By

Brian Pate
COURSE DATES: February 18 – 19, 2019 TRAINING LOCATION: Tampa, Florida, USA COST: 2 Full Days for $2,495.00 January Registration Discount of 10% available through Jan 19, 2018. Meet our newest partner, John Murray, at the course! Download registration form Only a limited number of discounted seats are available – download registration form and email...
Read More
(January 7, 2019)— John F. Murray, Jr, of Mount Airy, MD USA, has joined Crisis Prevention and Recovery LLC (DBA SoftwareCPR ®) as a partner. John retired from the US Food and Drug Administration in December 2018 after 32 years of federal service. For 25 years at FDA, John focused on FDA regulated software and...
Read More
Clearly one of the great struggles with medical device product design is to understand and finely tune the design input for our devices.  It is difficult but the payoff can be great when done well – pays off with development efficiency, greater certainty with safety risk control, and ultimately in customer satisfaction. In our training...
Read More
It is always good to remind ourselves of exactly what the regulation says – often our corporate procedures can become “bloated” and lead some to believe that some specific activities and/or types of deliverables are required by the regulations.
Read More
One of the most difficult challenges for medical device and HealthIT manufacturers is to properly "level" the design requirements for their medical device systems such that it is clear when it comes to design validation versus design verification.
Read More
FDA released a new draft guidance today entitled, “Clarification of Radiation Control Regulations For Manufacturers of Diagnostic X-Ray Equipment Draft Guidance for Industry and Food and Drug Administration Staff“, dated December 17, 2018.  A few things to note related to software: On line 370, question 16, FDA addresses the question of the use of software...
Read More
Certainly everyone with any connection to information technology and networked devices is concerned with cybersecurity. However, often we just miss the basics – we do not practice good cyber hygiene. While not intended to be comprehensive or state-of-the-art, here are some security basics (or as some call it, “cyber hygiene”) that one should consider when developing...
Read More
FDA issued a draft guidance for prescription POC (Point-of-care) entitled “Blood Glucose Monitoring Test Systems for Prescription Point-of-Care Use.” This draft guidance document provides recommendations to industry about the types of information to include in their premarket submissions for blood glucose monitoring systems used for diabetes management in the health care prescription POC settings. This guidance...
Read More
Glanced through the latest FDA warning letters today.  From the FDA Medical Device & Radiological Health Operations West/Division 3 I see the inspector pointing out “This design validation also fails to include software validation [emphasis mine] to assure software will perform as intended and will not prevent safe operation by the user.”   Of course this is...
Read More
FDA released a final guidance "Benefit-Risk Factors to Consider When Determining Substantial Equivalence in Premarket Notifications 510(k) with Different Technological Characteristics" dated Sept. 25, 2018.  This guidance applies only to devices with similar intended use and if the different technological characteristics do not raise different questions of Safety and Effectiveness.  Read the full guidance at...
Read More
FDA has posted their FY 2019 Proposed Guidance Development list with priorities. A link is provided below but here is the “A” list items: Final Guidance Topics Consideration of Uncertainty in Making Benefit-Risk Determinations in Medical Device Premarket Approvals, De Novo Classifications, and Humanitarian Device Exemptions Unique Device Identification: Policy Regarding Compliance Dates for Class...
Read More
Partner and General Manager Brian Pate will be one of the faculty for the AAMI Application of Agile Practices course in Arlington, VA USA.  John Murray of FDA is tentatively scheduled to join Brian as faculty.  For more information, send a message below:
Read More
Regulatory Requirements for Software Validation in the Medical Industry
Read More
IEC 80002-1 Software Risk Management for Medical Device and HealthIT
Read More
Pharmaceutical Laboratories and Consultants, Inc. Date:8/29/18 This warning letter summarizes significant violations of current good manufacturing practice (CGMP) regulations for finished pharmaceuticals. See 21 CFR, parts 210 and 211. Because your methods, facilities, or controls for manufacturing, processing, packing, or holding do not conform to CGMP, your drug products are adulterated within the meaning of...
Read More
Company:  Draeger Medical, Inc. Date of Enforcement Report:  6/27/2018 PRODUCT Apollo Anesthesia Machine; Cat. no. 8605310 Product Usage:  Indicated as a continuous flow anesthesia system. The Apollo may be used for manually assisted or automatic ventilation, delivery of gases and anesthetic vapor, and monitoring of oxygen and CO2 concentration, breathing pressure, respiratory volume, and anesthetic agent concentration and identification....
Read More
Prepared a visual aide (one of many we use in our training courses) of key Medical Devices Standards and FDA guidance related to software.  Enjoy! SoftwareCPR Sw Stds Guidances
Read More
"Based upon the company’s precertification level and the level of risk for the device, the product (or modifications to a product) may be able to go directly to market or undergo a streamlined submission review"
Read More
Cybersecurity firm Sophos published an article on Medical Device cybersecurity and David Overton of SoftwareCPR® suggested we post this as it may be of interest. David pointed out these statements: A significant percentage of medical devices are not secure. Most medical device manufacturers do not take serious steps to secure their devices for two reasons:...
Read More
We help you meet the intent of the rule -- not the hype
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Created a job aide which compares the IEC 62304 and IEC 82304 elements for requirements. This is only intended to be used as a starting point and requires interpretation based on knowledge of each standard and the type of...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Use this as a starting point to gather information on the software development environment (and related information) as required in FDA's Guidance for Software Information to be included in open market submissions. It is only intended as a starting...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. A sample checklist for releasing or updating software is at the link provided. GoLiveiChecklistTrainingExample111115
Read More
Brian Pate of SoftwareCPR® writes: In May 2014, FDA offered further guidance to manufacturers regarding premarket submission information identifying cyber-security risks and hazards associated with their medical devices, and the responsibility for engineering appropriate risk controls to address patient safety and assure proper device performance. FDA encouraged manufacturers to report any cyber-security incidents that may...
Read More
Obviously, unit tests have their greatest value at the time of the development of the unit itself. Well-designed unit tests provide evidence that the unit performs its intended function, that the software design executes as intended, and allows the developer (or tester) to test the unit with inputs and states that may be difficult to...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Prepared this example Device Risk Management SOP for the purpose of risk analysis training where the pros and cons could be further discussed.  This example is modeled on the approach required by ISO 14971 and expands on it with...
Read More
We hope you find this Regulatory Roadmap on HIPAA Privacy and Security useful.
Read More
Although the HIPAA Privacy Rule directly effects “Covered Entities” medical device and pharmaceutical manufacturers may be involved in inadvertent release of private patient information and must deal with requirements from their customers that are Covered Entities. It was reported that: Eli Lilly, already has settled with eight states and the Federal Trade Commission for $160,000...
Read More
Expand your access! Subscribe today!

Corporate Office

+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TN) and Italy.