IEC 80001-1 has the long title “Application of risk management for IT-networks containing medical devices – Part 1: Tasks, responsibilities and activities“. This article reveals what the standard requires and why manufacturers should also consider it. 1. About DIN EN IEC 80001-1 a) Objectives of DIN EN IEC 80001-1 The standard aims to help minimize…
DetailsWhether risk mitigation through information is permitted regularly leads to discussions. The answer to this question is important because it determines the conformity and non-conformity of medical devices. This article provides the answer and thus resolves a “historical misunderstanding.” 1. Regulatory framework All manufacturers are obliged to minimize the risks posed by their medical devices.…
DetailsThis article identifies the seven most common risk management errors that Johner Institute and its auditors encounter most often. It also offers advice on how to avoid these errors. Risk management is among the most important requirements medical device manufacturers must meet. Therefore, it is important that they avoid risk management errors. 1st error class:…
DetailsThe probability of software defects is difficult to estimate. It’s so difficult that the “old” DIN EN IEC 62304:2006 wrote: “However, there is no agreement on how to determine the probability of the occurrence of software failures using traditional statistical methods.” The standard concluded that “the probability of such a malfunction must be assumed to…
DetailsThe cybersecurity standard IEC 81001-5-1 focuses on how IT security needs to be taken into account in the software life cycle. As a special standard for health software, it supplements IEC 82304-1 and IEC 62304 among others, and can close gaps that urgently need to be closed. The EU is currently planning to harmonize IEC…
DetailsLaws and standards require organizations to prepare a risk management report. Notified bodies and authorities examine these reports intensively because risk management is a key regulatory requirement. Therefore, it is important (not only) for manufacturers to prepare precise, complete, and correct risk management reports. This article provides assistance in this regard. 1. What is a…
DetailsBoth the MDR and IVDR introduce the concept of Common Specifications. Definition of Common Specifications MDR and IVDR define Common Specifications as follows: Purpose of Common Specifications EU Directives, such as the MDD and IVDD, as well as EU Regulations, such as the MDR and IVDR impose so-called general requirements on all medical devices must meet. If the requirements are not met, manufacturers must not…
DetailsWe have known how vulnerable IT security is in the healthcare sector since February 2016, when the IT infrastructures of many clinics were brought to a standstill by a simple virus attack. As a result, the authorities are paying closer attention to ensuring that not only clinics but also manufacturers guarantee the IT security of…
DetailsThe third edition of ISO 14971 has been available since December 2019. This new version of ISO 14971 was published as ISO 14971:2019. It is an evolutionary development of ISO 14971:2007 and does not break with previous concepts. Manufacturers should familiarize themselves with the new and amended requirements of this standard. In December 2019, the…
DetailsA Quality Assurance Agreement (QAA) is a contract between companies such as medical device manufacturers and their suppliers (subcontractors). In these contracts, both parties regulate which obligations the suppliers must fulfill regarding the quality of the devices and services supplied. Find out in this article what content a Quality Assurance Agreement should contain and when…
Details