Blog

Timely, insightful, and relevant thoughts, opinions, and discussion on FDA software validation, 62304 compliance, medical device software standards, updates impacting medical device and HealthIT software development, and sundry subjects from our Partners and staff.

In a release from The Cybersecurity and Infrastructure Security Agency (CISA) on July 21, 2021, it was announced that the Common Weakness Enumeration (CWE) Top 25 list has been updated from the previous 2020 version. The CWE Top 25 is a list that uses real-world data from the National Vulnerability Database (NVD) to identify current...
Read More
As the use of Artificial Intelligence (AI) and machine learning methods expand in medical devices and HealthIT software, an oft asked question is whether the data sets used for training should be retained as part of the design history file (DHF) or other long term storage mechanisms.  SoftwareCPR partners Alan Kusinitz, Sherman Eagles, John Murray,...
Read More
Cybersecurity: PACS CISA Homeland Security Advisory Issued for Medical Systems The Department of Homeland Security’s CISA has issued an advisory for the Worldwide Infrastructure Healthcare and Public Health sectors regarding Philips Vue PACS. The ICS Medical Advisory, ICSMA-21-187-01, discloses 15 vulnerabilities discovered in the Philips Clinical Collaboration Platform Portal, also known as Vue PACS. Four...
Read More
Those of us that are involved in critical medical devices and those that directly deliver therapy should be closely watching events in other industries, such as the Tesla issue in the article linked below.  One way to view this issue is in the context of software control authority – a term used in the aerospace...
Read More
The FDA is officially modifying medical device classifications for some software functions. On April 19, 2021, the agency published a “final” rule that updates eight classification regulations by amending these regulations to exclude software functions that no longer fall within the device definition under 201(h) of the FD&C Act. With this final rule, FDA is amending the...
Read More
An excellent overview of the challenges and benefits of the Microservices architectural style of software application development.  While many of the factors discussed by the author (Dr. André Fachat, published January 30, 2019), these same factors can affect the safety and efficacy of a medical devices using this style.  The article consists of two parts:...
Read More
This January 2021 Standards Navigator Report content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR® Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you...
Read More
This December 2020 Standards Navigator Report content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator Report provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards...
Read More
Is it possible to view draft revisions of FDA guidance documents when they are a “work in progress,” or are they only become available once published as draft?  This is a frequent question that I have heard. However, the FDA does not typically provide copies or drafts of “works in progress” for those items that...
Read More
This content is only available to our Premium subscribers. See our Subscribe page for information on subscriptions. ISO 14971 was updated and released in 2019.  We previously discussed the internal debate regarding ISO 14917 in this post ISO 14971 versus the EU Commission. There are several items to consider with the new update: Section 10.1 - “The manufacturer...
Read More

Cybersecurity Review

Our cybersecurity experts are NESSUS Pro Licensed and can quickly remediate cybersecurity deficiencies with your medical device or digital health software.  Planning, requirements, validation, and submissions – we can assist with all.

Interested in having a conversation?  Email us to arrange a Zoom meeting or call us at +1 781-721-2921.

office@softwarecpr.com

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN), Canada, and Italy.