1. Home
  2. Inspections, Compliance, Enforcement, and Criminal Investigations
  3. Compliance Actions and Activities
  4. Warning Letters
  5. Contec Medical Systems Co., Ltd. - 717941 - 10/02/2025
  1. Warning Letters

WARNING LETTER

Contec Medical Systems Co., Ltd. MARCS-CMS 717941 —

Delivery Method:
VIA Electronic Mail
Product:
Medical Devices
Recipient:
Recipient Name
Kun “James” Hu
Recipient Title
CEO
Contec Medical Systems Co., Ltd.

No. 112 Qinhuang West Street
Economic and Technical Development Zone
Qinhuangdao Shi
Hebei Sheng, 066004
China

Issuing Office:
Center for Devices and Radiological Health

United States

WARNING LETTER

October 2, 2025

Dear Kun “James” Hu:

During an inspection of your firm located in Qinhuangdao, Hebei, China on June 9, 2025 through June 12, 2025, an investigator from the United States Food and Drug Administration (FDA) determined that your firm manufactures CMS 8000 Patient Monitor, CMS600P2PLUS B-Ultrasound Diagnostic System, CMS1700B Color Doppler Ultrasound Diagnostic System, CMS 9000 Patient Monitor, PO30 Pulse Oximeter, Pocket Fetal Doppler. Under section 201(h) of the Federal Food, Drug, and Cosmetic Act (the Act), 21 U.S.C. § 321(h), these products are devices because they are intended for use in the diagnosis of disease or other conditions or in the cure, mitigation, treatment, or prevention of disease, or to affect the structure or function of the body.

Quality System Regulation Violations

This inspection revealed that these devices are adulterated within the meaning of section 501(h) of the Act, 21 U.S.C. § 351(h), in that the methods used in, or the facilities or controls used for, their manufacture, packing, storage, or installation are not in conformity with the current good manufacturing practice requirements of the Quality System regulation found at Title 21, Code of Federal Regulations (CFR), Part 820.

We received a response from Kun “James” Hu, CEO dated July 1, 2025, concerning our investigator’s observations noted on the Form FDA 483 (FDA 483), List of Inspectional Observations, which was issued to your firm. We address this response below, in relation to each of the noted violations. These violations include, but are not limited to, the following:

1. Failure to adequately establish procedures for corrective and preventive action, as required by 21 CFR 820.100(a). For example,

A. The cause of nonconformities identified are not adequately investigated.

B. Corrective actions taken are not documented per your firm’s CAPA procedure.

C. The preventive action of creating the procedure, “Cybersecurity Management Plan, Version 1, Effective 6/5/2025” was not documented as completed prior to closing CAPA number 20250227M on 3/18/2025.

D. Verification activities performed to verify corrective and preventive actions were effective are not adequately documented. Specifically, you have not verified that customers are correctly interpreting actions to be taken in response to your open recall (Z-1764-2025).

The response dated July 1, 2025, is not adequate. In "FEI 3006979678,OBS1,WS2025061201-English" you provided the revised procedures, training records, and reopened the cited CAPAs for further corrective actions. However, you have not performed a retroactive review of your CAPAs to ensure you have adequately investigated the cause of nonconformities, documented corrective actions taken per your updated CAPA procedure, and documented the verification activities performed to verify corrective and preventive actions were effective. Further, your responses do not address the verification of corrective and preventive action effectiveness for your open recall (Z-1764-2025). As such, you have not provided evidence to support the adequate systemic implementation of your revised procedures and adequate CAPA procedures in accordance with 21 CFR 820.100(a).

2. Failure to adequately establish and maintain procedures for validating the device design, as required by 21 CFR 820.30(g). For example:

A. Test plans created to validate device software designs do not ensure validation testing is performed under adequately defined operating conditions. For example, test plans do not include established acceptance criteria prior to testing.

B. Test reports do not confirm that design outputs meet design inputs. For example,

i. Two security risks were found in the B-Ultrasound Diagnostic testing and your firm failed to document the patch created to shut down the function of the ports as a deviation from the test plan.

ii. The Security Test Report for the Color Doppler Ultrasound Diagnostic System did not include Network Segmentation, Zone Boundary Protection, and General Purpose, person-to-person communication restriction testing as identified as required in the Test Plan.

C. Software design validations are not documented in device DHFs. For example, your firm did not have the software Test Plans for the B-Ultrasound Diagnostic System cleared under K232895 or the software Test Plan for the Color Doppler Ultrasound Diagnostic System cleared under K232908 in the respective DHF.

D. Your firm failed to adequately implement your risk management procedure for the CMS 8000 software.

The adequacy of the response dated July 1, 2025, cannot be determined at this time.

While your response provided updated procedures and test plans, it appears your response did not include complete test reports. Therefore, you have not provided evidence to support the adequate systemic implementation of your revised procedures and adequate design validation in accordance with 21 CFR 820.30(g).

3. Failure to adequately establish procedures for receiving, reviewing, and evaluating complaints by a formally designated unit, as required by 21 CFR 820.198(a). For example, complaints received via eCommerce sites and complaints received via international country officials are not reviewed and evaluated for reportability. Specifically, several complaints from eCommerce sites and one from Canada’s Medical Devices and Clinical Compliance Directorate were not logged in the complaint log for handling via your firm’s complaint handling procedure and were not evaluated for reportability to the FDA. Additionally, feedback associated with user error or known product quality degradation associated with component longevity (cables, power cord, USB cable, etc.) are not documented as complaints for trending or investigation.

The response dated July 1, 2025, is not adequate. Your response included updated procedures and training records; however, you have not performed a retroactive review of complaints received through eCommerce sites or international country officials to ensure you have adequately received, reviewed, and evaluated these complaints. Further, you have not provided evidence to support the adequate systemic implementation of your revised procedures and adequate complaint receiving, reviewing, and evaluating in accordance with 21 CFR 820.198(a).

4. Failure to adequately maintain records at a location that is reasonably accessible to responsible officials of the manufacturer and to employees of the FDA, as required by 21 CFR 820.180. For example: the inspector asked to be taken to the location where the software test plan for the B-Ultrasound Diagnostic System could be found and your firm's Deputy Vice Manager for Certification and Registration indicated that test plans are not maintained at your firm for validation testing performed by third party vendors.

The adequacy of your response dated July 1, 2025, cannot be determined at this time. Your response revised the Product Certification and Registration Work Instruction and provided the training records on the revised instruction. However, you have not provided evidence to support the adequate systemic implementation of your revised work instruction and adequate records maintenance in accordance with 21 CFR 820.180.

Corrections and Removals Violation

Our inspection also revealed that your firm’s CMS8000 Patient Monitor devices are misbranded under section 502(t)(2) of the Act, 21 U.S.C. § 352(t)(2), in that your firm failed or refused to furnish material or information respecting the device that is required by or under section 519 of the Act, 21 U.S.C. § 360i, and 21 CFR Part 806 – Medical Devices; Reports of Corrections and Removals. Significant violations include, but are not limited to, the following:

Failure to include a copy of all communications regarding the correction or removal in the report, as required by 21 CFR 806.10(c)(12). For example, you included a paragraph in the customer notification letter sent to consignees for an open recall (Z-1764-2025) that was omitted from the version of the letter sent to the FDA as part of the written report.

Given the serious nature of the violations of the Act, all devices manufactured by your firm are subject to refusal of admission under section 801(a) of the Act, 21 U.S.C. § 381(a), in that they appear to be adulterated. As a result, FDA is taking steps to refuse entry of these devices into the United States, known as “detention without physical examination,” until these violations are addressed. In order to remove the devices from detention, your firm should provide a written response to this Warning Letter as described below and address the violation(s) described in this letter. We will notify you regarding the adequacy of your firm’s response(s) and the need to re-inspect your firm’s facility to verify that the appropriate corrections and/or corrective actions have been made.

Other federal agencies may take your compliance with the FD&C Act and its implementing regulations into account when considering the award of federal contracts. Additionally, should FDA determine that you have Quality System regulation violations that are reasonably related to premarket approval applications for Class III devices, such devices will not be approved until the violations have been addressed.

Please notify this office in writing within fifteen business days from the date you receive this letter of the specific steps your firm has taken to address the noted violations, including an explanation of how your firm plans to prevent these violations, or similar violations, from occurring again. Include documentation of the corrections and/or corrective actions (which must address systemic problems) that your firm has taken. If your firm’s planned corrections and/or corrective actions will occur over time, please include a timetable for implementation of those activities. If corrections and/or corrective actions cannot be completed within fifteen business days, state the reason for the delay and the time within which these activities will be completed. Please provide a translation of documentation not in English to facilitate our review. If you believe that your products are not in violation of the FD&C Act, include your reasoning and any supporting information for our consideration as part of your response.

Your firm’s response should be sent via email to Jennifer Kozen at CDRHEnforcement@fda.hhs.gov. Please include in the subject line, “CMS Case 675091 when replying. If you have any questions about the contents of this letter, please contact: Jennifer Kozen at 301-796-5813 or Jennifer.Kozen@fda.hhs.gov.

Finally, you should know that this letter is not intended to be an all-inclusive list of the violations at your firm’s facility. It is your firm’s responsibility to ensure compliance with applicable laws and regulations administered by FDA. The specific violations noted in this letter and in the Inspectional Observations, FDA 483, issued at the close of the inspection may be symptomatic of serious problems in your firm’s manufacturing and quality management systems.

Your firm should investigate and determine the causes of any violations and take prompt actions to address any violations and bring the products into compliance.

Sincerely yours,
/S/
Bram Zuckerman  
Director Office of Cardiovascular Devices
Office of Product Evaluation and Quality  
Center for Devices and Radiological Health

CC:
Marco Mu
MID-LINK INTERNATIONAL CO., Ltd
2219 Rimlang Drive, Suite 301
Bellingham, Washington, US 98226
Phone: 702-209-5185
Fax: 360-925-3199
Email: us.agent@mid-link.net

Back to Top