Software in Medical Devices, by MD101 Consulting

To content | To menu | To search

Friday 11 November 2022

Computer Software Assurance for Production and Quality System Software

That's a bit like a new album of your favorite group. You've been waiting it for years. At last, it's been released! Are you going to be be impressed or disappointed?
The draft FDA guidance on Computer Software Assurance [CSA] for Production and Quality System Software has been published in September 2022. At last!

Continue reading...

Friday 30 September 2022

NIS2 Directive: are you involved or concerned?

That’s the story of the pig and the hen for breakfast: the pig is involved (ham) and the hen is concerned (eggs). With the NIS2 directive in preparation, a medical device manufacturer will be in either situation.

Continue reading...

Friday 2 September 2022

MDCG 2022-14: Red Queen Effect

The MDCG published in August 2022 the MDCG 2022-14 position paper on Notified body capacity and availability of medical devices and IVDs.

Continue reading...

Friday 8 July 2022

IEC/TR 60601-4-5 kicked out of harmonized standards

The 6th June 2022, a draft request has been published to update the list of EU MDR/IVDR harmonized standards. This request brings changes to the list presented in the draft list of April 2021.

Continue reading...

Monday 27 June 2022

MDR: Les Shadoks and MHRA: The Gibis

The UK Government response to consultation on the future regulation of medical devices in the United Kingdom has been published on Sunday 26th June 2022.

Continue reading...

Tuesday 14 June 2022

MDCG 2022-11 - Monty Python and the Holy Grail

Have you seen the MDCG 2022-11 - MDCG Position Paper: Notice to manufacturers to ensure timely compliance with MDR requirements?

Continue reading...

Friday 10 June 2022

Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submission

The FDA issued in April a new draft guidance on Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions. This guidance will supersede the guidance on Content of Premarket Submissions for Management of Cybersecurity in Medical Devices of 2014, when it is finalized. There’s no word about the draft guidance of 2018. We can suppose that one is obsolete.

Continue reading...

Monday 23 May 2022

The MDR is born bad

The Medical Device Regulation (MDR) is born bad. The success of a project depends on its timing. It is clear that the MDR has been plagued by a series of setbacks that have hindered its implementation.

Continue reading...

Friday 13 May 2022

Software as a Medical Device Post-Market Surveillance

Post-Market Surveillance (PMS) is one of the strengthened requirements of the Medical Device Regulation (MDR). Performing an effective PMS can be a time consuming task, shared by several departments of MD manufacturers. This is also true for SaMD.

Continue reading...

Friday 22 April 2022

New SaMD Classification scheme

A new unofficial SaMD classification scheme. Will it be adopted with the postponement of the MDR?

Continue reading...

Friday 15 April 2022

SaMD decommissioning, recall, removal and withdrawal

We saw in the previous post how the lifetime of a SaMD can be defined. Let's continue with the operations that can affect this lifetime.

Continue reading...

Friday 25 February 2022

Medical Device lifetime and SaMD

Medical device regulations require the manufacturers to define lifetime for their devices. In the case of SaMD, this requirement needs some interpretation.

Continue reading...

Thursday 13 January 2022

IEC 81001-5-1, final version published

IEC 81001-5-1 was published in December 2021. We already talked about the draft version here. Combined with IEC/TR 60601-4-5, published in February 2021, these two standards constitute the state of the art in cybersecurity of medical devices in Europe.

The final version is very close to the draft version, apart from a few changes to the organizational requirements; formerly clause 10 present in the draft, but removed and copied to clause 4 in the final version.

Be prepared to apply these two standards for your MDR CE Mark submissions, when they are harmonized. Most probably by 2024.

Monday 6 December 2021

FDA Draft Guidance on Content of Premarket Submissions for Device Software Functions

Great news! The FDA announced their list of new or revised guidances for 2022. Software is going to be privileged, with 6 guidances on Clinical Decision Support software, SaMD risk categorization, cybersecurity, QMS SW, and Artificial Intelligence / Machine Learning. The draft guidance Content of Premarket Submissions for Device Software Functions opens the ball in 2021. This draft guidance will supersede the guidance titled Content of Premarket Submissions for Software Contained in Medical Device, when it is published in its final version. This little change in the title is a sign of the times.

Continue reading...

Monday 8 November 2021

MDCG 2020-3: Substantial change or not Substantial change?

That is the question.
MD manufacturers are pressed by end-users to implement changes. Especially SaMD, where the users are used to receiving new versions weekly or monthly. Thus, Class I MDD SaMD manufacturers are pressed to find a way to qualify their software changes as non-substantial according to the MDCG 2020-3. Otherwise, they can't deliver new versions to their end-users, blocked by the deadly MDR rule 11 and its class IIa trap.

Continue reading...

Saturday 6 November 2021

Ten years

This blog is ten years old!
Thank you to all of you who read, download and share the content of this blog.

Keep goin'

Friday 9 July 2021

Cybersecurity standards: IEC 81001-5-1 and IEC/TR 60601-4-5

The draft list of harmonized standards for the MDR regulation was published in May 2021. In this document, we find the references to the following cybersecurity standards:

  • IEC 80001-1: Safety, effectiveness and security in the implementation and use of connected medical devices or connected health software - Part 1: Application of risk management,
  • IEC 81001-5-1 (not published): Health Software and health IT systems safety, effectiveness and security - Part 5-1: Security - Activities in the product lifecycle,
  • IEC/TR 60601-4-5: Medical electrical equipment - Part 4-5: Guidance and interpretation - Safety-related technical security specifications.

Continue reading...

Wednesday 26 May 2021

Rest in peace class I SaMD

This is the end of MDD, and class I SaMD.

Continue reading...

Friday 26 March 2021

When Web meets SOUP

The definition of SOUP, and the requirements related to their lifecycle in IEC 62304 processes, are totally independent of any technology. Making no technological assumption, that's the way the standard is thought, so that it can be applied to any health software.
Cloud-based applications and web technologies make an intensive use of SOUPs. Let's see how IEC 62304 requirements can be applied to these technologies.

Continue reading...

Thursday 4 March 2021

Hey, European Commission, it's time to copy-paste Australian regulation!

The Australian Regulatory changes for software based medical devices took effect from 25th February 2021.

Continue reading...

- page 1 of 12