Category

Blog
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Questionnaire asking the national bodies to choose which approach to risk management should be used in the second edition of IEC 62304. 62304 Edition 2 Questionnaire
Read More
This content is only available to our Premium subscribers. A presentation on IEC 62304 Second Edition may be found at the following link: IEC 62304 2nd Edition Presentation
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and regulatory activity overview Medical device software Two webinars were held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related recall excerpts for the years listed. Some of the newest recalls on the site may not be included. This compilation is provided in reverse chronological order and is useful for quick review,...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all software and computer related warning letter excerpts posted on this site for the years listed. Some of the newest warning letters on the site may not be included since we only update this...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and Regulatory Activity Overview Medical device software Two webinars will be held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management...
Read More
The latest communication from FDA regarding regulation of medical apps notes that mobile medical apps can greatly help patients be proactive and vigilant about their own healthcare. There has been increased demand for medical apps, and many of the apps depend on high levels of feedback between patients and clinicians. The FDA wants to regulate...
Read More
What concerns FDA when conducting a benefit-risk assessment of medical devices?  The answer is a long list of variables that can vary by type of device, target population, and indications for use, but the clear focus is on patient safety and benefit. The FDA considers both the device benefit-risk assessment, as well as evidence and...
Read More
Software-based medical devices tend to develop more quickly than typical hardware-based medical devices; so, in response, the FDA has turned to an agile regulatory model for software as a medical device (“SaMD”). The FDA describes the Software Precertification Program as a voluntary pathway, with tailored assessments of the safety and effectiveness of software technologies. Rather...
Read More
The latest communication from FDA regarding regulation of medical apps notes that mobile medical apps can greatly help patients be proactive and vigilant about their own healthcare.  There has been increased demand for medical apps, and many of the apps depend on high levels of feedback between patients and clinicians.  The FDA wants to regulate...
Read More
Here is the report for June/July, 2018. SoftwareCPRStandardsNavigatorReportfor2018-07
Read More
Prepared a visual aide (one of many we use in our training courses) of key Medical Devices Standards and FDA guidance related to software.  Enjoy! SoftwareCPR Sw Stds Guidances
Read More
This update addresses International and US National medical device standards ("a view of the landscape") being developed or revised that may be of interest to developers of software for medical devices or healthcare. Some of these standards are used directly for regulatory purposes and others may be valuable in demonstrating to regulatory authorities that a...
Read More
This content is only available to Premium level and Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR has prepared a collection of production and process validation material suitable for training in Production and Quality Systems 820.70(i) Validation including Part 11.  Portions could be made into handouts or provided electronically.  Download the manual...
Read More
On Dec. 14, 2017, the FDA released a Draft guidance dated Dec. 15, 2017 “The Least Burdensome Provisions: Concept and Principles.” This guidance discusses FDA’s intent and approach to applying Least Burdensome Principles to the total product lifecycle for medical devices based on requirements in FDAMA (Public Law 105-115), the FDA Safety and Innovation Act...
Read More
Summary of primary medical device standards as well as standards specific to Medical Device and Health IT software
Read More
FDA regulation of Medical Device Data Systems has changed significantly over the years. This, together with the blurred line between MDDS and general health information technology, interfaces between MDDS and regulated medical devices, the actual criteria for deciding if something is classified as a Medical Device Data System, and different regulatory requirements outside the US...
Read More
I don’t even really like to use the word retrospective
Read More
A short, short time ago, in this very own galaxy some companies were not making blockbusters, but medical devices. Whispers of quicker development times and better testing made the way past the water cooler until it became time to indulge and implement the mythical software development lifecycle. With the changes came weird language and rumors...
Read More
Testing activities should neither end with the release of the product nor once test documentation is complete, but should continue with the reduction of any test debt. Test debt is essentially a form of technical debt. Like technical debt, test debt is incurred during a project when compromises are made in the creation of test...
Read More
A security company indicated the following: … many companies received emails from Amazon indicating that their AWS S3 bucket policies were left configured as “publicly accessible”. These publicly accessible policies allow potentially sensitive cloud data exposed to cybersecurity threats, and likely are not the intention of the Amazon customers. Amazon recommended that each “bucket” policy...
Read More
Here are some thoughts from a recent conversation between Sherman Eagles, Brian Pate, and Alan Kusinitz of SoftwareCPR®: Cybersecurity vulnerabilities can have unpredictable effects on safety.  Unpredictable effects … to those who have worked to reduce risks of software failures in medical device software, that phrase may be familiar.  That concept is explained in relation to...
Read More
This document provides Sherman Eagle's June 2017 standards status update to be used with the Standards Landscape document. It provides a summary of status updates to primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards.
Read More
Cybersecurity firm Sophos published an article on Medical Device cybersecurity and David Overton of SoftwareCPR® suggested we post this as it may be of interest. David pointed out these statements: A significant percentage of medical devices are not secure. Most medical device manufacturers do not take serious steps to secure their devices for two reasons:...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Created a job aide which compares the IEC 62304 and IEC 82304 elements for requirements. This is only intended to be used as a starting point and requires interpretation based on knowledge of each standard and the type of...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Use this as a starting point to gather information on the software development environment (and related information) as required in FDA's Guidance for Software Information to be included in open market submissions. It is only intended as a starting...
Read More
Although IEC 82304-1 Health Software: General requirements for safety has been published it is not clear when it will be harmonized in the EU. Nonetheless it appears EU notified bodies are treating it as “state-of-the-art” and are likely to expect it to be used for software products that are regulated as medical devices. IEC TR...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. SoftwareCPR checklist for "IEC 82304-1: Health software - Part 1: General requirements for product safety."  Download: IEC 82304 SoftwareCPR Checklist SoftwareCPR can provide conformance assessments, training, or expert consultation for efficient use and implementation of 82304 for medical device...
Read More
This content is only available to Standards Navigator and Standards Navigators PLUS subscribers.  See our Subscribe page for information on subscriptions. This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how...
Read More
This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how the standards will impact the development of medical device and Health IT software. This is truly a MUST READ...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The attached pdf file contains all Part 11 related warning letter excerpts included on this site as of the date above.  This file is updated periodically, but for the most recent warning letters between these updates, do text...
Read More
This document is the result of an industry-led initiative of the European Commission. It is targeted at app developers and its purpose is to foster justified trust among users of mHealth apps which process personal data. Standards Navigator Draft Health Code of Conduct
Read More
The link provided is our revised checklist for changes in Amendment 1. You will need to login as a paid subscriber to download this checklist.
Read More
Click here to view a summary of my highlights and rationale, along with some practical implementation tips for the new ISO 13485:2016:  SoftwareCPR-ISO13485 revision March 2016 highlights Some of the revisions add items included in FDA’s 21 CFR 820 Quality System Regulation such as Design Transfer, Validation of automation of quality system activities, detailed records, and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains a training aid that provides an overview comparison between the 2015 Amendment of IEC 62304 and FDA requirements based on 62304 Safety Classes. SCPRed_SoftwareCPR-FDA-62304SafetyClasscomparisonTrainingAide
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. A sample checklist for releasing or updating software is at the link provided. GoLiveiChecklistTrainingExample111115
Read More
/docs/scpred/standardsnavigator/SoftwareCPRStandardsNavigatorReport2015-1.pdf
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related recall excerpts for the years listed. Some of the newest recalls on the site may not be included. This compilation is provided in reverse chronological order and is useful for quick review,...
Read More
/docs/scpred/StandardsNavigator/SoftwareCPRStandardsNavigatorReport2014-11.pdf
Read More
Brian Pate of SoftwareCPR suggest that a good rule of thumb is: If differences in the final product, produced by two different development groups using the same specification element, resulted in unacceptable differences in safety or efficacy then it would likely be a “requirement”. Otherwise it is most likely to be a design specification. This...
Read More
This content is only available to our Premium subscribers. See our Subscribe page for information on subscriptions. In SoftwareCPR training classes on IEC 62304 and FDA regulation, we sometimes use a fabricated example of a vertical slice of software documentation. This example includes requirements specification, risk analysis, design, and testing along with commentary for one functional...
Read More
A January 2014 ACM Journal has an interesting article on software verification at NASA JPL for the Mars Curiosity Rover at the link provided. A few things that I found interesting: Their standard for flight software is ISO-C99. The coding standard at JPL (http://lars-lab.jpl.nasa.gov/JPL_Coding_Standard_C.pdf) is risk-based and has 6 “levels of compliance”. LOC-5 and LOC-6...
Read More
Test driven development (TDD) is the creation and execution of automated tests early in development which fail, by design, until a programmed element is implemented. There are many terms to describe the process, but few will refute its value. Re-discovered in 2003, manufacturers are taking hold of this methodology, ensuring new hires can successfully and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. It contains all software and computer related warning letter excerpts included on this site. Some of the newest warning letters on the site may not be included since we only update this comprehensive document periodically. This compilation is provided...
Read More
Obviously, unit tests have their greatest value at the time of the development of the unit itself. Well-designed unit tests provide evidence that the unit performs its intended function, that the software design executes as intended, and allows the developer (or tester) to test the unit with inputs and states that may be difficult to...
Read More
The document at the link provided is a short checklist for helping ensure or assess requirements quality. It is an educational aid to be used only by knowledgeable individuals and should not be used blindly or considered comprehensive. This was prepared by Brian Pate with input from Alan Kusinitz. Requirement Quality Checklist
Read More
If sample sizes need to be determined there are many statistical methods and assumptions related to this so decisions should be carefully considered. Two of the most commonly used sample tables are ISO 2859 for attibutes and ISO 3951 for variables.
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. Mary Decareau of SoftwareCPR prepared a tiered checklist for EN 62366 Medical devices – Application of usability engineering to medical devices for our internal use and we are making it available to paid subscribers at the link provided and...
Read More
This content is only available to Premium and higher subscribers.  See our Subscribe page for information on subscriptions. The SFDA prepared a draft document entitled "Explanations on the Basic Requirements of Application for Registration of Medical Device Software" on April 28, 2012, which is linked below. This was initially translated to English by JIRA (Japan Industries Association...
Read More
1 2 3

Upcoming Training

Agile Methods for Medical Device and Health IT Software

One day course that expands on the software risk management topics covered in our IEC 62304 and other Emerging Standards for Medical Device and HealthIT Software course. Essentially the same topics are covered but in greater depth with more attention to hands-on analysis of examples.

Email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN) and Italy.