Software in Medical Devices, by MD101 Consulting

To content | To menu | To search

Friday 15 May 2020

Software release vs design transfer

A recurring question is the confusion, or more precisely the difference between software release of IEC 62304, and design transfer of ISO 13485.

Continue reading...

Sunday 3 May 2020

MDCG 2019-16 Guidance on cybersecurity for medical devices

So we have a new guidance on cybersecurity for medical devices: the MDCG 2019-16. This is not the one we expected so quickly, but we're not going to complain about the existence of this guidance! It was published in December 2019. At last I found time to write a review.
This guidance covers a broad range of topics applicable to all stakeholders in the medical device supply chains, and to end-users. It explains a bit why it is 46 pages long.

Continue reading...

Saturday 18 April 2020

If the European Commission claimed ISO 13485 conformity

Having struggled with dozens of software editors who wanted to CE mark their class I software before May 2020. Having struggled with the lockdown, having struggled with projects in war mode to fight against the Covid-19, here I am! My last post was in December 2019, too long to make an active blog.
Today I post an article with a tone of speech a bit different than usual. No software, no comment on regulatory guidances. Probably an effect of the current situation, which affects all of us.

Continue reading...

Friday 6 December 2019

Is my software in class I MDD: Stayin' alive

So we have a corrigendum (almost 100% sure. A vote by the EU Parliament is still in the pipe December the 16th, though). To corrigendumize: that's a neologism I propose to name bug fixing activities in legal matters. I corrigendumize, you corrigendumize, they corrigendumize! Any resemblance to "randomize" is purely coincidental!

Continue reading...

Saturday 30 November 2019

Template: Verification Validation Transfer Review Report

The final validation was missing in the list on templates on this blog. Problem solved.

Continue reading...

Friday 22 November 2019

IEC 62304:2019 or 2020 - Next Generation

The second version of IEC 62304 is still in draft. It has been is this state for almost five years, since the publication of the amendment 1. It is now in public review (or has been in public review in your country) under the name IEC 62304:2019 CDV. Go to the website of your national standardization organization, to see if you can still download it for free!

Continue reading...

Saturday 9 November 2019

Eudamed Software Development LifeCycle

This is the Eudamed Software Development LifeCycle.

Eudamed Software Development Lifecycle.png, Nov 2019


Welcome to the world of software engineering, Eudamed!

Thursday 31 October 2019

Is my software in class IIa, IIb, or III, Dark Fate

Here we are! White smoke over the European Parliament! The MDCG 2019-11 guidance on qualification and classification of medical device software (MDSW) was published the 11th of October 2019.

Continue reading...

Friday 25 October 2019

User stories or software requirements?

I frequently have the following discussion with software development teams: can user stories be taken as software requirements? The answer is yes or no. All cases can be found in nature!

Continue reading...

Wednesday 9 October 2019

What happened to my Drug Prescription Assistance Software?

We know that Drug Prescription Assistance Software are software as a medical device, thanks to the European Court of Justice. But how to CE mark that kind of software?

Continue reading...

Friday 16 August 2019

Cybersecurity in medical devices: a short review of UL 2900-1

We continue this series of articles on cybersecurity with a free and non-exhaustive review of UL 2900-1 standard.
What is UL 2900-1? This standard was published in 2017 by Underwriters Laboratory (UL). It contains technical requirements on cybersecurity for network connectable products. A collateral UL 2900-2-1 focuses on connectable healthcare and wellness systems. UL 2900-1 and UL 2900-2-1 are FDA recognized standards. Thus, applicable to medical devices.

Continue reading...

Friday 26 July 2019

Guideline on Cybersecurity from ANSM French Competent Authority

The ANSM French Competent Authority published in July 2019 a draft guideline on cybersecurity for medical devices. The European medical device sector should greatly applaud this initiative. This is the first and only guideline on cybersecurity with regard to the European medical device regulations.

Continue reading...

Friday 19 July 2019

Guidance from GMED Notified Body on significant changes in the framework of article 120 of MDR

The GMED notified body has published a guide on substantial changes: named Guidance document for the interpretation of significant changes in the framework of article 120: “Transitional provisions” of Regulation (EU) 2017/745. This guide addresses changes according to the article 120 of the MDR. It's a decision tree in the same vein as FDA guidances on deciding when to submit a new 510k.

As a manufacturer, your mission, if you accept it, is to answer "No" for all your products CE marked with the MDD.
For hardware, be prepared to place your design in the freezer.
For software, be prepared to place your design in liquid nitrogen.

The guidance is on the page on white papers of GMED website.

Sunday 26 May 2019

MDR: one year left and too late for class I software

Today is the 26th of May 2019. Rings a bell? In one year exactly, your class I MD software will be living in borrowed time on the EU market.
Why?
Because of rule 11 of 2017/745/UE Medical Device Regulation (MDR).

Continue reading...

Tuesday 26 March 2019

When the ANSM French Authority update their website without notice

To be software as a medical device or not to be.
That is the question.

And you rely on Competent Authorities to determine whether software is a medical device or not. For example, you have some practical examples on the ANSM website (google translate is my Friend): here is the lastest version.

And you wish you had a way to be noticed by the ANSM when the page changes. Hell no, no way.

Especially you wish you had been noticed when the ANSM change their mind on telesurveillance software: here is the previous version on archive.org if you want to compare with the latest.

Before: examples showing that communicating data, like tele follow-up is not a MD, with the invocation of expert function (found in MEDDEV 2.1/6 only for qualification of IVD, not MD) to exclude software without such function.
After: examples showing that tele surveillance is a MD (exit the expert function).

Arrgghh, This isn't Good Regulatory Practice.

Thursday 24 January 2019

Cybersecurity - Draft guidances from FDA and Health Canada

The US FDA published in October 2018 a new draft version of its guidance on the content of premarket submissions for management of cybersecurity in medical devices. Two months later, Health Canada published in December 2018 a draft guidance document on pre-market requirements for medical device cybersecurity.

Continue reading...

Monday 15 October 2018

Cybersecurity - Part 5 Templates

Hi there! Long time no see once again. I dig up our series of posts on cybersecurity.
In this post I publish two new templates for cybersecurity risk management.

Continue reading...

Friday 6 July 2018

IEC 62366-1 and Usability engineering for software

Usability is a requirement, which has been present in regulations since a long time. It stems from the assessment of user error as a hazardous situation. It is supported by the publication AAMI HE75 standard, FDA guidances, and the publication of IEC 62366 in 2008 followed by IEC 62366-1:2015. Although usability engineering is a requirement for the design of medical devices, most of people designing software are not familiar with this process. This article is an application of the process described in IEC 62366-1 to software design.

Continue reading...

Wednesday 18 April 2018

Update of SRS and SAD templates for GDPR

European Regulation 2016/679, aka GDPR, will be fully in force in May 2018. Everybody knowns that we have something to do to be compliant since it has been published. And everybody is getting awake only two months before the full application. So do I.

Continue reading...

Friday 19 January 2018

FDA Guidance on Medical Device Accessories updated

Here is a quick follow-up of the new version of the FDA Guidance titled Medical Device Accessories – Describing Accessories and Classification Pathways, published in December 2017. This comes a bit in parallel to the Section 3060 guidance described in the previous post on the 21st Century Cures Act.

Continue reading...

- page 1 of 11