Friday 10 June 2022
By Mitch on Friday 10 June 2022, 13:47
The FDA issued in April a new draft guidance on Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions. This guidance will supersede the guidance on Content of Premarket Submissions for Management of Cybersecurity in Medical Devices of 2014, when it is finalized. There’s no word about the draft guidance of 2018. We can suppose that one is obsolete.
Monday 6 December 2021
By Mitch on Monday 6 December 2021, 13:32 - Regulations
Great news! The FDA announced their list of new or revised guidances for 2022. Software is going to be privileged, with 6 guidances on Clinical Decision Support software, SaMD risk categorization, cybersecurity, QMS SW, and Artificial Intelligence / Machine Learning. The draft guidance Content of Premarket Submissions for Device Software Functions opens the ball in 2021. This draft guidance will supersede the guidance titled Content of Premarket Submissions for Software Contained in Medical Device, when it is published in its final version. This little change in the title is a sign of the times.
Friday 4 September 2020
By Mitch on Friday 4 September 2020, 14:34 - Regulations
The FDA published in July the final version of the Guidance on Multiple Function Device Products. Despite the absence of the word "software" in the title, it addresses at first software medical devices. It also addresses hardware devices, but we will focus on software in this post.
Sunday 3 May 2020
By Mitch on Sunday 3 May 2020, 14:20 - Regulations
So we have a new guidance on cybersecurity for medical devices: the MDCG 2019-16. This is not the one we expected so quickly, but we're not going to complain about the existence of this guidance! It was published in December 2019. At last I found time to write a review.
This guidance covers a broad range of topics applicable to all stakeholders in the medical device supply chains, and to end-users. It explains a bit why it is 46 pages long.
Thursday 24 January 2019
By Mitch on Thursday 24 January 2019, 12:50 - Regulations
Friday 19 January 2018
By Mitch on Friday 19 January 2018, 14:15 - Regulations
Here is a quick follow-up of the new version of the FDA Guidance titled Medical Device Accessories – Describing Accessories and Classification Pathways, published in December 2017. This comes a bit in parallel to the Section 3060 guidance described in the previous post on the 21st Century Cures Act.
Friday 12 January 2018
By Mitch on Friday 12 January 2018, 15:00 - Regulations
Since the last blog post on US FDA guidance on software classification, things evolved quickly with the FDA. We know where they want to go with software as medical device, but not exactly how they will implement it.
Let's do a review of what has been done since the publication of the 21st Century Cures Act.
Tuesday 16 May 2017
By Mitch on Tuesday 16 May 2017, 21:53 - Standards
After a long pause, we continue this series about cybersecurity in medical devices with a discussion on AAMI TIR57:2016 Principles for medical device security — Risk management.
Friday 10 February 2017
By Mitch on Friday 10 February 2017, 14:20 - Regulations
By Mitch on Friday 10 February 2017, 14:19 - Regulations
Friday 4 November 2016
By Mitch on Friday 4 November 2016, 15:37 - Misc
The FDA released a guidance on clinical evaluation of standalone software medical device (a.k.a SAMD) in October 2016. This guidance is the same text and has the same presentation as the International Medical Device Regulatory Forum (IMDRF) guidance on SAMD clinical evaluation published in August 2016.
Friday 19 August 2016
By Mitch on Friday 19 August 2016, 13:48 - Regulations
The FDA released three new FDA guidances in July 2016:
- Two draft guidances on Deciding When to Submit a 510(k) for a Change to an Existing Device,
- The final guidance on General Wellness: Policy for Low Risk Devices.
Wednesday 10 August 2016
By Mitch on Wednesday 10 August 2016, 10:09 - Regulations
A new version of the MEDDEV 2.1/6 was published in July 2016.
The first version of 2012 was a major breakthrough. The new version won't change you life. Almost nothing new, excepted a few definitions on software, input data, output data, a remarkable reference to IMDRF definitions, and a non-significant update of the first decision tree.
Add to that a few typos, and you have the new version of the MEDDEV:
- "lossless compression" disappeared from the decision tree (was it intentional?) but is still present in the explanations of decision step 3,
- Decision step 7 doesn't have any explanation.
MEDDEV for nothing ♫ and tips for free ♬.
Friday 5 February 2016
By Mitch on Friday 5 February 2016, 13:45 - Regulations
Friday 29 January 2016
By Mitch on Friday 29 January 2016, 14:30 - Regulations
The FDA released one week ago a new draft guidance on Postmarket Management of Cybersecurity in Medical Devices.
This guidance is the sister of the guidance on Content of Premarket Submissions for Management of Cybersecurity in Medical Devices released in 2014. Both guidances address cybersecurity at different steps of software lifecycle: the 2014 guidance is about cybersecurity during design and development, the 2016 draft guidance is about cybersecurity during post-market surveillance.
Friday 20 March 2015
By Mitch on Friday 20 March 2015, 17:03 - Regulations
If you watch from time to time the new guidances released by the FDA, you probably noticed that two guidances about software were released in january and february 2015.
Friday 12 December 2014
By Mitch on Friday 12 December 2014, 21:42 - Regulations
When should a manufacturer report devices changes or QMS changes to notified bodies, according to the 93/42/CE directive?
There hasn't been clear criteria, until the Notified Bodies Operating Group (NBOG) published the Best Practice Guide 2014-3 : Guidance for manufacturers and Notified Bodies on reporting of Design Changes and Changes of the Quality System.
Friday 21 November 2014
By Mitch on Friday 21 November 2014, 12:46 - Regulations
At last! The FDA has published last October a guidance about cybersecurity that matters!
Not that the guidance previously published about Off-the-shelf software cybersecurity wasn’t worth reading it (Guidance to Industry: Cybersecurity for Networked Medical Devices Containing Off-the-Shelf Software), but its scope was more than reduced.
Friday 3 October 2014
By Mitch on Friday 3 October 2014, 13:58 - Regulations
After a temporary absence, I'm back on the waves with a new series of articles to talk about the files required by the 21 CFR 820 regulations:
- DHF: Design History File,
- DMR: Device Master Record,
- DHR: Device History Record.
Let's begin with the DHF.
Friday 11 April 2014
By Mitch on Friday 11 April 2014, 13:27 - Processes
Coming back to the discussion about validating compilers and IDE, here are a few more comments I have on this topic.