Blog

Timely, insightful, and relevant thoughts, opinions, and discussion on FDA software validation, 62304 compliance, medical device software standards, updates impacting medical device and HealthIT software development, and sundry subjects from our Partners and staff.

Software of Unknown Provenance SOUP.  It is likely that you are familiar with the acronym, SOUP, in relation to medical device and Health IT software.  The medical device software standard IEC 62304, defines SOUP as a “software item that is: already developed and generally available and that has not been developed for the purpose of being...
Read More
This July 2021 Standards Navigator Report content is only available to Standards Navigator subscribers. See our Subscribe page for information on subscriptions. SoftwareCPR® Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices.  In addition to information on existing standards, our report keeps you...
Read More
Most medical device manufacturers use many, many software programs, systems, or services to automate quality system This software is not to be confused with product software - that is, software that runs as part of a medical device.  Medical device in this context could be custom hardware devices or Software as a Medical Device (SaMD)....
Read More
One of the most important references in creating a software development lifecycle process to assure software quality is the FDA guidance document, “General Principles of Software Validation.”  This guidance document has been around for many years.  The current version, 2.0, was released in 2002.  To many in the industry, this guidance is simply referred to...
Read More
In a release from The Cybersecurity and Infrastructure Security Agency (CISA) on July 21, 2021, it was announced that the Common Weakness Enumeration (CWE) Top 25 list has been updated from the previous 2020 version. The CWE Top 25 is a list that uses real-world data from the National Vulnerability Database (NVD) to identify current...
Read More
As the use of Artificial Intelligence (AI) and machine learning methods expand in medical devices and HealthIT software, an oft asked question is whether the data sets used for training should be retained as part of the design history file (DHF) or other long term storage mechanisms.  SoftwareCPR partners Alan Kusinitz, Sherman Eagles, John Murray,...
Read More
Cybersecurity: PACS CISA Homeland Security Advisory Issued for Medical Systems The Department of Homeland Security’s CISA has issued an advisory for the Worldwide Infrastructure Healthcare and Public Health sectors regarding Philips Vue PACS. The ICS Medical Advisory, ICSMA-21-187-01, discloses 15 vulnerabilities discovered in the Philips Clinical Collaboration Platform Portal, also known as Vue PACS. Four...
Read More
Those of us that are involved in critical medical devices and those that directly deliver therapy should be closely watching events in other industries, such as the Tesla issue in the article linked below.  One way to view this issue is in the context of software control authority – a term used in the aerospace...
Read More
The FDA is officially modifying medical device classifications for some software functions. On April 19, 2021, the agency published a “final” rule that updates eight classification regulations by amending these regulations to exclude software functions that no longer fall within the device definition under 201(h) of the FD&C Act. With this final rule, FDA is amending the...
Read More
An excellent overview of the challenges and benefits of the Microservices architectural style of software application development.  While many of the factors discussed by the author (Dr. André Fachat, published January 30, 2019), these same factors can affect the safety and efficacy of a medical devices using this style.  The article consists of two parts:...
Read More

Cybersecurity Review

Our cybersecurity experts are NESSUS Pro Licensed and can quickly remediate cybersecurity deficiencies with your medical device or digital health software.  Planning, requirements, validation, and submissions – we can assist with all.

Interested in having a conversation?  Email us to arrange a Zoom meeting or call us at +1 781-721-2921.

office@softwarecpr.com

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN), Canada, and Italy.