Software in Medical Devices, a blog by MD101 Consulting

To content | To menu | To search

Tuesday 16 May 2017

They've raised the bar!

If you are a regular visitor of this blog, you noticed that almost three months elapsed between the last two articles on cybersecurity.
That's not what I planned.

The time dedicated to this blog was totally swallowed by the other facets of my job. Namely filling the gap between the current level of compliance of manufacturers, and the new expectations of notified bodies and regulatory authorities in the European Union. The bar has been raised!

It gives you a sense of what we're getting into with the new MDR.

Cybersecurity in medical devices - Part 3 AAMI TIR57:2016

After a long pause, we continue this series about cybersecurity in medical devices with a discussion on AAMI TIR57:2016 Principles for medical device security — Risk management.

Continue reading...

Saturday 6 May 2017

MDR and IVDR published

Hello, The Medical Device Regulation and In-Vitro Device Regulation have been published the 5th May 2017!
See the Official Journal of the EU.

Friday 10 February 2017

Final FDA Guidance on Postmarket Management of Cybersecurity in Medical Devices - Final version released

This article is a follow-up of the previous article on the Draft guidance on Postmarket Management of Cybersecurity in Medical Devices.

Continue reading...

Final FDA Guidance on Medical Device Accessories: Defining Accessories and Classification Pathway for New Accessory Types

This article is a follow-up of the article on the Draft guidance on Medical Device Accessories: Defining Accessories and Classification Pathway for New Accessory Types.

Continue reading...

Monday 2 January 2017

Happy New Year 2017

Happy New Year!

Thank-you for your loyalty!

Sunset provençal

Tuesday 20 December 2016

Cybersecurity in medical devices - Part 2 Stakeholders

After a long interruption, we continue this series on cybersecurity in medical devices with a review of stakeholders involved or concerned by cybersecurity requirements, and the consequences on architectural choices.

Continue reading...

Friday 4 November 2016

Software as a Medical Device (SAMD): clinical evaluation

The FDA released a guidance on clinical evaluation of standalone software medical device (a.k.a SAMD) in October 2016. This guidance is the same text and has the same presentation as the International Medical Device Regulatory Forum (IMDRF) guidance on SAMD clinical evaluation published in August 2016.

Continue reading...

Tuesday 1 November 2016

IEC 82304-1:2016 Health software - Part 1: General requirements for product safety

IEC 82304-1:2016, the missing link on standalone medical device software validation has been published!
See the official version on IEC webstore, and comments made on the FDIS (the final version shouldn't have changed).

Now we wait for the FDA to recognize it and the EU to harmonize it!

Monday 24 October 2016

Cybersecurity in medical devices - Part 1 Regulations

We begin today a series of posts on cybersecurity in medical devices. Cybersecurity was not a subject before the advent of computerized medical devices. Now that every manufacturer wants its connected medical device, cybersecurity matters!
Let's start with the regulations.

Continue reading...

Friday 2 September 2016

EU Medical Device Regulation - Changes for software

We've seen in the previous article the revolution in the regulatory classification brought by the new rule 10a for standalone software.
Let's see now the other changes. These changes are relevant for all software: standalone, embedded, device or accessory.
They're not as big as the new rule 10a, but they will deserve a significant amount of man-hours and documentation.

Continue reading...

Friday 19 August 2016

Three new FDA guidances

The FDA released three new FDA guidances in July 2016:

  • Two draft guidances on Deciding When to Submit a 510(k) for a Change to an Existing Device,
  • The final guidance on General Wellness: Policy for Low Risk Devices.

Continue reading...

Wednesday 10 August 2016

MEDDEV 2.1/6 2016

A new version of the MEDDEV 2.1/6 was published in July 2016.

The first version of 2012 was a major breakthrough. The new version won't change you life. Almost nothing new, excepted a few definitions on software, input data, output data, a remarkable reference to IMDRF definitions, and a non-significant update of the first decision tree.

Add to that a few typos, and you have the new version of the MEDDEV:

  • "lossless compression" disappeared from the decision tree (was it intentional?) but is still present in the explanations of decision step 3,
  • Decision step 7 doesn't have any explanation.


MEDDEV for nothing ♫ and tips for free ♬.

Friday 22 July 2016

Is my software in class I, IIa, IIb or III - 2016 Revolution

The final version of the negotiated text of the new Medical Device Regulation (MDR) was published by the European Commission in June 2016. It is a big upheaval for all medical device manufacturers. Contrary to what the draft version of September 2015 contained, software is invited to the party.

Continue reading...

Friday 1 July 2016

How to validate software development tools like Jira or Redmine?

Following the discussion on ISO/TR 80002-2 and AAMI TRI 36 in the previous article, here are some tips on how to validate workflow and data management software like Jira or Redmine.

Continue reading...

Friday 10 June 2016

ISO/TR 80002-2: latest news on Validation of software for medical device quality systems

ISO/TR 80002-2 is the future technical report on the validation of software used in regulated processed. The last version of this document, a Draft Technical Report (ISO/DTR 80002-2:2016), was released to the members of the standard committee for comments in May 2016.
This document is still a draft and is to be released by the end of 2016 or early 2017. There are high expectations on this document, since the introduction of requirements on validation of software used in the QMS in section 4.1.6 of ISO 13485:2016.

Continue reading...

Friday 6 May 2016

Is my software in class A, B or C? - 2015 reloaded

Almost four years since I wrote in 2012 the post Is my software in class A, B or C?.
In 2015, IEC 62304 Amendment 1 was published, changing a bit the game about software safety class.

Continue reading...

Friday 8 April 2016

IEC 82304-1 - Consequences on agile software development processes

Continuing our series about IEC 82304-1, let's see the consequences of this standard on agile software development processes.

Continue reading...

Friday 11 March 2016

IEC 82304-1 - Overview of requirements

We had in a previous article an overview of IEC 82304-1 Health software -- Part 1: General requirements for product safety, its scope and its relationships with other standards like IEC 62304.
This article presents more in details (but not too much, we're not going to rephrase the standard) the requirements of IEC 82304-1.

Continue reading...

Wednesday 17 February 2016

Breaking news: standalone software is not an active medical device!

Warning: obsolete content. Please read: Is my software in class I, IIa, IIb or III.
Last update on 2016/07/31.

The British Standard Institute published in February 2016 a white paper titled How to prepare for and implement the upcoming MDR – Dos and don’ts. Register on BSI website to download the paper.
This white paper gives top-notch recommendations on the way to compliance with the future EU Medical Device Regulation (MDR), based on the draft version. But their interpretation of MDR classification rules on standalone software are somewhat surprising.

Continue reading...

- page 1 of 10