Tuesday 16 May 2017
By Mitch on Tuesday 16 May 2017, 22:34 - Misc
If you are a regular visitor of this blog, you noticed that almost three months elapsed between the last two articles on cybersecurity.
That's not what I planned.
The time dedicated to this blog was totally swallowed by the other facets of my job. Namely filling the gap between the current level of compliance of manufacturers, and the new expectations of notified bodies and regulatory authorities in the European Union. The bar has been raised!
It gives you a sense of what we're getting into with the new MDR.
By Mitch on Tuesday 16 May 2017, 21:53 - Standards
After a long pause, we continue this series about cybersecurity in medical devices with a discussion on AAMI TIR57:2016 Principles for medical device security — Risk management.
Saturday 6 May 2017
By Mitch on Saturday 6 May 2017, 10:59 - Regulations
The Medical Device Regulation and In-Vitro Device Regulation have been published the 5th May 2017!
See the Official Journal of the EU.
Friday 10 February 2017
By Mitch on Friday 10 February 2017, 14:20 - Regulations
By Mitch on Friday 10 February 2017, 14:19 - Regulations
Monday 2 January 2017
By Mitch on Monday 2 January 2017, 23:04
Happy New Year!
Thank-you for your loyalty!
Tuesday 20 December 2016
By Mitch on Tuesday 20 December 2016, 12:51 - Misc
After a long interruption, we continue this series on cybersecurity in medical devices with a review of stakeholders involved or concerned by cybersecurity requirements, and the consequences on architectural choices.
Friday 4 November 2016
By Mitch on Friday 4 November 2016, 15:37 - Misc
The FDA released a guidance on clinical evaluation of standalone software medical device (a.k.a SAMD) in October 2016. This guidance is the same text and has the same presentation as the International Medical Device Regulatory Forum (IMDRF) guidance on SAMD clinical evaluation published in August 2016.
Tuesday 1 November 2016
By Mitch on Tuesday 1 November 2016, 21:09 - Standards
IEC 82304-1:2016, the missing link on standalone medical device software validation has been published!
See the official version on IEC webstore, and comments made on the FDIS (the final version shouldn't have changed).
Now we wait for the FDA to recognize it and the EU to harmonize it!
Monday 24 October 2016
By Mitch on Monday 24 October 2016, 16:50 - Regulations
We begin today a series of posts on cybersecurity in medical devices. Cybersecurity was not a subject before the advent of computerized medical devices. Now that every manufacturer wants its connected medical device, cybersecurity matters!
Let's start with the regulations.
Friday 2 September 2016
By Mitch on Friday 2 September 2016, 13:27 - Regulations
We've seen in the previous article the revolution in the regulatory classification brought by the new rule 10a for standalone software.
Let's see now the other changes. These changes are relevant for all software: standalone, embedded, device or accessory.
They're not as big as the new rule 10a, but they will deserve a significant amount of man-hours and documentation.
Friday 19 August 2016
By Mitch on Friday 19 August 2016, 13:48 - Regulations
The FDA released three new FDA guidances in July 2016:
- Two draft guidances on Deciding When to Submit a 510(k) for a Change to an Existing Device,
- The final guidance on General Wellness: Policy for Low Risk Devices.
Wednesday 10 August 2016
By Mitch on Wednesday 10 August 2016, 10:09 - Regulations
A new version of the MEDDEV 2.1/6 was published in July 2016.
The first version of 2012 was a major breakthrough. The new version won't change you life. Almost nothing new, excepted a few definitions on software, input data, output data, a remarkable reference to IMDRF definitions, and a non-significant update of the first decision tree.
Add to that a few typos, and you have the new version of the MEDDEV:
- "lossless compression" disappeared from the decision tree (was it intentional?) but is still present in the explanations of decision step 3,
- Decision step 7 doesn't have any explanation.
MEDDEV for nothing ♫ and tips for free ♬.
Friday 22 July 2016
By Mitch on Friday 22 July 2016, 13:28 - Regulations
The final version of the negotiated text of the new Medical Device Regulation (MDR) was published by the European Commission in June 2016. It is a big upheaval for all medical device manufacturers. Contrary to what the draft version of September 2015 contained, software is invited to the party.
Friday 1 July 2016
By Mitch on Friday 1 July 2016, 13:22 - Processes
Following the discussion on ISO/TR 80002-2 and AAMI TRI 36 in the previous article, here are some tips on how to validate workflow and data management software like Jira or Redmine.
Friday 10 June 2016
By Mitch on Friday 10 June 2016, 13:56 - Standards
ISO/TR 80002-2 is the future technical report on the validation of software used in regulated processed. The last version of this document, a Draft Technical Report (ISO/DTR 80002-2:2016), was released to the members of the standard committee for comments in May 2016.
This document is still a draft and is to be released by the end of 2016 or early 2017. There are high expectations on this document, since the introduction of requirements on validation of software used in the QMS in section 4.1.6 of ISO 13485:2016.
Friday 6 May 2016
By Mitch on Friday 6 May 2016, 13:33 - Standards
Almost four years since I wrote in 2012 the post Is my software in class A, B or C?.
In 2015, IEC 62304 Amendment 1 was published, changing a bit the game about software safety class.
Friday 8 April 2016
By Mitch on Friday 8 April 2016, 14:25 - Standards
Continuing our series about IEC 82304-1, let's see the consequences of this standard on agile software development processes.
Friday 11 March 2016
By Mitch on Friday 11 March 2016, 14:53 - Standards
We had in a previous article an overview of IEC 82304-1 Health software -- Part 1: General requirements for product safety, its scope and its relationships with other standards like IEC 62304.
This article presents more in details (but not too much, we're not going to rephrase the standard) the requirements of IEC 82304-1.
Wednesday 17 February 2016
By Mitch on Wednesday 17 February 2016, 10:13 - Regulations
Warning: obsolete content. Please read: Is my software in class I, IIa, IIb or III.
Last update on 2016/07/31.
The British Standard Institute published in February 2016 a white paper titled How to prepare for and implement the upcoming MDR – Dos and don’ts. Register on BSI website to download the paper.
This white paper gives top-notch recommendations on the way to compliance with the future EU Medical Device Regulation (MDR), based on the draft version. But their interpretation of MDR classification rules on standalone software are somewhat surprising.