Software in Medical Devices, by MD101 Consulting

At last! The FDA has published last October a guidance about cybersecurity that matters!
Not that the guidance previously published about Off-the-shelf software cybersecurity wasn’t worth reading it (Guidance to Industry: Cybersecurity for Networked Medical Devices Containing Off-the-Shelf Software), but its scope was more than reduced.

We continue this series about DHF, DMR and DHR, with the Device Master Record.

The FDA released on june 20th 2014 a new draft guidance about:

• Medical Devices Data Systems (MDDS) subject to 21 CFR 880.6310,
• Medical image storage devices subject to 21 CFR 892.2010, and
• Medical image communications devices subject to 21 CFR 892.2020.

Link to FDA MDDS draft guidance: EDIT - draft guidance superseded by final guidance, see this post

In the last article, we saw the concerns about the reliability of wireless connections and how to handle them.
Today, we are going to have a look at something quite important for mobile platforms: usability and humans factors engineering (HFE).

Today I begin a new series of articles about developing (or more broadly designing) a smartphone App that is a medical device.

The very first question is:

Is your App a medical device and does it need to be CE Marked or FDA cleared ?

After two years of gestation, FDA issues final Guidance on Mobile Medical Apps!

To continue the topic about FDA draft guidances related to software and information systems, the FDA put in its top list the release of the Guidance of Mobile Medical Apps.

Guidance of Mobile Medical Apps is in the "A-list" of FDA and should be released by the end of 2013.

In hot topics, we have also a warning letter sent by the FDA to Biosense Technologies. The mobile App named uChek Urine Analyzer and developed by Biosense Technologies, falls into the category of medical devices, says FDA. Biosense claims on its website that the App turns the smartphone into a medical lab.

With such claim, it's not surprising that the FDA wants Biosense to submit a 510k!

This is the second part of our discussion about Unique Device Identification (UDI).

Interrupting our series about IEC 62304 SOUP, we have breaking news from the FDA!
The FDA published this month a new Draft Guidance about Cyber Security and released a Safety Communication about Cybersecurity for Medical Devices and HospitalNetworks .

The federal agency recommends that manufacturers review their cybersecurity practices and policies to assure that appropriate safeguards are in place to prevent unauthorized access or modification to their medical devices. In other words, hacking treats, network intrusions, and the like, have to be addresses in the software risk assessment report.

Bouncing back to our series about SOUP, such risks shall be assessed when a SOUP is integrated in your software.

The AAMI TIR45:2012, Guidance on the use of AGILE practices in the development of medical device software enters in the list of recognized standards by the FDA. See here on Federal Register website.