Category

Blog
FDA released their CDRH Proposed Guidance Updates that includes a significant amount of “software related” guidance in FY 2021. There are four separate guidance documents listed for publication in FY 2021. IMO that is a fairly large commitment from the agency and I will look forward to reading about the agency’s “current thinking” on these...
Read More
Understanding OTS and SOUP is very important in every lifecycle stages of medical device and HealthIT software development.  In the late 1990’s, the US FDA first published guidance documentation on the use of Off-The-Shelf (OTS) software in medical devices (or sometimes referred to as “OTSS”).  At that time, OTSS generally accounted for a very small...
Read More
Our internal cybersecurity expert Gwen contributed the following. The Use of LIS2 In Medical Devices LIS2-A2 is widely used in laboratory devices as a standard practice for Healthcare Delivery Organizations (HDOs). The LIS and LIS2 communication protocol standards published nearly two decades ago have often been used in medical device network systems due to their...
Read More
In 2018, Google Health began a program in Thailand to screen for diabetic retinopathy using artificial intelligence (AI). The AI was designed to analyze photos of diabetic patients’ eyes to detect signs of eye disease. The AI was promising in theory – during testing, it was 90% accurate in detecting diabetic retinopathy in eye scans,...
Read More
This September 2020 Standards Navigator Report content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator Report provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards...
Read More
On September 14, 2020 the Digital Health Team at FDA provided a 2020 Update on the Software Precertification Pilot Program. The announcement is a short 8-page document. The document provides the details that are driving program development. It contains a considerable amount of information that may take a few reads to fully understand. On my...
Read More
Why are clinical studies necessary? Medical device clinical studies provide evidence for a PMA submission. Under 21 CFR 860.7, the FDA relies only on “valid scientific evidence” to determine whether there is reasonable assurance that a device is safe and effective. Valid scientific evidence can originate from a variety of sources, including well-controlled studies. Even...
Read More
Remember the 2005 guidance document, Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices? In 2020 that guidance is as relevant as ever, and it can be useful to review what we know about the FDA’s expectations regarding Level of Concern (LOC) in medical devices. LOC is important if for no...
Read More
Do you understand the Q-Sub Guidance? The FDA issued the guidance document Requests for Feedback and Meetings for Medical Device Submissions: The Q-Submission Program in 2019, but it has taken some time for the industry to understand all the facets of the program. The guidance covers a wide range of FDA submissions – IDE/PMA/HDE applications, de novo...
Read More
“Agile” remains a hot topic in general, and “compliant agile” is a goal in many medical (and other regulated) companies. However, “agile” also remains difficult and elusive for many. This article will examine one of the most common hurdles to achieving agile benefits from well-intentioned initiatives. First, let’s address agile and medical device development in...
Read More
This July 2020 Standards Navigator Report content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator Report provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards...
Read More
This content is only available to our Premium subscribers.  See our Subscribe page for information on subscriptions. What is a Real-Time PMA Supplement? Section 737(4)(D) of the Federal Food, Drug, and Cosmetic Act defines a Real-Time PMA Supplement as: “a supplement to an approved premarket application or premarket report under section 515 that requests a...
Read More
This content is only available to our Premium subscribers.  See our Subscribe page for information on subscriptions. You are likely aware of the CAPA process overall and how it fits in to the quality management system for a medical device manufacturer or supplier.  Just the name itself, corrective and preventive action, describes one of the...
Read More
This February 2020 Standards Navigator Report content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator Report provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards...
Read More
This “FDA GPSV Traceability Expectations” post is only available to Premium subscribers. See our Subscribe page for information on subscriptions. Going way back to the late 1990’s, FDA had an expectation that safe and effective software would require a well thought out development lifecycle that includes many activities designed to ensure the correctness and robustness...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator Report provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date...
Read More
ISO 14971 Risk Analysis Identifying safety risks in medical devices is a challenging and laborious process.  The process standard, ISO 14971, is a systematic, total product risk management lifecycle process to identify, control, and evaluate risk, where risk is defined as the combination of severity of the harm (to people, property, or environment) and probability...
Read More
I am looking forward to teaching the IEC 62304 Course February 2020 with Brian Pate in Sunnyvale CA. https://events.eventzilla.net/e/2020-softwarecpr-62304-and-emerging-software-standards-training-course–sunnyvale-ca-2138757731 For 15 years I taught the AAMI Software Validation Course with Alan Kusinitz.  These days I have shifted gears to teach the SoftwareCPR 62304 course with Brian Pate. There is a major shift in my perspective between...
Read More
Do you have a question about FDA Digital Health Regulatory Policy?  FDA’s Center for Devices and Radiological Health has a resource to help. I know from personal experience that the Digital Health Team (DHT) at FDA focuses a lot of energy and effort on answering these questions in an effective and efficient manner. During my...
Read More
The FDA and the NIH National Center for Advancing Translational Sciences (NCATS)/Office of Rare Diseases Research (ORDR) conducted this needs assessment to better understand unmet medical device needs for rare diseases – ultimately to raise public awareness of these unmet needs.  Let this motivate us all to explore, push limits, innovate, and invent.  Onward software...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date on...
Read More
For anyone involved in software development, the importance of software requirements cannot be minimized. Software requirements provide the definition and explanation of “what the software should do” and “how the software should behave.” The software engineers and developers use the requirements as input to the software design and coding process. The test developers also use...
Read More
Premarket Notifications (510(k)s), Premarket Approval Applications (PMAs), Premarket Reports (PMRs), notices, and supplements all have associated fees to be paid to the FDA before they will review a medical device product. The 2019 Medical Device User Fee Amendments (MDUFA) are listed at 2019 MDUFA. If the FDA determines that a manufacturer is a “small business”...
Read More
Some thoughts on Requirements … using the General Principles of Software Validation to help. Many times we struggle with creating software requirements and documenting them.  The FDA General Principles of Software Validation-Final Guidance helps set the FDA expectations in this area.  Section 4.1 of the guidance states: “A documented software requirements specification provides a baseline for both...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date on...
Read More
Health Canada released the full guidance document, Pre-market Requirements for Medical Device Cybersecurity. It can be viewed at:  https://www.canada.ca/en/health-canada/services/drugs-health-products/medical-devices/application-information/guidance-documents/cybersecurity.htm It includes requirements such as: “Risk management is required for all medical devices throughout their life-cycle. Manufacturers should incorporate cybersecurity into the risk management process for every device that consists of or contains software. Manufacturers are...
Read More
This content is only available to Premium subscribers.  See our Subscribe page for information on subscriptions. As more “software as a medical device” (SaMD) applications are developed and marketed, there has been an increased focus on what activities and documentation are required for compliance with US medical device regulations and applicable ISO standards.  Along with...
Read More
Another useful reference for establishing a safety culture in your software organization. “The purpose of this Handbook is to define the NASA Safety Culture Program and to provide guidance in the development and implementation—sustainment, growth, and practice—of Safety Culture at the Center level. It defines the NASA Safety Culture Model, describes the Safety Culture Survey...
Read More
This content is only available to Premium subscribers.  See our Subscribe page for information on subscriptions. This template is conceived as a partial example template for a generic small device with embedded real time control. Explanatory comments are included in << comment >>. Other text is example definition that you should replace with your own...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A SoftwareCPR example for software release note and revision history.  Software Revision Level History Example
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR Standards Navigator provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date on...
Read More
This 62304 Conformance Checklist Tool is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. 62304 can provide an excellent framework from which to design a software process for medical device, medical mobile app, and/or HealthIT software.  62304 was created specifically for this type of software – it was not...
Read More
Today FDA issued a final guidance, “Requests for Feedback and Meetings for Medical Device Submissions: The Q-Submission Program.  Guidance for Industry and Food and Drug Administration Staff Document (May 7, 2019).  The FDA’s Q-Submission Program provides submitters an opportunity to have early collaboration and discussions about medical device submissions. In our opinion, early feedback and...
Read More
Many years ago, Capers Jones, the software metrics guru, analyzed his database of thousands of software projects for the key factors affecting “real” software quality.  “Real” software quality relates to how the software actually performed and how robust in the field.   His list in priority order was: Programmer Application (domain) Experience Programmer Technical Experience Reuse...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Recent standards and regulatory activity overview Medical device software Following the failure of the DIS of 62304 to be approved, the IEC 62304 working group requested input from the ISO and IEC member countries. There was not a consensus...
Read More
The West Australian reported that two autonomous haulage systems (AHS) trucks experienced a collision when one of the trucks backed into the cab of the second truck that was stationary at the time.  This is of interest to us as the AHS trucks are software controlled and they crashed.  Clearly a failure mode.  The initial report is...
Read More
FDA issued a Safety Communication on January 31, 2019, (see Safety Communication Link) warning of the risk of air being introduced in a blood vessel (air-in-line) and air embolism for infusion pumps, fluid warmers, rapid infusers, and accessory devices.  This communication is directed toward users (both clinical and service personnel) and patients.  However, what can system architects,...
Read More
Health Canada has recently provided a new approach for device approval as outlined in their “Action Plan on Medical Devices: Continuously Improving Safety, Effectiveness and Quality.” Canada classifies medical devices based on their potential risk, with Class I devices being lowest-risk and Class IV devices presenting the highest risk. The collaborative new approach aims to...
Read More
The Verily Study Watch is a device worn on the wrist that digitizes patient physiologic measurements and processes the raw data through algorithms both on the wrist worn device and additional processing when communicated to cloud based computing systems.  The idea is that the Verily watch would be worn similar (or as!) a consumer device...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and regulatory activity overview Medical device software It appears that in response to a question posed by the IEC 62304 working group, the ISO and IEC member countries want ISO 14971 to be required for use of the second...
Read More
Clearly one of the great struggles with medical device product design is to understand and finely tune the design input for our devices.  It is difficult but the payoff can be great when done well – pays off with development efficiency, greater certainty with safety risk control, and ultimately in customer satisfaction. In our training...
Read More
It is always good to remind ourselves of exactly what the regulation says – often our corporate procedures can become “bloated” and lead some to believe that some specific activities and/or types of deliverables are required by the regulations.
Read More
One of the most difficult challenges for medical device and HealthIT manufacturers is to properly "level" the design requirements for their medical device systems such that it is clear when it comes to design validation versus design verification.
Read More
Certainly everyone with any connection to information technology and networked devices is concerned with cybersecurity. However, often we just miss the basics – we do not practice good cyber hygiene. While not intended to be comprehensive or state-of-the-art, here are some security basics (or as some call it, “cyber hygiene”) that one should consider when developing...
Read More
Glanced through the latest FDA warning letters today.  From the FDA Medical Device & Radiological Health Operations West/Division 3 I see the inspector pointing out “This design validation also fails to include software validation [emphasis mine] to assure software will perform as intended and will not prevent safe operation by the user.”   Of course this is...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Questionnaire asking the national bodies to choose which approach to risk management should be used in the second edition of IEC 62304. 62304 Edition 2 Questionnaire
Read More
This content is only available to our Premium subscribers. A presentation on IEC 62304 Second Edition may be found at the following link: IEC 62304 2nd Edition Presentation
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and regulatory activity overview Medical device software Two webinars were held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related recall excerpts for the years listed. Some of the newest recalls on the site may not be included. This compilation is provided in reverse chronological order and is useful for quick review,...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all software and computer related warning letter excerpts posted on this site for the years listed. Some of the newest warning letters on the site may not be included since we only update this...
Read More
1 2 3 4

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 


 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 


 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.