Tag

standards

Standards

This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and regulatory activity overview Medical device software It appears that in response to a question posed by the IEC 62304 working group, the ISO and IEC member countries want ISO 14971 to be required for use of the second...
Read More
One of the most difficult challenges for medical device and HealthIT manufacturers is to properly "level" the design requirements for their medical device systems such that it is clear when it comes to design validation versus design verification.
Read More
Certainly everyone with any connection to information technology and networked devices is concerned with cybersecurity. However, often we just miss the basics – we do not practice good cyber hygiene. While not intended to be comprehensive or state-of-the-art, here are some security basics (or as some call it, “cyber hygiene”) that one should consider when developing...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and regulatory activity overview Medical device software Two webinars were held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management and...
Read More
Underwriters Laboratories, Inc. published the First Edition of the Standard for Safety for Remote Software Updates, UL 5500 on September 6, 2018. This standard covers remote software updates, accounting for the manufacturer’s recommended process to ensure safety. It is limited to software elements having an influence on safety and compliance with the particular end product...
Read More
Two webinars will be held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health Informatics, as well as the Member Bodies of ISO/TC 210, Quality management and corresponding general aspects for medical devices. These webinars are being held to explain the status of the IEC 62304 project. A committee...
Read More
UL 5500 – Safety for Remote Software Updates has been adopted as a U.S. National Standard. It covers the remote updating of software via the manufacturer’s recommended process. It is limited to software elements having an influence on safety and on compliance with the particular end product safety standard. It is not specific for medical...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. Standards and Regulatory Activity Overview Medical device software Two webinars will be held for the National Committees of IEC/SC 62A and the Member Bodies of ISO/TC 215, Health informatics, as well as the Member Bodies of ISO/TC 210, Quality management...
Read More
Here is the report for June/July, 2018. SoftwareCPRStandardsNavigatorReportfor2018-07
Read More
Prepared a visual aide (one of many we use in our training courses) of key Medical Devices Standards and FDA guidance related to software.  Enjoy! SoftwareCPR Sw Stds Guidances
Read More
This update addresses International and US National medical device standards ("a view of the landscape") being developed or revised that may be of interest to developers of software for medical devices or healthcare. Some of these standards are used directly for regulatory purposes and others may be valuable in demonstrating to regulatory authorities that a...
Read More
The International Medical Device Forum, which FDA participates in, released a draft for comment entitled, “Essential Principles of Safety and Performance of Medical Devices and IVD Medical Devices.“  This guidance document describes fundamental design and manufacturing requirements, referred to as “Essential Principles of Safety and Performance” that, when met, indicate a medical device is safe and...
Read More
Summary of primary medical device standards as well as standards specific to Medical Device and Health IT software
Read More
"AAMI TIR69: Risk Management of Radio-frequency Wireless Coexistence for Medical Devices and Systems" available for purchase
Read More
The FDA published a list of standards added to their recognition list on August 21, 2017. IEC 82304-1 Edition 1.0 2016-10. Health software part 1: General requirements for product safety are included on this list in the Software/Informatics Section, along with a number of other standards related to device communication (including specifics of glucose meters...
Read More
This document provides Sherman Eagle's June 2017 standards status update to be used with the Standards Landscape document. It provides a summary of status updates to primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards.
Read More
“IEC TR 80002-2 Medical device software – Part 2: Validation of software for medical device quality systems” has been published. This TR provides guidance for new requirements in ISO 13485:2016 for validating software used in quality systems. ISO/TR 80002-2:2017 applies to any software used in device design, testing, component acceptance, manufacturing, labeling, packaging, distribution and...
Read More
AAMI Software and IT-related standards working groups include one for interoperability (with 3 standards work items), one for Device Security (with 2 standards work items), one for Wireless, one for SW Defect Classification, and one for AAMI/UL 2800-1 for specification of architecture independent requirements. There is also a separate Health IT Committee with several items...
Read More
Although IEC 82304-1 Health Software: General requirements for safety has been published it is not clear when it will be harmonized in the EU. Nonetheless it appears EU notified bodies are treating it as “state-of-the-art” and are likely to expect it to be used for software products that are regulated as medical devices. IEC TR...
Read More
This content is only available to Standards Navigator and Standards Navigators PLUS subscribers.  See our Subscribe page for information on subscriptions. This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how...
Read More
This document provides a summary of primary medical device standards as well as standards specific to Medical Device and Health IT software including Cybersecurity and systems and software engineering standards. It includes an assessment of how the standards will impact the development of medical device and Health IT software. This is truly a MUST READ...
Read More
“IEC 82304-1: Health software – Part 1: General requirements for product safety” has been approved and released. It can be purchased from the ISO at the link provided. This standard addresses Health Software Products in general and does not attempt to define which are regulated and which are not. Its scope is all standalone software...
Read More
A final draft (FDIS) of “IEC 82304-1: Health software – Part 1: General requirements for product safety” has been approved. The standard will be published after final editing. This is expected around the end of the year (2016). The primary focus of this standard is on requirements for the developers of the software product. It...
Read More
A final draft for approval (FDIS) of “IEC 82304-1: Health software – Part 1: General requirements for product safety” has been circulated. The ballot ends on October 14, and the standard is expected to be published by the end of 2016. This standard applies to software products that do not require specific hardware designed for...
Read More
The purpose of DTSec is to establish a standard used to provide a high level of assurance that electronic products for the treatment of diabetes deliver the security protections claimed by their developers and required by their users. Diabetes Tech Society Standard
Read More
http://www.gpo.gov/fdsys/pkg/FR-2016-04-04/html/2016-07467.htm
Read More
Click here to view a summary of my highlights and rationale, along with some practical implementation tips for the new ISO 13485:2016:  SoftwareCPR-ISO13485 revision March 2016 highlights Some of the revisions add items included in FDA’s 21 CFR 820 Quality System Regulation such as Design Transfer, Validation of automation of quality system activities, detailed records, and...
Read More
The Final Draft International Standard was approved at the end of 2015 and will be submitted for publication. The standard is expected to be published by the end of March 2016.  A three year transition period has been proposed.
Read More
Sherman Eagles of SoftwareCPR expects increased standards and regulatory activity related to Software and HealthIT in 2016. Here are some of the areas to watch: IEC 82304-1 Health Software: General requirements for safety will be completed during the first half of 2016. It is intended that this standard be harmonized in the EU, but it...
Read More
In July 2015 an amendment was issued to IEC 62304. While this amendment was focused on additions for legacy software and clarifications to the use of risk in safety classification, keep in mind that a number of other smaller changes and additions were made. Some of the more significant ones include: Reduction in the exemptions...
Read More
A committee draft for vote has been circulated for the AAMI TIR 57 Principles for medical device information security risk management. The objective of this TIR is to provide guidance on how medical device manufacturers can manage risks from security threats that could impact the confidentiality, integrity, and/or availability of the device or the information...
Read More
The National Institute of Science of Technology issued Version 1 of its framework for improving cybersecurity for critical infrastructure including health care. The full press release is at the link provided.
Read More
The first amendment to IEC 62304 amendment has been published as Edition 1.1. You can purchase just the amendment, which notates what has changed, or a consolidated redline version. It is currently available from ANSI or IEC. AAMI will publish it in the near future, although it may be expensive to purchase from AAMI. This amendment mainly focuses...
Read More
The National Electrical Manufacturers Association (NEMA) has published a guidance document on supply chain best practices for electrical equipment and medical imaging manufacturers to minimize the possibility that bugs, malware, viruses, or other exploits can be used to negatively impact product operation. The document is a representation of identified best practices that vendors can implement...
Read More
The CWE can be a useful reference to use when performing medical device software risk management and security vulnerability analysis. The Common Weakness Enumeration Specification (CWE) provides a common language of discourse for discussing, finding and dealing with the causes of software security vulnerabilities as they are found in code, design, or system architecture. Each...
Read More
The ballot on the final draft of the IEC 62304 amendment, which focuses on safety classification and legacy software, closes in May. We expect publication by July, followed by a consolidated version that incorporates the amendment. Adoption by CENELEC as an EN is happening concurrently, so harmonization by the EU should happen late this year...
Read More
ANSI/AAMI/IEC TIR80001-2-5:2014 “Application of risk management for IT-networks incorporating medical devices Part 2-5: Application guidance: Guidance on distributed alarm systems” has been published. Sherman Eagles of SoftwareCPR was a co-chair for this.
Read More
/docs/scpred/standardsnavigator/SoftwareCPRStandardsNavigatorReport2015-1.pdf
Read More
AAMI has filed a Project Initiation Notice with ANSI for a new standard on Application of Quality Management Principles and Practices to Health IT. The notice was published in the ANSI Standards Action publication on January 23. The notice is reproduced below. BSR/AAMI HIT2000-201x, Application of Quality Management Principles and Practices to Health IT Stakeholders:...
Read More
A committee draft (CD) of “IEC TR 62366-2: Medical devices – Part 2: Guidance on the application of usability engineering to medical devices” was issued for comment. This technical report provides medical device manufacturers with guidance on how to integrate usability engineering (also called human factors engineering) principles and user interface design practices into their...
Read More
/docs/scpred/StandardsNavigator/SoftwareCPRStandardsNavigatorReport2014-11.pdf
Read More
AAMI TIR50: 2014 “Post-market surveillance of use error management” addresses use error detection for medical devices from the clinical, manufacturer, patient, user, and regulatory perspective. The goal is to provide guidance on how these individuals can best collect, assess, and leverage post-market use error data to mitigate product risk, and to improve product safety and...
Read More
There is a new draft for vote of ISO 13485 Medical Devices – Quality Management systems – requirements for regulatory purposes. This version updates the references to ISO 9001 to the 2008 version. Some new requirements include: A requirement for a risk management process has been added in the product realization phase and ISO 14971...
Read More
NIST received comments on the Preliminary Cybersecurity Framework for improving critical infrastructure cybersecurity and is updating the framework. They have announced that the final version (Version 1.0) will be released on February 13. When it is released, the Final Framework will be posted at NIST.
Read More
The International Telecommunication Union (ITU) has adopted the Continua Design Guidelines (CDG) that contain specifications to ensure the interoperability of devices used for applications monitoring personal health (Recommendation ITU-T H.810 Interoperability design guidelines for personal health systems). ITU-T H.810 is available at the link provided: http://www.itu.int/rec/T-REC-H.810-201312-I
Read More
IECEE published Document OD-2044 Ed. 2.2, Evaluation of Risks Management in medical electrical equipment according to IEC 60601-1 and IEC/ISO 80601-1. The procedure intends to provide a uniform approach to the Certification Body Testing Laboratory and Manufacturer on assessment and documentation of compliance with the relevant clauses of IEC 60601 standard series related to the...
Read More
IEC 80002-1 “Guidance on the application of ISO 14971 to medical device software” has been reconfirmed with a new stability date of 2016. This means that the document will not change before 2016. The next review to determine if the technical report should be revised will occur in 2015. IEC 80001-1 “Application of risk management...
Read More
FDA has recognized a total of 25 standards on medical device interoperability and cybersecurity. These standards can be categorized into 3 groups: Risk management standards for a connected and networked environment (IEC 80001 series and ASTM F2761-09) Interoperability standards that establish nomenclature, frameworks, and medical device specific communications, including system and software lifecycle processes (ISO/IEEE...
Read More
NIST was directed to prepare a cybersecurity framework for critical infrastructure in Presidential Executive Order 13636. Healthcare was identified as one of the areas with critical infrastructure. This draft for comment is only an outline of the framework. NIST_draft_outline_cybersecurity_framework
Read More
The debate over ISO 14971 continues between industry and the European Commission. The joint ISO & IEC working group responsible for ISO 14971 met and determined that ISO 14971 still represents the state of the art for medical device risk management and that no changes were needed, despite the position of the EC that ISO...
Read More
This document provides answers to questions that have been asked to notified bodies regarding using EN 62304 for regulatory purposes in the EU. FAQ 62304
Read More
Brian Pate of SoftwareCPR now leads our specialized validation services for Mobile Medical Apps (MMApps), including our own simulator-based testing and automated unit and functional testing. For mobile apps that are regulated medical devices, we provide full design control and premarket submission support by compliance and validation experts with specific mobile app technical knowledge that...
Read More
IEC SC 62A has agreed that the 2nd edition of 62304 will be expanded to cover all Health Software, not just medical devices. In the interim, an amendment will be issued to clarify current safety classification as well as application of 62304 for legacy software (this was originally intended to be done as part of...
Read More
AAMI and FDA held a two day event Oct 2-3, 2012, as a summit on interoperability. 260 people attended. AAMI has authorized widespread distribution of the proceedings document from this event (see the link provided). Interoperability Summit 2012
Read More
The Global Harmonization Task Force revision of its guidance on Essential Principles of Safety and Performance of Medical Devices is at the link provided. GHTF Essential Principles. It includes requirements for software that are similar to the European Union’s essential requirements relating to software.
Read More
The GHTF is ending and will be replaced by a regulator-only organization, the International Medical Device Regulators Forum (IMDRF). This is the closing statement by the GHTF: GHTF-Closing-Statement.
Read More
AAMI/CDV-1 62366:2007/A1 (IEC/SC62A/826/CDV) — Medical devices – Application of usability engineering to medical devices, Amendment 1. This amendment is out for comment and addresses legacy user interfaces and 62366 conformance for User Interfaces of Unknown Provenance (UOUP). The 62366 amendment draft can now downloaded free from AAMI. Go to the AAMI web site at the...
Read More
The first committee draft of the second edition of “IEC 62304 Medical device software life cycle processes” has been circulated internally for comment. Major changes include a revision of how software safety class is determined, which could reduce the tendency towards most software being Class C; clear requirements for legacy software that explain how conformance...
Read More
Presentations made at the AAMI/FDA Interoperability Summit on October 1-2, 2012, can be found at the link provided. http://www.aami.org/interoperability/presentations
Read More
See the attached press release from AAMI and UL regarding their collaboration to produce a series of interoperability standards. AAMI UL Interoperability Press Release
Read More
AAMI has published “AAMI TIR45: 2012 Guidance on the use of AGILE practices in the development of medical device software.” FDA staff was involved in development of this guidance for compliant use of Agile methods. The document can be ordered from AAMI.org.
Read More
FDA issued a list of modifications to its standards recognitions. The link provided is the webpage where FDA posts each modification list.
Read More
The final version of “ANSI/AAMI SW 87:2012 Application of quality management system concepts to medical device data systems” has been published. FDA initiated and participated in this work. Sherman Eagles, Sandy Hedberg, and Molly Ray of SoftwareCPR were on the working group and Alan Kusinitz of SoftwareCPR was a reviewer. SoftwareCPR can provide MDDS developers...
Read More
Medical Device Interoperability Coordinating Council draft concept paper is at the link provided. This group is being facilitated by the FDA to encourage interoperability between medical devices. MDICC Draft Concept
Read More
This link provides a ten-year strategy document for information technology use in healthcare in England. NHS Power of Information
Read More
The American College of Clinical Engineering issued its ACCE 2012 Challenge Awards. Sherman Eagles of SoftwareCPR received an award achievement in the field of health technology management for his leadership of the working groups for IEC 80001-1 for risk management of IT networks that incorporate medical devices and the AAMI Medical Device Data System-MDDS/Quality Systems...
Read More
A proposal has been made for a fast-track amendment to IEC 62366 related to use with legacy products. Application of “62366 Medical devices – Application of usability engineering to medical devices” to legacy devices has been inconsistent and problematic; this proposal is for a fast track amendment to address what is called User Interface of...
Read More
The Institute of Medicine report is at the link provided. Health IT and Patient Safety Report
Read More
For devices where the medical device manufacturer intends to maintain remote access capability for service and updates, controls are needed to ensure this access does not compromise the security or operation of the device. There is one FDA recognized standard that addresses this for clinical laboratory devices, but many of the provisions could be instructive...
Read More
The UL 1998 revision comment period ends March 5, 2012. The suggested revisions include: Reducing ambiguity in the applicability of the requirements for Negative Condition Branch failure mode and stress testing Revision of requirements to address the effects of power supply voltage variations Revised formating of Table A2.1 to clarify acceptable measures for each requirement...
Read More
The Joint Initiative on SDO Global Health Informatics Standardization is formed to enable common, timely health informatics standards by addressing and resolving issues of gaps, overlaps, and counterproductive standardization efforts.
Read More
IEC Technical Committee 62 established a Software and Network Advisory Group at its meeting in September. Sherman Eagles of SoftwareCPR was named chair of this 7-member international advisory group. The purpose of the group is to advise the TC Chairman and other TC and sub-committee officers on the need for software standards for medical devices,...
Read More
SoftwareCPR participates in standards development and provides a premium subscription to provide additional insight and access to the development of new standards. The link, In Play 2011-09, is to one of Standards Navigator subscriber documents titled, “In play: The changing health and medical device software standards landscape.” This is updated regularly and includes the changes and new standards...
Read More
FDA has created a webpage dedicated to regulation of Medical Device Data Systems. Note that the deadline for registration and listing (including for healthcare institutions that would be considered MDDS manufacturers) is May 18, 2011, and the deadline for reporting adverse events through MedWatch is April 18, 2012.
Read More
A proposal for a guidance document on “Applying the Quality System to Medical Device Data Systems” has been submitted to AAMI by the FDA. The work is expected to be done by the AAMI software committee and the AAMI Quality Management committee.
Read More
The new work item proposal (NWIP) for a standard for “Healthcare Software Systems – Part 1: General requirements” was approved in IEC. 82304-1 62A 839 CD
Read More
IEC 60601-1 only applies to medical electrical equipment. So software that is a stand alone product does not fall within the scope of IEC 60601-1. A new work item on Healthcare Software Systems was recently approved. This new standard is intended to apply to stand alone software and will have similar (but not necessarily the...
Read More
There is a specific standard for radiotherapy treatment planning systems, IEC 62083 Edition 2.0 (2009-09-23) Medical electrical equipment – Requirements for the safety of radiotherapy treatment planning systems. When there is a specific standard, it takes precedent over general standards. IEC 60601-1 only applies to medical electrical equipment. So software that is a stand alone...
Read More
The AAMI Human Factors committee has proposed a work item to develop a new standard: “AAMI/HE N245R2, Human factors engineering design processes for medical device software not considered a medical device”.The current proposal is the scope would be Heath IT user interface engineering for software not considered part of a medical device.
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A new work item and draft technical report for guidance in implementing IEC 80001-1:2010. This TR provides practical guidance for doing risk management for hospital networks.The report is at the link provided until the review period ends on 24-Feb-2011. IEC...
Read More
This content is only available to Standards Navigator subscribers.  See our Subscribe page for information on subscriptions. A new work item and draft technical report for guidance in implementing IEC 80001-1:2010. This TR provides a framework for a dialogue between a medical device manufacturer and a hospital regarding system and data security controls. The report is at...
Read More
This topic provides information and tools related to standards that play a significant role in health software and software intensive medical devices. In addition to information on existing standards, SoftwareCPR Standards Navigator keeps you up to date on new standards activity and gives you expert insight into future changes to existing standards.Draft standards are posted...
Read More
This website provides access to the latest lists of references of harmonised standards and other European standards. “Manufacturers, other economic operators, or conformity assessment bodies can use harmonised standards to demonstrate that products, services, or processes comply with relevant EU legislation.”
Read More
http://www.fda.gov/downloads/aboutfda/reportsmanualsforms/forms/ucm081667.pdf
Read More
http://www.massdevice.com/blogs/massdevice/medical-devices-next-hackers-target-list
Read More
CDRH is immediately recognizing IEC 60601-1, third edition. The announcement was made yesterday morning at the 20th annual AAMI/FDA international standards conference by Carol Herman, director of the standards management staff at CDRH. The center’s acceptance of the standard also includes “all collaterals and particulars,” said Herman. She anticipates CDRH will publish a Federal Register...
Read More
The EU standardization organizations, CEN and CENELEC, have formed a joint working group on standards for software and medical devices (SAMD). The first meeting will be December 8th. Notice is at the link provided. With the harmonization of IEC 62304 (including for IVD devices), potential modifications to the scope of 60601, and the recent Medical...
Read More
The European Commission Borderline and Classification committee has put out a call for software experts to join a working group on qualification and classification of software. The first meeting will be December 2nd, and will be chaired by Lennart Philipson from the Swedish Medical Products Agency. The Medical Information System report from Sweden has been...
Read More
/docs/FDATraining-Module7IEC62304-BECSconferencePresentation-JMurray110409.pdf
Read More
CDRH moved to a new location. The address of the document mail center for submissions and related communications is now: U.S. Food and Drug Administration Center for Devices and Radiological Health Document Mail Center – WO66-G609 10903 New Hampshire Avenue Silver Spring, MD 20993-0002
Read More
“IEC TR 80002-1 Medical device software – Part 1: Guidance on the application of ISO 14971 to medical device software” has been released. This standard was based on AAMI TIR32 but focuses on the 14971 perspective. AAMI has adopted TR 80002-1 as well and may obsolete TIR32 although there are some areas where TIR32 is...
Read More
These two draft standards for networked medical devices and for medical device software risk management have been renumbered IEC 80001-1 and IEC 80002-1 respectively. IEC 80002-1 was released for a 3 month ballot period Jan 16, 2009.
Read More
The pdf at the link provided is a reprint of an article entitled An Introduction to IEC 80001: Aiming for Patient Safety in the Networked Healthcare Environment” authored by Sherman Eagles, Partner at SoftwareCPR. This is reprinted with permission from the Association for the Advancement of Medical Instrumentation (AAMI), www.aami.org. The article first appeared in...
Read More
IEC 62304 and IEC 60601-1 3rd edition were harmonized in the European Union on November 28. A claim of compliance with 62304 now provides a presumption of conformity with the MDD and AIMDD for software. In addition, 62366 – application of usability engineering to medical devices has also been harmonized.
Read More
IEC/CD2 80001, Application of risk management for IT-networks incorporating medical devices was released for balloting on 11/25/2008 by AAMI. This standard applies to Medical Device manufacturers as well as healthcare IT organizations. The deadline for comments is Jan 15, 2009. An article about this standard by SoftwareCPR partner Sherman Eagles is posted on this website.
Read More
The Chinese regulatory authority SFDA has adapted IEC 62304 “Medical device software – software lifecycle processes” as the software development standard for the Chinese Medical Device Industry. It has been translated to chinese. The publishing date is April, 25, 2008. The implementation date is June 1, 2009.
Read More
1 2
Expand your access! Subscribe today!

Corporate Office

+1-781-721-2921
Partners located in the US (CA, FL, MA, MN, TN) and Italy.