11
Nov
2018

October 2018 Standards Navigator Report

,
,
0

This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions.

Standards and regulatory activity overview

Medical device software

Two webinars were held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management and corresponding general aspects for medical devices. These webinars were being held to explain the status of the IEC 62304 project.  Following these webinars, a questionnaire was prepared to ask the National Committees and Member Bodies to choose an option for how to address risk management in the second edition of IEC 62304.  The presentation made during the webinars and the questionnaire regarding risk management can be found on the SoftwareCPR Standards Navigator web page.

Medical devices

The committee draft international standard for vote (IEC CDV and ISO DIS) of ISO 14971 Edition 3 was approved. Comments that were received will be resolved and the draft will move to Final Draft International Standard.  No changes to the technical content of the standard will be allowed after the resolution of the comments that were received on the CDV.   The new edition is expected to be approved in 2019.

Nearly 500 comments were received on the committee draft of ISO TR 24971 Edition 2.  This document is guidance on the application of ISO 14971. The comments will be resolved and another draft circulated.

A committee draft for vote (CDV) of IEC 62366-1 Edition 1 Amd1 has been circulated. This amendment corrects identified inaccuracies in IEC 62366-1:2015 while making no fundamental changes to the usability engineering process as originally conceived in that document.

A committee draft for comment of an amendment to the fourth edition of IEC 60601-1-2 Electromagnetic disturbances – Requirements and tests has been circulated. This amendment includes high priority issues that were considered important enough to resolve before the next full revision of the standard, which will occur no earlier than 2024.

FDA has indicated that it will replace its Quality System Regulation (21CFR820) with ISO 14985 in the future. AAMI is developing a comparison of the requirements of 21CFR820 and ISO 13485:2016.  A working draft of this comparison has been circulated for comments and is available on our site.

Cybersecurity

Work has begun on a new technical report in the IEC 60601 series:  IEC 60601-4-5: Guidance and interpretation – Safety related technical security specifications for medical devices. This document provides IT security specifications for Medical Devices connectable to Medical IT Networks as network components, including medical software applications.

Health IT

Work is continuing on new drafts of IEC 80001-1 second edition and the new ISO 81001-1. Drafts of both standards are expected to be circulated by the end of 2018.

New Standards and Guidance Documents

Medical device software

No new documents this month.

Medical Devices

A draft for vote of ISO/IEC Guide 63 Guide to the development and inclusion of aspects of safety in international standards for medical devices has been circulated. Guide 63 provides practical guidance to standards writers on how to include safety aspects in the development of medical device standards including management system standards related to medical devices.

 

A committee draft for vote of AAMI TIR38 Medical device safety assurance case guidance has been re-circulated with some changes to the example. This revision includes an annex on Lessons learned regarding safety cases that provides both general industry lessons and some common problems that FDA has recognized in medical device safety cases.

 

A committee draft for vote of an amendment to IEC 62366-1 Application of usability engineering to medical devices has been circulated. This amendment corrects identified inaccuracies in IEC 62366-1:2015 while making no fundamental changes to the usability engineering process as originally conceived in that document.

 

A committee draft for comment of an amendment to the fourth edition of IEC 60601-1-2 Electromagnetic disturbances – Requirements and tests has been circulated. This amendment includes high priority issues that were considered important enough to resolve before the next full revision of the standard, which will occur no earlier than 2024.

 

A committee draft for vote of AAMI TIR 75 – Factors to consider when multi-vendor devices interact via an electronic interface; Practical applications and examples has been circulated. This document is intended to assist stakeholders in considering risks associated with connectivity when designing, testing, installing, and maintaining devices that interact via an electronic interface. It identifies a number of specific factors that should be considered as part of risk management activities. It also provides examples where these factors are used to identify causes, hazards, and hazardous situations related to interoperability.

 

A draft for comment of AAMI SW95 Forensic Data Logger for an Integrated Clinical Environment (ICE) has been circulated. This standard provides general functional and interoperability requirements for system data logging capabilities including the recording and storage of the data in support of forensic analysis of ICE systems. Data logs, data logging, and data loggers can play an important role in the basic safety and essential performance of integrated clinical environments by enabling the assessment of the performance of the ICE system and its components.

 

A working draft of AAMI TIR 102 comparison of the requirements of 21CFR820 and ANSI/AAMI/ISO 13485:2016 has been circulated.  This TIR is a correspondence of requirements between 21 CFR 820 and ANSI/AAMI/ISO 13485 that highlights similarities, differences, and key considerations for medical device manufacturers. The comparison covers all parts of 21CFR820 including appropriate references to the Preamble to QS Regulation and ANSI/AAMI/ISO 13485

 

Health IT and mobile health applications

No new documents this month.

Medical device and Health Security

A draft of AAMI TIR 97 Principles for medical device security — Postmarket risk management for device manufacturers has been circulated for comments. The objective of this TIR is to provide guidance on how medical device manufacturers should manage security risk in the production and post-production phases of the life-cycle of a medical device within the risk management framework defined by ISO 14971:2007. TIR97 is intended to be used in conjunction with AAMI TIR57:2016.

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 

 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 

 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.