09
May
1997

FDA 21 CFR 806 Corrections and Removals

,
0

FDA CDRH’s 21 CFR Part 806 Medical Device Corrections and Removals defines requirements for reporting and record keeping related to device corrections and removals (which include software corrections and removals). The preamble specifically mentions software in one case. The excerpt follows and the full rule is attached:

“17. One comment states that a “bug list” distributed by device
manufacturers to customers advising them of problems associated with
software equipment used to run work stations could be considered a
correction to software.

A manufacturer, importer, or distributor that undertakes a
corrective or removal action for computer software that is considered a
medical device must submit a report of such action to FDA. If the
action is taken to reduce a risk to health or to remedy a violation of
the act that could present a risk to health caused by computerized
software that comes within the definition of a device, a report must be
submitted; however, it is not likely that a “bug list” would be
considered a removal. A “bug list” could be considered a correction
if it constitutes relabeling, but again, would only be reportable if it
was undertaken to reduce a risk to health or to remedy a violation of
the act that could present a risk to health.”

SoftwareCPR keywords: recall, fix.

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 

 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 

 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.