August 2018 Standards Navigator Report

This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions.

Standards and Regulatory Activity Overview

Medical device software

Two webinars will be held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management and corresponding general aspects for medical devices. These webinars are being held to explain the status of the IEC 62304 project.

A committee draft for Enquiry Ballot was issued by IEC/SC 62A and ISO/TC 215 for IEC 62304 Ed 2.0 with the deadline of early May 2018. This draft was not approved to go forward and the IEC 62304 revision project team met to resolve the comments received as well as to recommend the next course of action to the officers of the IEC and ISO committees.

Given the nature of the comments, the committee officers have determined that the draft will be revised and circulated as a third Committee Draft later this year. At that time, National Committees/Member Bodies will have a chance to submit comments. The project team has been discussing possible options for the revision of the general requirement of risk management in IEC 62304. The options will be discussed during the Webinar.  The webinars are being held as part of the messaging campaign to alert the National Committee/Member Bodies of the planned action for IEC 62304.

Please note that the webinars will be broadcast on two different days at two different times to accommodate most of the National Committee/Member Bodies at a time that may be more convenient. Please only participate in one as same information will be relayed in both of the webinars (titled Session 1 and Session 2).  Also note that this will not be an open discussion session and questions, if any, will be moderated and answered.

The webinars will be open but please remember to register early and to log into the appropriate session:

Tuesday, 2 October 2018: 23:00 – 02:00 (UTC) – Session 1
Registration link: https://attendee.gotowebinar.com/register/4149891528018705921

Thursday, 4 October 2018: 12:00 – 15:00 (UTC) – Session 2
Registration link: https://attendee.gotowebinar.com/register/5783877957079945729

Medical devices

Cybersecurity

The proposal for a new standard for activities in the product lifecycle of health software (including software as/in a medical device) for the information security of the product was approved.  First meeting to prepare a committee draft will occur in October 2018.  This standard will be consistent with the perspective and structure of IEC 62304 and it will extend the artifacts and activities described in IEC 62304 by those which are related to information security in the product lifecycle. In this respect, no new technical requirements will be specified, but existing technical measures for security in the product lifecycle will be added to the activities known from IEC 62304.  A committee draft of the standard is planned for the end of 2018, with publication of the International Standard by the end of 2020.

A draft of a revision of the Manufacturer Disclosure Statement for Medical Device Security (MDS2) has been circulated for comments. This document and accompanying form has been prepared by the US National Electrical Manufacturers Association (NEMA) and other collaborating organizations. The MDS2 is widely requested by hospitals when they ask for proposals for purchasing medical equipment. In addition to adding questions to some existing sections, new sections were added covering remote service, software bill of materials, connectivity capabilities and software roadmap.

UL 5500 – Safety for Remote Software Updates has been adopted as a US National Standard. It covers the remote updating of software via the manufacturer’s recommended process. It is limited to software elements having an influence on safety and on compliance with the particular end product safety standard. It is not specific for medical devices, but applies to remote updating medical of medical device software having an influence on safety.

Health IT

A final proposed draft of AAMI HIT1000-1 Safety and effectiveness of health IT software and systems – Part 1: Fundamental concepts, principles, and requirements has been circulated.  AAMI HIT1000-1 will be released as a provisional US National Standard.

New Standards and Guidance Documents

Medical device software

No new documents this month.

Medical Devices

A committee draft for vote of AAMI TIR38 Medical device safety assurance case guidance has been circulated. This is a revision of the previous version and has been substantially modified. It includes an annex on Lessons learned regarding safety cases that provides both general industry lessons and some common problems that FDA has recognized in medical device safety cases.

Health IT and mobile health applications

A final proposed draft of AAMI HIT1000-1 Safety and effectiveness of health IT software and systems – Part 1: Fundamental concepts, principles, and requirements has been circulated for a final review. This standard is the first in a series that will also address quality, risk management and human factors in health IT systems.

Medical device and Health Security

A draft of a revision of the Manufacturer Disclosure Statement for Medical Device Security (MDS2) has been circulated for comments. This document and accompanying form has been prepared by the US National Electrical Manufacturers Association (NEMA) and other collaborating organizations. The MDS2 is widely requested by hospitals when they ask for proposals for purchasing medical equipment. In addition to adding questions to some existing sections, new sections were added covering remote service, software bill of materials, connectivity capabilities and software roadmap.

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 


 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 


 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.