Case Study: Rethinking the Recall Process 

With medical device recalls abounding, a new support model is simplifying the process. Learn about it here.

By Suresh Iyer and Siva Kannathasan

Can you imagine today’s healthcare being conducted without medical devices? What if these devices are faulty? Think about it: The healthcare sector faces close to 1,000 medical device recall events each year. And many of these recalls can be attributed to software-related issues.

Many medical devices are engineered into systems that integrate information technologies, real-time control systems, physical components, and human operators to influence physical processes—think imaging systems, pacemakers, anesthesia machines, etc. In such increasingly connected healthcare environments, recalls and software-related issues substantially increase patient safety risks. At the same time, device lifecycle management—from installation and integration through field modifications, upgrades, and end-of-life stages—presents challenges.  

For example,

• Generalist field personnel can no longer adequately support many different types and makes of devices. Product- and/or project-specific competencies are needed for quality outcomes.
• Having functional knowledge of a device is no longer sufficient. Some level of networking and cybersecurity knowledge is also required to reduce cyber-related risks while also addressing end-user network integration needs.
• It becomes cost-prohibitive to keep experts on the bench.
• Ensuring compliance to industry, regulatory, and/or corporate standards for quality and liability management is difficult with heavy subcontracting.

A well-known global medical device manufacturer was recently faced with all these challenges in their quest to patch a particular device to comply with the U.S. FDA’s post-market support regulations. The effort entailed patching firmware in two different generations of the product installed in various hospital network configurations across the globe. The company considered three typical options: (a) requesting customers to perform the upgrades themselves, (b) utilizing their own field team, or (c) finding a capable subcontractor.

Most customers were unwilling to upgrade the products themselves because of the need for conducting functional, clinical, and network performance validation after the upgrade. They were concerned about the requisite product-specific knowledge.

While the manufacturer could have deployed their own field resources, doing so was impractical and cost-prohibitive—in some instances, the cost to upgrade an installed device greatly exceeded the cost of the equipment itself. Moreover, allocating field resources meant postponing committed field activities, such as preventative maintenance. What’s more, the field team lacked both the detailed product- and firmware-specific knowledge and expertise in cybersecurity and networking. At the same time, customers were keenly aware of the potential patient care-related risks. 

The third option involved engaging a third-party clinical engineering organization. Unfortunately, the manufacturer had trouble finding a willing organization that had the necessary global or even national footprint, as well as field personnel with the product- and upgrade-specific skills along with cybersecurity and networking expertise. They also lacked underutilized field personnel that could be allocated to this new project. Their costs with overhead and subcontractor margin stack-ups were very similar to that of the manufacturer.

In short, the manufacturer needed to change things up and find an entity with:

• General domain knowledge and skills matching the overall project
• Availability at a given geographic location and at a customer-convenient time
• Project-specific (i.e., product and upgrade) knowledge proficiency
• Cybersecurity knowledge
• Proficiency in regulatory compliance
• Overall cost productivity

Figure 1: Project Mandate

Essentially, they were looking to optimize all four key parameters: (1) Cost, (2) Quality, (3) Timeline, and (4) Compliance.

Finding a Solution 

Connect^e and MediTechSafe were consulted to develop and deploy an optimal model, along with a global system integrator mainly due to the leaders’ domain expertise. The team architected an industry-first model as outlined in Figure 2.

Figure 2: Service Delivery

The system integrator offered a business-process-as-a-service, or BPaaS, to the manufacturer, acted as a prime, and agreed to a “not-to-exceed” amount.

Connect^e provided access to a set of resources nationwide with the relevant domain expertise via its smart workforce management, which includes a purpose-built module for On-Demand Field Engineering (FieldTrack^TM). The Connect^e platform delivered multiple candidates to address each installed asset by matching skills, geographic location, and availability. Each resource had an option to decide whether they wanted to engage in the assignment and at what pay-rate. This notion ensured the availability of a person with the necessary domain knowledge at a right cost for a given asset.

The next task was to ensure that the resources were fully trained on the upgrade process (e.g., product, firmware, networking elements), and had adequate knowledge about cybersecurity and compliance requirements. MediTechSafe’s proficiency management platform, an essential part of the solution, was also utilized. Training took place, and the platform quizzed the resources about the upgrade process, cybersecurity, and compliance requirements. If the resources were deficient in any area, the platform re-trained them, thus promoting proficiency. 

Further, the system integrator addressed billing and payment directly with the manufacturer. They also coordinated the upgrade kit shipments to the resources from the manufacturer. And resources were paid via the Connect^e platform.

Better Recall Outcomes All Around 

This patent-pending model delivered 30% cost productivity and 1.5-times faster response time to the manufacturer versus if internal employees or a third-party service provider did the job. Also, from a compliance standpoint, the new model ensured the highest quality in workmanship and offered full auditability. Upon further optimization, the model is expected to deliver more than 55% cost productivity and three-times faster response time. 

Not that the model only benefited the manufacturer. In addition to learning new skills, the resources were able to earn 20%-30% more money. In other words, a true win-win-win proposition.

Moreover, the number of U.S. product units recalled in the first seven months of 2022 surpassed 1 billion, according to insurance company Sedgwick, with medical devices comprising a large portion of this list. Fortunately, the new Connect^e model can help ensure safety, cost productivity, and compliance across all industries in supporting installed products—not only from a recall standpoint, but also in maintenance and other field activities.

Suresh Iyer is a co-founder of Connect^e Technology, and Siva Kannathasan is vice president of products and engineering at ResiliAnt/MediTechSafe, a cybersecurity software and system company.