High Impact Services

We provide high impact regulatory compliance and premarket submissions services to Medical Device Manufacturers including:

  • Submission readiness reviews
  • Mock FDA inspections
  • Quality management system audits and assessments
  • IEC 62304 software lifecycle process assessments (including SiMD, SaMD, and HealthIT)
  • ISO 14971 risk management process assessments
  • IEC 62366 usability engineering process assessments
  • Cybersecurity pre-market and post-market process assessments
  • Software verification process assessments
  • Advice and support with response to FDA enforcement action representation and negotiation
  • Advice and leadership with development of automated test systems for SiMD and SaMD
  • Advice and leadership with lean product development and business agility coaching transformation services

High Impact Services

FDA Interaction
Submissions
Assessments and Audits
Tool Validation
Unit Verification
Blood Banking
Remediation
Request Information

We are actively helping clients with recovery from import detentions, injunctions, consent decree, Form 483 observations, and other FDA situations.  Our staff provides a broad spectrum of support to quickly create short term and long term prioritized plans, immediate response remediation actions, and education and training.

We help you quickly prepare the Software / Firmware & Cybersecurity / Interoperability section of your 510(k), PMA, or IDE Submissions. When we find missing or inadequate documentation, we help you quickly remediate documentation and, if necessary, lead you through quick re-engineering activities to close gaps.

We even can help you remediate weak design control / product realization processes in parallel to the submission readiness activities. 

SoftwareCPR – Submissions Services

We perform both assessments and audits for dozens of manufacturers and development organizations each year. Our assessments are generally focused on major compliance gaps but will also identify wasteful and inefficient activities. Our assessment reports provide our expert recommendations on effective and efficient approaches to gap closure.

Both our assessments and audits reflect our expertise with software and the intent the US regulations and the relevant software standards since our partners have participated on the working groups for IEC 62304, IEC 80002-1, IEC 81001-series, UL1988 & 5500, IEC 60601-2-24, etc.

We work with you to plan the type of assessment or audit that will fit your needs and budget.  Our audits help improve your staff’s ability to articulate and defend existing approaches and documentation as well as identify issues and areas to consider for improvement. Our clients range from large corporations to small start-ups.  Our assessors avoid nitpicking and are flexible in terms of acceptable approaches.  Our reports are designed to clearly distinguish objective findings from subjective concerns and recommendations.  Objective evidence of effectiveness of procedures is a key factor in determining their adequacy, rather than using a “one size fits all” criteria. Executive summaries differentiate findings of different significance and communicate overall status and regulatory risk.

Our staff has years of experience including certified auditors and instructors for public training courses on Quality Systems, Design Control and Software Validation with FDA co-instructors. Our staff has been involved in routine internal auditing as well as in response to significant FDA enforcement actions and some have come from FDA. Our staff has performed internal training at FDA and Health Canada and has authored related standards.

Validating the tools we use for quality system and production processes is important – both to us as medical device manufacturers and to regulators.  We want to know that we can trust the software to automate the processes consistently and repeatably.  However, the methods and process we use for tool validations should be commensurate with the risk associated with any tool software failures.  Many manufacturers can drift toward wasteful and non-value added activity in this area.  Let us review your approach for compliance and adequacy to FDA expectations, but also assess effectiveness: are you doing too much?  does validation add value?  How does one determine if it is enough?  We can review the intended use, overall process, and related processed to recommend a “right sized” approach.  For tools that are updated frequently (e.g., cloud based tools), we help you develop strategies and methods to “keep” your tools in validation.

We can also perform turn-key tool validation for groups that are resource limited or prefer to keep dev teams focused on product software.  We can perform the planning, review of intended use and any risk analysis work, create requirements and test protocols (if necessary), and execute testing – or any combination of those.  We can support development tools, testing tools, quality process tools (e.g., JIRA, Bug tracking systems, complaint handling systems, ERP systems, version control systems etc.), and manufacturing software.  We can also create quality plans and pilot programs as needed.  Our experience extends to helping strategize and create a plan for keeping tools validated, even when the tools are cloud-based. Many of our tool validations can be done on a fixed price basis.

 

Our staff has many years of experience dealing with medical device and software risk and hazard management for FDA compliance, submissions, and safety purposes, and thus are well suited to advise on unit verification approaches and methods.  Our experience ranges from low to high risk devices as well as risk-based approaches to validating Production and Quality Systems software and Part 11 compliance.  We can provide hands-on, turn-key code inspections, static analysis, and manual and automated unit verification assets.

SoftwareCPR – Design and Code Inspection Services

We have expert and specialized support with expectations from FDA’s Center for Biologics Evaluation and Research (CBER).  Our partners have worked with instrumentation and Blood Establishment Computer Systems (BECS) from the early days of compliance in this area.  We can help with regulatory planning, strategy, premarket submissions, compliance, and remediation activities.

Download our SoftwareCPR CBER Services Sheet

Our team of former medical device practitioners can effectively and efficiently assist with remediation activities for legacy products or acquired products that may have missing or poor software documentation.  We can help with quality planning, retrospective risk based approaches, and full hands-on creation of draft documentation for embedded software, SaMD including mobile apps, HealthIT, and digital health.  Key activities and deliverables we can help with:

  • System and software level risk analysis
  • System and software requirements and design specifications
  • Unit and integration level verification
  • Configuration Management
  • Defect Handling and Change Control
  • Cybersecurity analysis
  • Usability deficiencies

 

[

SoftwareCPR Training Courses:

IEC 62304 and other Emerging Standards Impacting Medical Device Software

Being Agile & Yet Compliant

ISO 14971 SaMD Risk Management

Software Risk Management

Medical Device Cybersecurity

Software Verification

IEC 62366 Usability Process and Documentation

Or just email training@softwarecpr.com for more info.

Corporate Office

15148 Springview St.
Tampa, FL 33624
USA
+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TX) and Canada.