By

Alan Kusinitz
09
Nov

FDA Accredits UDI Agencies

November 9, 2015
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/UniqueDeviceIdentification/GlobalUDIDatabaseGUDID/UCM396595.pdf
Read More
19
Oct

FDA Physiological Closed Loop Workshop

October 19, 2015
http://www.fda.gov/MedicalDevices/NewsEvents/WorkshopsConferences/ucm457581.htm
Read More
11
Oct

ONC 2015 IT Certification Criteria

October 11, 2015
https://www.federalregister.gov/articles/2015/10/16/2015-25597/2015-edition-health-information-technology-certification-criteria-2015-edition-base-electronic
Read More
11
Oct

ONC 2015 IT Certification Criteria.

October 11, 2015
https://www.federalregister.gov/articles/2015/10/16/2015-25597/2015-edition-health-information-technology-certification-criteria-2015-edition-base-electronic
Read More
05
Oct

FDA CDRH Learn Health IT & Cybersecurity Training

October 5, 2015
FDA has a series of training videos and slide presentations referred to as CDRHLearn. Under the Special Technical Topics is an IT and Software Section which lists 3 topics: Digital Health, Premarket Cybersecurity Information, and CDRH Regulated Software.
Read More
23
Sep

FBI Cybersecurity Warning for Medical Devices

September 23, 2015
The U.S. FBI issued a Public Service Announcement on the Internet of Things that includes, “Criminals can also gain access to unprotected devices used in home health care, such as those used to collect and transmit personal monitoring data or time-dispense medicines. Once criminals have breached such devices, they have access to any personal or...
Read More
20
Sep

FDA CDRH Learn HealthIT and Cybersecurity Modules

September 20, 2015
FDA maintains a webpage for its educational modules referred to as “CDRH Learn.”  Specialty Technical Topics provides a list with a section for IT and Software that includes three modules on Digital Health, Cybersecurity information in premarket submissions, and CDRH regulated software.
Read More
10
Sep

SoftwareCPR September 2015 Newsletter

September 10, 2015
/docs/scpred/SoftwareCPR-NewsletterSept2015.pdf
Read More
08
Sep

Toxic gene guidance software information

September 8, 2015
http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM459917.pdf
Read More
02
Sep

AAMI Agile Methods Compliance Course

September 2, 2015
https://www.softwarecpr.com/feedbackframepage.htm
Read More
19
Aug

FDA Quarterly MDR Reporting Pilot Program

August 19, 2015
http://www.gpo.gov/fdsys/pkg/FR-2015-08-18/html/2015-20309.htm
Read More
14
Aug

Health IT Medication Overdose Article

August 14, 2015
Interesting write up: “How Medical Tech Gave a Patient a Massive Overdose”.  The article can be found at https://www.healthleadersmedia.com/innovation/how-medical-tech-gave-patient-massive-overdose
Read More
14
Aug

FDA Premarket Exemptions August 2015

August 14, 2015
/docs/FDApremarketclassificationcodexemptionsAug2015.pdf
Read More
31
Jul

FDA Cybersecurity Safety Communication – Hospira

July 31, 2015
FDA issued a safety communication to health care facilities using the Hospira Symbiq Infusion System regarding cybersecurity vulnerabilities. FDA is advising facilities to seek alternative infusion systems. In the interim, it is recommended the systems be disconnected from networks and maintain the drug libraries by updating manually along with other recommendations. An article regarding the...
Read More
31
Jul

NIST Healthcare Cybersecurity Framework

July 31, 2015
The National Institute of Science of Technology issued Version 1 of its framework for improving cybersecurity for critical infrastructure including health care. The full press release is at the link provided.
Read More
30
Jul

FTC fines MMApp with Medical Claims

July 30, 2015
http://www.consumer.ftc.gov/blog/can-your-app-really-do
Read More
05
Jul

Australian TGA Presentation on Software Regulation

July 5, 2015
In August 2014, the Australian Therapeutic Goods Authority (TGA) gave a presentation on its approach to software regulation of medical devices.  This is a short and very clear high level presentation that explains the TGA’s focus and use of relevant standards such as 62304 as well as its focus on safety and risk management. View...
Read More
09
Jun

SoftwareCPR June 2015 Newsletter

June 9, 2015
/docs/scpred/SoftwareCPR-NewsletterJune15.pdf
Read More
07
Jun

FDA UDI Rule Webpage

June 7, 2015
FDA issued a final version of its Universal Device Identification rule in 2013 and this rule is posted in the softwarecpr.com library. FDA also created and updates a webpage devoted to implementation of this rule (which will take place over seven years with higher risk devices sooner and lower risk devices at the end).
Read More
25
May

IMDRF Standalone Medical Device Software Draft

May 25, 2015
The International Medical Device Regulators Forum (IMDRF) SaMD draft of a quality system for Software as a Medical Device is available for public comment.
Read More
14
May

Health Canada Electronic Submissions

May 14, 2015
Link updated December 2018. In November 2014, Health Canada began requiring electronic submissions of license applications for Class III and Class IV medical Devices entitled: “Guidance for Industry: Formatting of Class III and Class IV Licence Applications (Electronic and Paper Formats)” File # 14-112992-741. Certain types of CDs and DVDs are specified along with information...
Read More
13
May

FDA MedWatch Infusion Pump Cybersecurity Alert

May 13, 2015
FDA issued a Medwatch alert for infusion pumps May 13, 2015, regarding security vulnerabilities in Hospira’s LifeCare PCA3 and PCA5 Infusion Pump Systems.  A researcher has shown that exploiting the vulnerabilities could allow an unauthorized user to remotely modify the dosage delivered.  Homeland security was previously working with Hospira about this vulnerability (we reported on...
Read More
30
Apr

Infusion Pump Security Vulnerability

April 30, 2015
Hospira Lifecare PCA infusion pump running “SW ver 412” does not require authentication for Telnet sessions, which allows remote attackers to gain root privileges via TCP port 23.  The U.S. Department of Homeland Security has been working with Hospira to get this resolved and Hospira will be performing a recall to correct this.
Read More
13
Apr

Best Practices in Risk Management Terminology

April 13, 2015
AAMI published an article entitled: “Best Practices in Applying Medical Device Risk Management Terminology” in its Spring 2015 Horizons publication. Alan Kusinitz, Founder of SoftwareCPR, co-authored this article and a reprint is provided with the permission of AAMI at the link provided. This is for your personal reference not for wider distribution due to the...
Read More
08
Apr

ECRI 2015 Patient Safety Concerns

April 8, 2015
http://www.ecri.org/press/Pages/Alarms-Health-IT-Patient-Violence-2015-Top-10-Patient-Safety-Concerns.aspx
Read More
08
Apr

HumanFactorsCPR Consulting Services

April 8, 2015
Crisis Prevention and Recovery, LLC (CPR) is excited to announce the formation of a new business speciality, HumanFactorsCPR. HumanFactorsCPR is the fourth business speciality under the CPR brand, joining SoftwareCPR, ValidationCPR, and RegulatoryCPR. “One of the most attractive features of our new HumanFactorsCPR services is our capability to bridge the risk analysis process with the...
Read More
31
Mar

Joint Commission Issues Alert on Health IT

March 31, 2015
/docs/TJCSafetyAlert54.pdf
Read More
31
Mar

Joint Commission Free online course on HealthIT

March 31, 2015
The Joint Commission, the nation’s largest accreditation organization for hospitals offers a free one hour online course entitled “Investigating and Preventing Health Information Technology-Related Patient Safety Events” at the link provided. https://www.jointcommission.org/topics/free_online_education_courses.aspx
Read More
20
Mar

ONC Prepub Proposed 2015 HIT Certification Reqs.

March 20, 2015
The draft of the US ONC proposed 2015 HealthIT ceritfication requirements rule is at the link provided. The final will be published March 30, 2015. This new version requires use of a quality system and states: “….QMS established by the federal government and SDOs include FDA’s quality system regulation in 21 CFR part 820, ISO...
Read More
20
Mar

ONC Prepub Proposed 2015 HIT certification Reqs

March 20, 2015
/Docs/2015-ONCHITCertificationCriteriaPrePubVersion06612.pdf
Read More
02
Mar

Risk Management for Forseeable Misuse

March 2, 2015
Stan Hamilton and Brian Pate of SoftwareCPR offer the following tip. As risk managers, we often struggle to draw the line for inclusion of foreseeable misuse. We ask questions like what is credible, and how far must you go? When performing risk analysis, we decide if it is credible enough to list as a hazard...
Read More
28
Feb

SoftwareCPR.com February 2014 Newsletter PDF

February 28, 2015
/docs/scpred/SoftwareCPR-NewsletterFeb2015.pdf
Read More
13
Feb

IMDRF Documents Webpage

February 13, 2015
The International Medical Device Regulators Forum (IMDRF) in which FDA participates continues to publish many documents including several related to software.
Read More
09
Feb

FDA Revised Mobile Medical App Guidance Feb 2015

February 9, 2015
FDA issued a revision to its “Mobile Medical Applications” Guidance Feb 9, 2015. The revision was to make this guidance consistent with the final “Medical Image Storage Devices, and Medical Image Communications Devices” guidance. Specific changes are FDA’s exercising of enforcement discretion to exempt MDDS and some Mobile Medical Apps from compliance the FDA regualtion....
Read More
07
Feb

SoftwareCPR.com February 2015 Newsletter PDF

February 7, 2015
docs/scpred/SoftwareCPR-NewsletterFeb2015.pdf
Read More
06
Feb

FDA Final MDDS Guidance

February 6, 2015
FDA issued a final version of its guidance for “Medical Device Data Systems, Medical Image Storage Devices, and Medical Image Communications Devices.” The document is dated February 9, 2015, although it was issued several days prior. This guidance is very significant as it states FDA is exercising discretion and not requiring compliance to the recent...
Read More
06
Feb

HealthIT ONC Quality System Standard Presentation

February 6, 2015
HIT Implementation, Usability and Safety Workgroup meeting on Friday, February 6, 2015 – SoftwareCPR® Partners Sherman Eagles and Alan Kusinitz gave a presentation at ONC’s request with recommendations on an approach to HealthIT provider quality systems regulation and standards. In addition to providing background on quality systems, SoftwareCPR® recommended that a standard or guidance be...
Read More
06
Feb

HealthIT Office of National Coordinator Calender

February 6, 2015
The Federal Advisory Committee calendar of meetings is at the link provided. Attendance or downloading of material for most of these meetings is open to the public.
Read More
02
Feb

AAMI HITQuality Management Principles

February 2, 2015
AAMI has filed a Project Initiation Notice with ANSI for a new standard on Application of Quality Management Principles and Practices to Health IT. The notice was published in the ANSI Standards Action publication on January 23. The notice is reproduced below. BSR/AAMI HIT2000-201x, Application of Quality Management Principles and Practices to Health IT (new...
Read More
02
Feb

AAMI HealthIT Quality Management Principles

February 2, 2015
AAMI has filed a Project Initiation Notice with ANSI for a new standard on Application of Quality Management Principles and Practices to Health IT. The notice was published in the ANSI Standards Action publication on January 23. The notice is reproduced below. BSR/AAMI HIT2000-201x, Application of Quality Management Principles and Practices to Health IT Stakeholders:...
Read More
27
Jan

FDA Adds Recognition for Several SW/HIT standards

January 27, 2015
FDA added the following standards to their recognized standards list and published the new recognitions January 2015. IEC TR 80001-2-5 2014. Application of risk management for IT networks incorporating medical devices–Part 2-5: Application guidance–Guidance on distributed alarm systems. IEEE Std 11073-10425- Health informatics 2014. Personal health device comunication, Part 10425: Device Specialization–Continuous Glucose Monitor (CGM)....
Read More
20
Jan

FDA General Wellness Product Policy Draft

January 20, 2015
This draft was replaced by a final guidance in August 2016. It is provided here for historical comparison only. FDA issued a draft “General Wellness: Policy for Low Risk Devices” guidance on January 20, 2015. This draft policy continues to redefine the borderline for FDA regulation/non-regulation of Health IT along with their MDDS and MMApps...
Read More
18
Jan

NIST Cybersecurity Framework Guidance v1.0

January 18, 2015
The U.S. National Institute of Standards and Technology issued a document entitled “Framework for Improving Critical Infrastructure Cybersecurity” dated February 12, 2014.   This document is now being used by FDA as a reference in its cybersecurity program.  You can download version 1.0 here: Framework for Improving Critical Infrastructure Cybersecurity Version 1.0 See our later post...
Read More
14
Jan

AAMI HIT Risk Management Standard

January 14, 2015
AAMI has filed a Project Initiation Notice with ANSI for a new standard on HIT risk management. The notice was published in the ANSI Standards Action publication on December 19. The notice is reproduced below. BSR/AAMI HIT1000-201x, Risk Management for Heath-IT (new standard) Stakeholders: The primary stakeholders are health IT producers and manufacturers, healthcare providers,...
Read More
05
Jan

AAMI BIT A. Kusinitz Interview

January 5, 2015
/docs/scpred/AAMI-BITarticle_Ten_Questions_With_Alan_Kusinitz.pdf
Read More
31
Dec

$All Recall Excerpts from Jan 2012 thru 2014$

December 31, 2014,
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related recall excerpts for the years listed. Some of the newest recalls on the site may not be included. This compilation is provided in reverse chronological order and is useful for quick review,...
Read More
31
Dec

FDA Radiation BioDosimetry Device Draft

December 31, 2014
/docs/FDARadiationBiodosimetryDevicesDraft.pdf
Read More
23
Dec

FDA 510(k) Transfer Draft Guidance

December 23, 2014
/docs/FDADraft510kTransferGuidance122214.pdf
Read More
23
Dec

FDA 510(k) Transfer Draft Guidance.

December 23, 2014
/docs/FDADraft510kTransferGuidance122214.pdf
Read More
20
Dec

Safety Assurance for EHR Article

December 20, 2014
The link provided is to a 2013 article entitled: “Safety Assurance Factors for Electronic Health Record Resilience (SAFER): study protocol.” Safety Assurance for EHR Article
Read More
1 2 3 4 5 6 18

SoftwareCPR Training Courses:

IEC 62304 and other emerging standards for Medical Device and HealthIT Software

Our flagship course for preparing regulatory, quality, engineering, operations, and others for the activities and documentation expected for IEC 62304 conformance and for FDA expectations. The goal is to educate on the intent and purpose so that the participants are able to make informed decisions in the future.  Focus is not simply what the standard says, but what is meant and discuss examples and approaches one might implement to comply.  Special deep discount pricing available to FDA attendees and other regulators.

3-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Brian Pate

Next public offering:  TBD

Email training@softwarecpr.com to request a special pre-registration discount.  Limited number of pre-registration coupons.

Registration Link:

TBD

 

 

Being Agile & Yet Compliant (Public or Private)

Our SoftwareCPR unique approach to incorporating agile and lean engineering to your medical device software process training course is now open for scheduling!

  • Agile principles that align well with medical
  • Backlog management
  • Agile risk management
  • Incremental and iterative software development lifecycle management
  •  Frequent release management
  • And more!

2-days onsite (4 days virtual) with group exercises, quizzes, examples, Q&A.

Instructors: Mike Russell, Ron Baerg

Next public offering: March 7 & 28, 2024

Virtual via Zoom

Registration Link:

Register Now

 

 

Medical Device Cybersecurity (Public or Private)

This course takes a deep dive into the US FDA expectations for cybersecurity activities in the product development process with central focus on the cybersecurity risk analysis process. Overall approach will be tied to relevant standards and FDA guidance documentation. The course will follow the ISO 14971:2019 framework for overall structure but utilize IEC 62304, IEC 81001-5-1, and AAMI TIR57 for specific details regarding cybersecurity planning, risk characterization, threat modeling, and control strategies.

2-days onsite with group exercises, quizzes, examples, Q&A.

Instructor: Dr Peter Rech, 2nd instructor (optional)

Next public offering:  TBD

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
office@softwarecpr.com
Partners located in the US (CA, FL, MA, MN, TX) and Canada.