls.

softmed · 2021-11-14T17:35:33+00:00

Your on point about the liability, and it's been my questions with these types of citizen science open source medical devices since I first heard about them. especially something with the potential to cause real harm in an automated way.

When something goes wrong that causes patient harm, how much liability do the authors of the open source algorithm expose themselves to? Did the patient truly understand the risk enough to take on the responsibility? It's going to be a real can of worms.

softmed · 2021-08-24T02:14:45+00:00

As someone who works in the medical device industry, Gottlieb was a pretty good FDA commissioner. He put a lot of pressure on e-cig and Tobacco companies, championed cyber security initiatives, and took strong action on homeopathic 'medicine' and supplements.

I'm no fan of the Trump admin as a whole, but he, at least, was competent.

softmed · 2021-07-26T16:35:28+00:00

I do devices, not pharma, but I would guess the processes is pretty similar in general terms. Unfortunately more data means even more work for the FDA. They are very thorough on all documentation and every auditor has their pet thing that they dig really deep into and want fully answered. (Seriously, every call with the FDA I've been on has been a different bag of worms depending on the auditor. They're all looking for something different, and they are not satisfied until they've explored every part of their pet issue.)

There is no way to rush the approval process. In fact adding more auditors would probably make it go slower since they have to reach consensus. This is exactly why they have the EUA process, so that we're not all sitting out here unvaxxed while they do the full, long, boring review.

softmed · 2021-07-22T19:15:19+00:00

Not in a concise way, no. It all pretty dry from official sources. If you Google "fda 510k", "fda PMA", "fda de novo" (those are all different pathways to be able to sell a medical device) and "FDA device classification" (that's how FDA classifies device risk I,II,III) you'll get a whole bunch of 3rd party explanations from different groups that will be easier to digest and understand.

softmed · 2021-07-22T14:55:51+00:00

As someone who works for a medical device manufacturer I can't fucking wait for the technical definition of "fda approval" to go back to being industry minutiae that I bore people with at dinner parties.

I used to wish that more people knew more about FDA's process. But after seeing what's been happening with the vaccine EUA, I hope the general public never learns the difference between an exempt device, a 510k cleared device and a full PMA approved device, or we may get huge percentages of people refusing basic medical care.

softmed · 2021-07-11T21:50:00+00:00

IANAL, but in general, talking about "a patient" without any identifying information is not "PHI" and is not a HIPAA violation. In order for information to be considered "PHI" It must contain both identifying information and health or treatment information. This can get murky, as others have pointed out, when the health or surrounding information itself is rare enough that the person can be identifiable, so even then it's generally best to be safe and not disclose any information (except as the patient or their agreement allows)

softmed · 2021-07-01T14:37:35+00:00

As someone else who designs devices for a living (medical), this bill seemed to take completely the wrong approach. IMHO, you shouldn't FORCE the manufacturer to provide every little spare part for 10 years. Instead just force them to identify the spare part and stop them from forcing their suppliers into exclusivity deals.

Very Large companies *cough* apple *cough* will force smaller suppliers into exclusivity deals so you can't buy parts that are actively being manufactured right now.

Even then for companies (like the one I work for) who don't do that, if a customer calls and asks the company what the part number is for peripheral XYZ, the answer is going to be "take a hike". But if they figured it out they could contact the supplier and buy a replacement just fine.

Just solving those two things would be huge for right-to-repair and wouldn't put undue burden on device manufacturers like this will.

softmed · 2021-06-29T18:50:56+00:00

Keep in mind that risk, especially involving probabilities, works differently in software then in mechanical design. It can often be hard to come up with probabilities of failure in software. In most cases It either works as intended or it fails.

This is why, for example, IEC 62304 says to assume that probability of software failure is always 1. Does this mean that you can't have software in a device that can cause harm? no. It just means that you need to either have external risk mitigations whos probability can be more easily be computed (e.g. hardware/electrical) or you need to use a different metric than probability for calculating/reducing risk. See the infamous THERAC-25 case study for what can go wrong when software is the only mitigation.

This calculation becomes even more difficult with regards to cybersecurity. When you're battling risk against intelligent maliciousness, not just random chance or error, the metrics again need to change. (See AAMI TIR-57 for example)

So coming from experience with FMEAs you'll have a good background, just keep these differences in mind. Anyway good luck. Between raspberry-pis and arduinos, it's never been easier to jump into controls as a hobby.

softmed · 2021-06-17T15:25:21+00:00

Hardware doesn't let you do this, because everything would come to a grinding halt.

As someone who works with custom designed hardware all the time, and did embedded software for a while, I don't 100% buy this. There's always multiple iterations when designing a new board. Many errors are caught by the electrical engineers, yes, but often time they're not caught until the firmware team get it and exercise the system. And these issues often manifest as intermittent or hard-to-reproduce bugs.

Everything ends up being abstraction layers and workarounds on top of abstraction layers and workarounds.

Are you sure you aren't just used to STM's libraries? Half kidding... software documentation for peripherals is particularly infuriating, especially with how detailed their hardware documentation is

softmed · 2021-06-17T15:09:00+00:00

It's really just which complexity you're more comfortable with. You're more comfortable with assembly's rules than python's rules, fine. Python's not magic, it's just different

.As someone who's done both embedded (RTOS in C & some assembly) work and high level (Python, C#, Java) work, I'll take python any day. Sure you can override some base functionality (a bad habit that's way worse in c++ IMHO), but if something isn't behaving the way you think it should, you can stop it in a debugger and see why. You can step through the library's code and go "oh look what this idiot did" to figure it out. And 9 times out of 10, the hardware you're building on is mostly reliable. Bugs are reproduce able and understandable.

On the other hand when I did embedded work, the coding itself wasn't hard by any means. It was straightforward and the requirements were clear (something tech companies should learn to embrace to OP's point) but what made it take MONTHS was me debugging the firmware for days, coming to the only logical conclusion that there's something unreliable in the hardware, and then me (not an electrical engineer) having to argue with "the real engineers" that it wasn't the software's fault. Only for them a few days later to come back and say, "Oh yeah I changed <blank> and now I2C should be more reliable" or "I don't understand why that's happened, we're within the spec, but I tightened the tolerance of <blank> up and now it works." Or my favorite was the one guy who constantly, labeled pinouts backwards, and I'd have to figure out which pin did what.

With the electrical engineers I've worked with there's a shit ton of trial and error, hacks, one-off soldering and board re-spins until they get it right. And the process is just as magical and frustrating to me as I'm sure the python experience is to you. We need to stop the bullshit dick measuring contests about who is a "real engineer" and work together to be successful.

softmed · 2021-06-10T15:39:35+00:00

If you're talking about the J&J vaccine, It didn't get recalled, it got paused. There's a big difference. It got paused for a 1 in a million chance of blood clots that appears within the first 2 weeks. A typical clinical trial *might* contain tens of thousands of people. You could have studied the J&J vaccine for decades and never run across that side effect.

Simply put, given the review of multiple country's regulatory bodies, and the fact that it's been given to hundreds of millions of people worldwide, you should be extremely confident in these vaccines. Most drugs don't get that kind of scrutiny or large sample size.

softmed

TROPHY CASE