Medical Device Software & Products Liability: An Overview (Part I)

By Sara E. Dyson, Esq.

How software is changing the legal landscape for medical device manufacturers.

Sponsored by: UL

This article is the first in a series of three that will address the products liability risks associated with software failures and medical devices. While software can transform medical device capabilities, its use also creates new products liability risks or changes the nature of existing risks. This series will provide descriptions of some of the software-related trends the author has observed as well as some prognostications about where software is taking us. This first article, however, is an introduction to the topic. It discusses the fundamentals of products liability law and its application to medical device software.

A medical device that is strictly mechanical is transformed—and not merely in terms of its technological capabilities—when a software component is added. Developments in software have pushed the cutting edge of new medical technologies, enabled new functionality in “old” devices, and disrupted healthcare delivery. Along with speeding the evolution of medical devices, software has also created a host of new risks that require new risk management strategies. In an era of well-publicized and expensive cyber breaches, managing “software risks” often means safeguarding products from hacking and infection. A 2016 report by Grand View Research estimates that the global healthcare cyber security market will reach nearly $10.85 billion by 2022. This number was just $5.5 billion in 2014, but the increasing frequency of cyber attacks, regulatory and security compliance requirements, and data leaks have forced life sciences companies to dedicate more financial resources to preventing cyber breaches. Yet, despite receiving the lion’s share of attention and resources, cyber attacks are not the only risk associated with medical device software. A category of risk that has received less attention than cyber risk but is also worthy of consideration relates to software failures.

Read Part II of the series, which looks at the use of software in non-clinical settings: The HomefrontProducts Liability & Medical Device Manufacturers

What happens when a product is defective and causes bodily injury or property damage? Products liability is the area of law that provides redress and holds manufacturers responsible when their products—whether medical devices or other types of products—malfunction and cause harm to users. What underpins this theory of liability is the premise that a manufacturer that profits from the sale of a defective product must bear the costs of remuneration when it injures someone.

The medical device industry has long been a favorite target of the plaintiffs’ bar. The typical scenario involves a patient who is injured physically by a defect in a medical device. In the lawsuit that follows, the patient becomes the plaintiff and pursues a products liability action against the medical device manufacturer. In recent years, the products liability landscape for medical device manufacturers has been dominated by litigation involving products like transvaginal mesh and metal-on-metal hip implants. Transvaginal mesh is a widely prescribed treatment to address urinary incontinence or pelvic organ prolapse in women, particularly following childbirth. Some women have reported experiencing serious health issues after receiving the implants, including when mesh erodes, breaks into pieces, and cuts or perforates nearby organs. More than 100,000 women are currently in litigation involving this product. Metal-on-metal hip implants are also the subject of major products liability litigation. Plaintiffs claim that debris from the product’s metal components migrates through the body and causes tissue poisoning. The products, which are manufactured by several companies, allegedly cause dangerous levels of chromium and cobalt to enter the patient’s bloodstream, resulting in a variety of debilitating conditions. More than 100,000 devices have been recalled, and the products liability litigation has cost manufacturers of metal-on-metal products several billion dollars, collectively.

While these are two examples of “big” cases, every year thousands of products liability lawsuits are filed against medical device manufacturers by patients allegedly injured by their products. Most of these cases settle out of court and never make the headlines. Whether a particular product will wind up being the subject of a products liability lawsuit cannot be predicted with certainty. Nevertheless, it is important for manufacturers to attempt to identify those medical devices that may become the subject of products liability actions. Every type of medical device has a unique products liability “risk profile,” a collection of attributes that make it more or less vulnerable to this type of legal claim. Knowing the products liability risk profile of a medical device is critical to formulating a risk management strategy that can address potential problems before they arise. Addressing the theme of this series specifically, software and its use as a component in a medical device impacts the products liability risk profile of the device, and it is essential for medical device manufacturers to understand how and know what to do to mitigate the risks.

Is Software a Product?

Before getting to the heart of the matter, I must first address a pesky legal issue that has complicated software-related liability matters for years. The question is whether software can be the subject of a certain type of products liability claim.

Products liability claims come in a few varieties, including strict liability and negligence. Strict liability focuses on the product itself, while negligence focuses on the activities of the manufacturer. A plaintiff who asserts a strict liability argument must show that the product was defective in order to prevail. On the other hand, at issue in a negligence claim is whether the manufacturer failed in some way, causing the product to be defective. Between the two theories, negligence can be the harder case for plaintiffs to make. Typically, it involves demonstrating that the manufacturer was required to take reasonable steps to protect patients from foreseeable hazards arising from the product but failed to do so. In general, most plaintiffs will assert both strict liability and negligence arguments in any given products liability lawsuit. When software is the product that allegedly injures the plaintiff, however, the plaintiff may be barred from recovering under a strict liability argument (though negligence is still fair game).

Whether software can be the subject of a strict liability claim is contentious. One argument goes like this: Software is more like a service rather than a tangible thing and is unlike the broad category of material goods that gives rise to strict products liability but instead resembles a class of items that courts have traditionally decided are not, in fact, products and are not, therefore, subject to products liability. On the other side of the debate, it is argued that software that is embedded in tangible goods, or that is mass produced, sufficiently resembles a tangible product, therefore making strict liability applicable. Courts in various jurisdictions have decided the issue differently, and the law is still unsettled. Manufacturers that are considering adding software capabilities to their medical devices, including as accessory products, such as mobile phone applications (“mobile apps”), which are addressed specifically in the second article in this series, should monitor how this legal issue evolves. If strict liability is applied more widely in cases involving embedded or mass-produced software, this legal development would make it easier for more plaintiffs to prevail in cases involving products like mobile apps—theoretically, anyway, since strict liability is usually an easier case for plaintiffs to make than negligence.

What’s important for the purposes of this series, however, is not whether a plaintiff’s argument sounds in negligence or strict liability, but why the plaintiff claims the device failed. The possible ways in which a device can fail determine the device’s products liability risk profile and may indicate possible risk mitigation measures to enhance product safety and prevent liability. Regardless of whether the plaintiff makes a negligence or strict liability argument, at issue in the case will be three aspects of the product—its design, warnings and instructions, and manufacture or assembly—and whether the product was defective with respect to any one of them.

Continue to page 2 below.

Related Articles

About The Author

Sara Dyson, Medmarc