By

Alan Kusinitz
http://www.fda.gov/MedicalDevices/ResourcesforYou/HealthCareProviders/ucm525916.htm
Read More
AAMI TIR 57 on medical device cybersecurity risk management will be published in 2016.  Status: The TIR has been recognized by the FDA before it was even been made available for purchase by AAMI. The TIR is now available for purchase from AAMI.
Read More
National Law Review discusses a case before the EU Court of Justice to decide if medical software that provides support to healthcare professionals in prescribing medicinal products should be considered a medical device. The manufacturer prefers it to be considered a medical device to avoid more onerous requirements if it is not treated that way.
Read More
http://www.fda.gov/downloads/MedicalDevices/ResourcesforYou/Industry/UCM519346.pdf
Read More
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM524904.pdf
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all Part 11 related warning letter excerpts included on this site as of the date above.  This file is updated periodically, but for the most recent warning letters between these updates, do text...
Read More
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM512648.pdf
Read More
http://www.fda.gov/MedicalDevices/DigitalHealth/ucm512245.htm
Read More
See the item on the MDR Trilogue Agreement for further explanation.  The text for the IVD draft is a the link provided here: EU IVDR.
Read More
This document is the result of an industry-led initiative of the European Commission. It is targeted at app developers and its purpose is to foster justified trust among users of mHealth apps which process personal data. Standards Navigator Draft Health Code of Conduct
Read More
/docs/scpred/standardsnavigator/EU_Data_Protection_Regulation.pdf
Read More
/docs/scpred/SoftwareCPR-LatestNewsletter.htm
Read More
/docs/scpred/SoftwareCPR-Newsletter052016.pdf
Read More
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm504091.pdf
Read More
The US FDA issued a draft guidance entitled: “Use of Electronic Health Record Data in Clinical Investigations”. This draft addresses a variety of issues including EHRs certified by ONC, data modifications, audit trials, informed consent, and Privacy and Security. The full draft guidance can be found at the following link: FDA_Use_of_EHR_Data_in_Clinical_Investigations
Read More
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM268141.pdf
Read More
http://www.gpo.gov/fdsys/pkg/FR-2016-04-04/html/2016-07467.htm
Read More
http://www.gpo.gov/fdsys/pkg/FR-2016-04-04/html/2016-07467.htm
Read More
On March 29, 2016, the US Department of Homeland Security issued an Advisory regarding the Carefusion Pyxis SupplyStation System Vulnerabilities that would only require an attacker with low skills.  Specific mitigations listed in the Advisory include: Isolate affected products from the Internet and untrusted systems; however, if additional connectivity is required, use a VPN solution....
Read More
The link provided is our revised checklist for changes in Amendment 1. You will need to login as a paid subscriber to download this checklist.
Read More
Amendment 1 of” “IEC 62304 Medical device software — Software Life cycle processes” was issued in 2015. Although the focus of the Amendment was to include a special provision for Legacy software as well as clarifications and changes to Safety Classification, a number of other substantive changes were made.including significant additional requirements for Class A...
Read More
/docs/scpred/FDA-2015WL-483DataPresentationV_1312016.pdf
Read More
/docs/scpred/FDA-2015WL-483DataPresentationV_1312016.pdf
Read More
How does one know what standards are helpful when creating or updating your software development process? Can compliance with standards benefit a medical device or HealthIT company with regulatory approval and/or FDA inspections? These questions and more will be answered at the upcoming 62304 training and emerging standards impacting Medical Device software and Health IT...
Read More
The Final Draft International Standard was approved at the end of 2015 and will be submitted for publication. The standard is expected to be published by the end of March 2016.  A three year transition period has been proposed.
Read More
http://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm484914.pdf
Read More
/docs/FDAhighestprioritydevices4humanfactorsreview0216.pdf
Read More
NOTE: This is for historical reference as a final guidance was issued Sept 2017 and is posted separately. FDA issued a new draft guidance entitled “Design Considerations and Pre- market Submission Recommendations for Interoperable Medical Devices”. This guidance addresses medical devices that exchange information whether wired or wireless including through the internet. It includes unidirectional...
Read More
FDA held a two day public cybersecurity workshop Jan 20-21,2016.   See the output, including links to the webcasts, from the workshop sessions.
Read More
Sherman Eagles of SoftwareCPR expects increased standards and regulatory activity related to Software and HealthIT in 2016. Here are some of the areas to watch: IEC 82304-1 Health Software: General requirements for safety will be completed during the first half of 2016. It is intended that this standard be harmonized in the EU, but it...
Read More
Note:  This draft is OBSOLETE and included only for historical reference only.  Look for the final draft elsewhere on this site. To view the guidance click this link:  2016-01-FDA Post market Cybersecurity draft guidance This guidance references a number of Presidential Executive Orders related to critical infrastructure and cybersecurity as a driving force for FDA’s increased oversight...
Read More
FDA held a public workshop, “Collaborative Approaches for Medical Device and Healthcare Cybersecurity,” October 21-22, 2014, in partnership with the Department of Homeland Security. The program book issued by FDA after the workshop was held is at the link provided. It contains information on the sessions, objectives, and speaker biographies. Sherman Eagles of SoftwareCPR® was...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains a training aid that provides an overview comparison between the 2015 Amendment of IEC 62304 and FDA requirements based on 62304 Safety Classes. SCPRed_SoftwareCPR-FDA-62304SafetyClasscomparisonTrainingAide
Read More
http://www.fda.gov/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/ucm467223.htm
Read More
The International Society of Pharmaceutical Engineering publishes the Good Automated Practices Guides including GAMP from 2008 which coverscomputer system validation in general and a number of more recent guides on topics ranging from mobile apps to IT infrastructure control. The current list of available guides is: GAMP® 5: A Risk-Based Approach to Compliant GxP Computerized...
Read More
In July 2015 an amendment was issued to IEC 62304. While this amendment was focused on additions for Legacy software and clarifications to the use of risk in safety classification keep in mind that a number of other smaller changes and additions were made. Some of the more significant ones include: 1. Reduction in the...
Read More
In July 2015 an amendment was issued to IEC 62304. While this amendment was focused on additions for legacy software and clarifications to the use of risk in safety classification, keep in mind that a number of other smaller changes and additions were made. Some of the more significant ones include: Reduction in the exemptions...
Read More
http://www.fda.gov/downloads/medicaldevices/deviceregulationandguidance/guidancedocuments/ucm313794.pdf
Read More
Although FDA’s Device Center tends to exempt many Mobile Medical Apps from regualtion FDA’s Drug Center has its own approach. Our current understanding is that mobile apps distributed with drugs are considered part of a combination product in many cases and the Drug Center will review the MMApp information as part of the product approval...
Read More
http://www.fda.gov/MedicalDevices/NewsEvents/WorkshopsConferences/ucm468246.htm
Read More
A new International Medical Device Regulators Forum (IMDRF) document was finalized.  It is Software as a Medical Device (SaMD): Application of Quality Management System.  The objective of the document is to provide guidance on the application of existing standardized and generally accepted QMS practices to SaMD. View the document at this link:  imdrf-tech-151002-samd-qms
Read More
Paul Felten of SoftwareCPR has successfully passed the ISTQB Agile Tester Certification exam. The ISTQB Agile Tester certification was created to account for new emerging practices and methodology changes in the software testing industry. Based on the foundation level syllabus, this certification ensures that software testers and professional alike have the necessary knowledge and skills...
Read More
1 2 3 4 5 18

SoftwareCPR Training Courses:

Being Agile & Yet Compliant (Public)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for registration!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

3 days virtual (Zoom) with group exercises, quizzes, examples, Q&A.

Lead Instructor: Mike Russell

Next public offerings:

  • Americas: 11-13 February 2025
  • EU/Eastern Europe/Middle East/Africa/Atlantic/eastern South America: 18-20 February 2025
  • Southern Central Northeastern Pacific: 24-26 February 2025
Register using form at this link:     Agile Course Post Promo

 

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Call or email now to schedule a private, in-house class. The fall schedule is filling up!

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 


 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.