Blood Bank Software Is Recalled : Medicine: Defects in programming are cited by FDA officials. Chance of a release of contaminated blood is called remote.

Computer software used by more than 200 hospital blood banks nationwide has been quietly recalled after the U.S. Food and Drug Administration discovered programming defects that could have allowed the accidental release of contaminated blood.

FDA officials said the chance of the release of contaminated or untested blood through flaws in Western Star Inc.’s LifeLine blood bank management system is “remote.”

Nevertheless, “We did look at it as something that is quite serious,” said James A. Davis, the Seattle-based regional director of the FDA’s Investigations Branch, who wrote the Feb. 17 recall letter to Western Star.

Blood bank officials said the recall underscores the inherent dangers of relying on complicated automated technology for such sensitive tasks as tracking blood through donation, testing and transfusion.

“If your software is bad, you may not know that until another independent event points up that something is wrong, like when a patient turns up positive for a disease,” said Jim MacPherson, executive director of the Council of Community Blood Centers in Washington, D.C., a trade association. MacPherson, like some other blood bank officials, had not been aware of the recall.

Western Star, based in Lake Oswego, Ore., has complied with the recall by notifying its customers and making sure the programming defects have been corrected, according to the FDA. The company complied voluntarily under threat of seizure of its products.

The rare action came three years after FDA officials first cited Western Star for problems with blood bank software. Over that period in a series of regulatory inquiries, the FDA has alleged that Western Star:

* Failed to adequately test software before distribution to its 219 clients.

* Failed to specify to its customers that problems with older versions of the software required that it be replaced with newer versions.

* Shipped “corrected” software with uncorrected defects that had already been identified, or with new programming errors.

As long ago as 1992, when the earliest version of the recalled software was put on the market, the FDA warned Western Star that some defects were thought to be serious enough to allow the release of blood contaminated with hepatitis or the human immunodeficiency virus that causes AIDS, FDA documents indicate.

The recall applies to the four versions of the software released since 1992, including two that the FDA says also contain “programming errors (that) could result in the release of blood and blood products which were either untested, tested reactive or were collected from ineligible donors,” the FDA stated in the recall letter.

FDA officials and Western Star executives stressed that they are virtually certain no blood was improperly released. The FDA has received no reports of health problems.

Overlapping safeguards reduce the possibility that any software-related mistakes could result in release of contaminated blood, according to hospital laboratory managers and Western Star President John Tortorici.

Tortorici said his firm was working closely with the FDA and had notified all of its clients, which include hospitals, blood banks and military installation medical centers around the United States, Canada and four other nations. He said corrective software would be distributed early this week.

Both the FDA and Western Star declined to disclose which hospitals use the recalled software.

Spokesmen for several Southern California facilities, such as the Blood Bank of San Bernardino and Riverside counties, said they continue to use the LifeLine system after correcting the defects themselves. Others were not aware of the problem.

Trade association official MacPherson said the software investigation presented a frightening scenario: “You have trusted the software was doing what it was supposed to do. . . . If you find out it wasn’t, what do you do? Do you notify all the patients? You need to determine the likelihood that something serious has happened. If their evaluation is that it potentially could happen, then it is quite possible it could already have happened and no one would have known it.”

But MacPherson stressed that he believed the possibility of improper release of contaminated blood was very slight, because the FDA has not ordered that any patients be notified or any blood be recalled.

Problems cited in the software recall fall into two categories. Two versions of the software, 4.0a and the most recent, 4.0c, have less serious programming problems. Most could result in deficiencies in record-keeping, such as a failure to alert users of the system to special transfusion needs, such as irradiated blood, the FDA said.

Two other versions, 4.0 and 4.0b, contained more serious errors that could result in the release of “unsuitable blood products,” the recall letter stated.

Untested blood that donors give for their own surgery could be released for general transfusion purposes, and blood units that should be quarantined could remain available for use if two computer users were changing the status of the unit at the same time, according to the FDA. The program could also fail to prohibit some high-risk donors from giving blood.

FDA documents show that federal inspectors have been concerned for three years with aspects of the firm’s software business.

Among the problems cited in a 1992 warning letter and 1993 inspections: shoddy record-keeping, inadequate testing and bug-proofing of software updates and program changes, and poor procedures for notifying hospitals about problems that were reported.

“The numbers, kinds and the repetitive nature of some software bugs . . . are indicative the firm is not operating in a state of control,” concluded FDA Engineer Norman Wong in a 1993 report.