cd /news/ai-policy/a-note-too-far-when-a-letter-to-file… · home topics ai-policy article
[ARTICLE · art-63930] src=innolitics.com ↗ pub= topic=ai-policy verified=true sentiment=↓ negative

A note too far. When a letter to file gets a warning letter instead.

The FDA issued a warning letter to Nihon Kohden Digital Health Solutions on July 14, 2026, for shipping a software update to its Next Generation NetKonnect patient monitor without a new 510(k) clearance. The agency disagreed with the company's regulatory assessment that the Silence Alarms function was not a control mechanism change, and also found that labeling claiming device-agnostic compatibility constituted a major change in intended use. The warning letter highlights the FDA's strict interpretation of when software modifications require new premarket notification.

read11 min views1 publishedJul 17, 2026

On July 14, 2026, FDA posted a warning letter that should make every software device team re-read their change-control SOP. The agency told Nihon Kohden Digital Health Solutions that a software update it shipped in October 2022, documented internally as a letter to file, required a new 510(k). Not because the company skipped the analysis. Because FDA disagreed with one answer, at one decision point, in the company's own regulatory assessment.

It prompted us to ask a bigger question: where does FDA actually draw the line between "document it and ship" and "file a new 510(k)"? Guidance tells you how to run the analysis. Enforcement tells you where the line is. So we pulled every warning letter in FDA's online database (all 3,621 of them) and ran AI classification across the full corpus to find every letter where FDA rejected a manufacturer's own modification decision.

The device is the Next Generation NetKonnect, a patient physiological monitor with arrhythmia detection, cleared as K220989 in July 2022. Three months after clearance, the company added a Silence Alarms function via a software update. Its regulatory assessment walked FDA's own flowchart from the 2017 guidance, Deciding When to Submit a 510(k) for a Change to an Existing Device. At decision point B2 ("Is it a control mechanism, operating principle, or energy type change?") the company answered No. Letter to file. Ship it.

FDA's warning letter quotes that assessment back at them:

"At decision point B2 of the assessment, 'Is it a control mechanism, operating principles, or energy type change?' you selected 'No.' ... However, we disagree with this assessment because adding the Silence Alarms function is a change to a control mechanism of the device and we believe that 'Yes' should have been selected, leading to 'New 510(k).'"

The reasoning: a Silence Alarms function modifies "the manner in which the user controls the device," and a silenced alarm on an arrhythmia monitor can mean a missed life-threatening event. That is a change to a risk control for a significant harm, which is exactly the category the guidance says almost never survives a letter to file. The guidance's own words on B2: "Almost all changes in the control mechanism for a device could significantly affect safety and effectiveness."

There was a second count. The company's labeling described "device-agnostic compatibility": the ability to take input from non-Nihon Kohden devices. K220989 cleared the device for Nihon Kohden inputs only. FDA called that a major change in intended use under 21 CFR 807.81(a)(3)(ii), on top of the control-mechanism change under 807.81(a)(3)(i).

Both counts rest on the same regulation, and it is short. 21 CFR 807.81(a)(3) requires a new premarket notification when a device already in commercial distribution "is about to be significantly changed or modified in design, components, method of manufacture, or intended use," and then defines what qualifies:

(i) A change or modification in the device that could significantly affect the safety or effectiveness of the device, e.g., a significant change or modification in design, material, chemical composition, energy source, or manufacturing process.

(ii) A major change or modification in the intended use of the device.

Eleven words for the intended-use prong, and no definition of "major." That gap is what the 2017 guidance and its flowchart exist to fill.

Two decisions, both defensible-sounding in a change-control meeting. Both rejected in a two-day inspection in February 2026.

Before drilling into devices, the whole corpus, because a boundary map is only as good as its coverage. Every one of the 3,612 unique letters got the same treatment: full text pulled, product area classified, violation categories extracted. Two-thirds of FDA's warning-letter volume is drugs and tobacco. Devices account for 251 letters (7 percent), plus 12 mixed-product letters that also cite device violations, 263 in all. Within those, labeling/misbranding and premarket citations dominate, with quality-system findings right behind. The letter-to-file oversteps live at the intersection of the top two: an unapproved change makes the device both adulterated and misbranded.

The corpus breaks down like this: the 3,621 database entries deduplicate to 3,612 unique letters (FDA posted nine of them twice). 263 concern medical devices. 83 involve a device that is or contains software; only 3 of those explicitly involve AI/ML device software functions, and none of the three is a modification overstep. And 64 letters invoke 21 CFR 807.81 against a device that already had a clearance or approval: the modification oversteps. A firm made a change, decided no new submission was needed, and FDA disagreed. 14 of those 64 implicate the device's software: 11 where the change itself was code or firmware, 3 where marketing expanded what the software claims to do.

Sixty-four letters across five and a half years of enforcement is not a wave. FDA rarely second-guesses a letter-to-file decision, and when it does, the case has already cleared a high internal bar: a warning letter is reviewed at the district and center level, often with legal sign-off, before it is issued, and marginal cases get filtered out along the way. The 64 that made it through are the disagreements FDA was confident enough to put in writing. Together they map where the agency's tolerance actually ends, drawn by the agency itself.

The timing tells its own story. Two overstep letters in 2021. Sixteen in 2023, and roughly fifteen a year since. Nine already in the first half of 2026, on pace for the busiest year in the record. And the software share is climbing: software-implicated changes appear in 7 of the 40 overstep letters from 2021-2024, then 7 of the 24 since January 2025: from under one in five to nearly one in three.

Here is every modification overstep in the corpus where the device's software was one subject of the enforcement action: either the change itself was code or firmware, or the company's claims expanded what the software does. What changed, and why FDA said it needed a new submission:

Year Company What changed FDA's objection Software the primary finding? Software-only device (SaMD)?
2026

A caution before generalizing from the table: not every letter here is about the software. In nine of the fourteen, the software modification — or the claims expansion about what the software does — is the primary basis of the warning letter, and in three of those (Nihon Kohden, ICU Medical, Nikkiso) it is the only charge. In two (Uscom, Cue Health) the software change is one of several co-equal uncleared changes. And in three (ZIIP, Xoran, Technological Medical Advancements) the letter is really a quality-system action that swept software changes in as design-control findings. And only one of the fourteen — Nihon Kohden’s NetKonnect, which runs on off-the-shelf computers — is a software-only device (SaMD); every other letter concerns software living inside or alongside a hardware device.

Read down the "what changed" column and the boundary draws itself. Three clusters account for nearly everything:

1. Changes to how the device intervenes: alarms, controls, autonomy. Nihon Kohden's Silence Alarms. Nikkiso's closed-loop controller. ICU Medical's pump software. Anything that changes how the device acts on or alerts about the patient is a control-mechanism or risk-control change, and FDA treats it as presumptively significant. The ICU Medical letter deserves special attention: some of the software changes were corrections responding to adverse events, and FDA still required clearance. Fixing a safety problem does not exempt the fix.

2. New detection or measurement capability. BMC Medical's firmware gained three new breathing-event detections. iRhythm tuned its arrhythmia algorithm and moved toward near-real-time monitoring claims. When the device starts detecting something it did not detect before, or detecting the same thing differently, the cleared performance evidence no longer describes the marketed device.

3. Intended-use expansion, usually via marketing. The most common cluster, and the most seductive, because no code changes at all. Red Oak's dynamometer became a concussion screener on the company website. RightEye's eye tracker became a Parkinson's diagnostic. Nihon Kohden's monitor became "device-agnostic." Uscom's clinic spirometer moved into the home. Your indications are what you promote, not what your 510(k) says, and FDA reads websites.

Twelve more oversteps landed on software-containing devices but did not make this table, because the changes themselves had nothing to do with the software: Dexcom swapped a sensor resistance-layer component in the G6 and G7 CGMs, Happiest Baby's SNOO changed sleep-sack dimensions and marketed a home bassinet to hospitals, Outset Medical promoted its dialysis system for CRRT, and nine others changed tubing, connectors, sterilization methods, or care settings. Worth noting anyway: owning a software device does not make your hardware and labeling changes safer.

We hand-verified every letter in this table against the original text: each company name links to the FDA warning letter, and the per-letter software-role judgments live in our repository alongside the corpus. The broader corpus classification (the 263 device letters, the 83 software letters) is AI-assigned and cross-checked by a second independent model; treat those as accurate to within a few letters, not exact to the last one.

The closest recent precedent shows the price of getting this wrong. iRhythm received a warning letter in May 2023 that, among other findings, cited changes to the Zio AT system (including algorithm adjustments to improve arrhythmia detection performance) that had been documented through letters to file rather than new 510(k)s.

The path back: iRhythm negotiated with FDA, agreed to submit two new 510(k)s covering the accumulated design changes, and received the clearances in October 2024, roughly seventeen months after the letter. Seventeen months of remediation, public disclosure in SEC filings, and a stock price that moved on each announcement, the warning letter was more expensive than just the labor needed to fix it.

That asymmetry is the whole calibration argument. A Special 510(k) has a 30-day review clock. A rejected letter to file costs an inspection finding, a warning letter with your reasoning quoted back at you, adulteration and misbranding allegations on every unit shipped since the change, and a year or more of remediation under public scrutiny.

Put the guidance and the enforcement record side by side and the letter-to-file envelope is narrower than most engineering roadmaps assume, but wider than regulatory pessimists fear. Sixty-four rejections in five and a half years, against tens of thousands of letter-to-file decisions industry makes annually, means the documented no-new-510(k) pathway works. It fails in specific, predictable places.

Stay inside the envelope when the change restores cleared behavior, refactors without touching clinical function, or improves reliability with the same inputs, outputs, thresholds, and claims, with regression evidence to prove it. FDA has never, in this corpus, pursued a company for a well-documented change that preserved the cleared performance envelope and intended use.

You are outside the envelope when any of these is true:

And a note for AI teams specifically: only three letters in the entire corpus involve AI/ML explicitly, and none of them is a modification overstep: all three are never-cleared products. No company has yet received a warning letter for retraining a cleared model under a letter to file. While the iRhythm letter cites a Zio AT algorithm “adjusted based on available data” — every readable clue (the “events that meet criteria” trigger language, FDA’s citation of the performance-specification branch of the modifications guidance, and the on-patch firmware context) says threshold tuning rather than just retraining, but the (b)(4) redactions leave a sliver of doubt.

But don’t take it to mean this is a “get out of jail free” card. It could very well be just because the AI device fleet is young, inspections lag by years, and the enforcement pattern above (risk controls, autonomy, detection behavior, claims) maps directly onto what a model update changes.

One more pattern worth naming: the clock does not protect you. Nihon Kohden's change ran three and a half years before the inspection. Red Oak's website claims were reviewed years after clearance. The SNOO letter re-adjudicated arguments the company had formally made to FDA twice. The exposure is cumulative: every unit shipped since the change is adulterated and misbranded the day FDA disagrees, and it compounds silently until an investigator opens the design history file.

Read your own change assessments the way an investigator will. The Nihon Kohden letter is a template: FDA pulled the company's regulatory assessment, found the decision point, and litigated the single checkbox.

Some concrete calibration from the enforcement record:

Innolitics helps AI and software medical-device teams make exactly these calls (change assessments, PCCP strategy, and 510(k) submissions) before a release decision becomes a compliance problem. If your team is sitting on a stack of letters to file and wondering how they would survive an inspection, that review is a lot cheaper this year than next.

── more in #ai-policy 4 stories · sorted by recency
── more on @fda 3 stories trending now
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/a-note-too-far-when-…] indexed:0 read:11min 2026-07-17 ·