21 C.F.R. § 820.170 — Patient Safety Resource

21 CFR 820.170 — Patient Safety Is Not Negotiable.

Under 21 CFR 820.170, federal law is clear: medical devices must be safe, effective, and properly installed, tested, and maintained. When corporate policy conflicts with that obligation — the law wins.

Explore the Regulations → Submit Evidence ↓
21 C.F.R.
§ 820.170 — Installation Controls
§ 360k
Prohibited Acts — Federal Law
FD&C Act
Supreme Safety Obligation
Not a government website. Not affiliated with the FDA, DOJ, FTC, FCC, the Library of Congress, or any federal, state, or local agency. Content is educational and informational only — not legal, regulatory, or medical advice. No attorney-client relationship, regulatory relationship, or duty of care is created by use of this site.
Mission

"When conduct causes a device to become unsafe, misbranded, or adulterated — federal law treats that conduct as a prohibited act, regardless of intent or internal directives."

Patient safety is the supreme obligation in medical-device law. Not contracts. Not corporate policy. Not litigation posture. Not trade-secret labels.

This resource was built from firsthand experience installing and servicing FDA-regulated medical imaging systems, combined with public records, published statutes, and enforcement history.

Imaging systems aren't consumer electronics. Magnets, motion systems, high-voltage power, RF, radiation, and software controls all intersect. Missing installation or inspection criteria isn't paperwork — it's how real hazards slip in quietly.

Under the Federal Food, Drug, and Cosmetic Act, Congress made one obligation clear: devices must be safe, effective, and properly installed, tested, and maintained. See 21 U.S.C. § 331, § 351, § 352, § 360k, § 360kk, and 21 C.F.R. § 820.170.

When conflicts arise between safety obligations and corporate positioning, patient safety must win. Every time. Courts may debate liability. Companies may debate exposure. Physics does not. Patients should never be the ones absorbing that risk.

Federal Law — Start Here

21 CFR 820.170 & § 360k — Prohibited Acts & Core Statutes

This site starts where accountability lives: federal law. Corporate policies, internal legal instructions, trade-secret claims, or contractual restrictions do not override federal safety obligations. Enforcement doesn't ask who wrote the policy — it asks who carried it out when compliance was no longer optional.

21 U.S.C. § 331

Prohibited Acts

The foundational prohibited acts provision of the FDCA. When conduct results in an adulterated, misbranded, or non-compliant device, it falls here — regardless of who wrote the policy.

Read on USCode.house.gov →
21 U.S.C. § 351

Adulteration

Defines when a device is considered adulterated. If a device's safety is compromised due to improper installation or withheld service information, adulteration exposure arises.

Read on USCode.house.gov →
21 U.S.C. § 352

Misbranding

A device that lacks required labeling, instructions, or safety information is misbranded. This applies to missing installation and service documentation in many contexts.

Read on USCode.house.gov →
21 U.S.C. § 360k

Medical Device Standards

Key reference for device performance standards and preemption analysis. Cited in accountability assessments where safety standards are in question.

Read on USCode.house.gov →
21 U.S.C. § 360kk

Performance Standards

Addresses performance standards for electronic products. A key reference when device performance criteria are at issue and where safety depends on verifiable specifications.

Read on USCode.house.gov →
17 U.S.C. § 1201 / DMCA

Library of Congress Repair Exemption

Triennial LoC rulemaking has reaffirmed exemptions that can permit circumvention for lawful diagnosis, maintenance, and repair of medical devices in specified contexts.

17 U.S.C. § 1201 → LoC § 1201 Rulemaking →
15 U.S.C. § 45

FTC — Unfair Practices

When restrictions on parts, tools, or repair information affect safety representations and market access, FTC Act Section 5 authorities may be implicated.

Read on USCode.house.gov → FTC Official Website →
47 C.F.R. Part 18

FCC — ISM Equipment / EMC

Medical imaging environments involve electromagnetic compatibility and interference considerations. FCC rules for industrial, scientific, and medical equipment govern these settings.

47 CFR Part 18 → 47 CFR § 18.207 → FCC Official Website →
Common Questions

What People Ask When This Gets Real

Q: Why does this matter to patients?
Because imaging systems aren't consumer electronics. Magnets, motion systems, high-voltage power, RF, radiation, and software controls all intersect. Missing installation or inspection criteria isn't paperwork — it's how real hazards slip in quietly. Patients end up absorbing the risk of decisions made far upstream.
Q: "We were told not to share the documents." Is that a defense?
Internal restrictions do not change federal obligations. If the outcome is an unsafe, adulterated, or misbranded device, the law doesn't accept "I was told not to" as a magic erase button. Enforcement doesn't ask who wrote the policy — it asks who carried it out when compliance was no longer optional.
Q: What is the "FDA requirements are irrelevant" issue?
The enforcement-focused question is this: if a regulated entity treats FDA-mandated requirements as "irrelevant," is that consistent with binding quality and safety obligations — especially where missing instructions and controls can drive misbranding and adulteration exposure? The practical answer is no. The legal exposure is real.
Q: Does personal responsibility exist in this chain?
This site is educational, not legal advice — but the practical risk is clear: if someone knowingly participates in blocking required installation or service controls and a patient's safety suffers, the entire decision chain gets examined. "Following orders" has never been a complete defense in federal regulatory enforcement.
Q: What is the amicus / Tom Quinn reference about?
Public filings and referenced communications describe how installation obligations are categorized, and how technical information (manuals, schematics, performance data, warnings) is identified in regulatory contexts. This matters because the safety question remains the same: what information exists, who needs it, and who gets blocked.
21 CFR 820.170

21 CFR 820.170 — Installation Controls

The plain text of 21 CFR 820.170 uses mandatory language ("shall") and requires manufacturers to establish and maintain adequate installation and inspection instructions, including directions to ensure proper installation so the device performs as intended after installation.

→ Read 21 CFR 820.170 on eCFR

Practical question: If qualified installers and owners can't access official procedures and acceptance tests, what exactly is being used to verify "proper installation" — and who is signing off?
FDA Form 3663 (F.5)

Technical Information Categories

Public explanations describe Form 3663 paragraph F.5 as including specific categories of technical information. If these categories exist in the regulatory context — why are qualified installers, owners, and servicers blocked from accessing them when patient safety depends on it?

Category F.5 — 01

Operation & Maintenance Manuals

Procedures required for the safe operation, routine maintenance, and scheduled servicing of a regulated medical device — essential for anyone responsible for keeping the equipment in compliant working order.

Category F.5 — 02

Service Manuals

Detailed technical documentation covering component-level repair, fault diagnosis, calibration, and corrective maintenance procedures necessary to restore a device to its intended safe operating state.

Category F.5 — 03

Performance or Design Data

Specifications, acceptance criteria, and design parameters that define how a device should perform under normal operating conditions — required to verify that installation and servicing meet manufacturer and regulatory standards.

Category F.5 — 04

Wiring Diagrams & Schematics

Electrical, mechanical, and system-level diagrams required to safely inspect, troubleshoot, and service a device. Without these, installers and technicians cannot verify that high-voltage, RF, and motion systems are correctly configured.

Category F.5 — 05

Warnings & Labeling

Safety warnings, hazard notices, contraindications, and required labeling that must accompany a device at installation and throughout its service life. A device missing required warnings may be considered misbranded under 21 U.S.C. § 352.

The core safety question: If these categories are formally recognized in regulatory context, and if patient safety depends on qualified installers and servicers having access to them — on what legal or ethical basis are they being withheld?

IP vs Safety

Trade Secrets vs. Patient Safety

This site is not anti-IP. It is anti-"IP used as a shield to block safety-critical information."

If information is required to ensure safe installation, servicing, or operation of a regulated medical device, withholding it can create compliance and patient safety risks — regardless of how that information is labeled internally.

The Library of Congress (via the Copyright Office's triennial rulemaking) has adopted and reaffirmed exemptions under 17 U.S.C. § 1201 that can permit circumvention for lawful diagnosis, maintenance, and repair in specified contexts. "Locked down" access claims often collide with real-world patient safety responsibilities.

Safety and lawful repair require access to diagnostic and maintenance information. The exemption exists precisely because patient safety cannot be held hostage to IP enforcement strategies.
Take Action

Submit Evidence & Report to FDA

There are two paths for raising medical device safety issues — directly to the FDA for formal regulatory action, or to this site as documented evidence.

📸 Submit Photos or Safety Evidence

If you have photos, videos, or documentation showing:

  • Medical device defects or failures
  • Installation or service problems
  • Missing or withheld safety instructions
  • Injuries or near-miss events involving medical devices

Subject line: SAFETY EVIDENCE SUBMISSION · Do NOT include patient names, medical record numbers, or PHI. Submission does not create a legal, medical, or professional relationship.

🧾 Report a Safety Issue to FDA

FDA MedWatch (Form 3500) — the formal channel for adverse event reporting with federal whistleblower protections.

FDA MedWatch →

Device reporting (MDR): 21 CFR Part 803
Corrections & Removals: 21 CFR Part 806

Official Resources

Government Agency Links

FDA — CDRH
FDA — DICE
U.S. Dept. of Justice
Federal Trade Commission
HHS — Inspector General
Library of Congress § 1201
Federal Communications Commission
eCFR — 21 C.F.R. § 820.170

🧭 Whistleblower Notice

This site discusses patient-safety risks and potential regulatory non-compliance based on public records and field experience. Nothing herein waives any whistleblower rights or protections under applicable law. Individuals raising safety concerns through appropriate channels are protected under multiple federal statutes.

📜 Terms of Use

By using this site, you agree that content is educational and informational only, provided without warranties of any kind, and that you will independently verify all regulatory requirements before relying on anything presented here. No professional relationship — legal, medical, or regulatory — is created by accessing or using this site.

Your Feedback

Suggest an Improvement

Have an idea to make this site more useful? See something missing, inaccurate, or that could be clearer? Submit your suggestion below — it goes directly to Marshall.

Your message goes directly to Regulations@21cfr820.net. No spam, no third-party storage — just a direct email.

About This Site

Built From Firsthand Experience

This is not a law firm, a government office, or a compliance consultancy. It is a firsthand account — backed by public records and enforcement history.

MS
Marshall R. Shannon
Medical Imaging Systems Technician — Site Author

I built this site from firsthand experience installing and servicing FDA-regulated medical imaging systems. The content combines that field knowledge with public records, published statutes, and regulatory enforcement history. Views expressed are based on public records and personal experience; they do not represent official agency positions or determinations. Nothing on this site constitutes legal advice or creates a professional relationship.

✉ General Contact: Marshall@21cfr820.net ✉ Safety Submissions: Regulations@21cfr820.net