Discover new articles every week on the topics of regulatory affairs (including international approval and FDA approval), QM systems (e.g., ISO 13485), risk management (ISO 14971), software development (IEC 62304), IT security, clinical evaluation, usability engineering (IEC 62366-1), and systems engineering (including IEC 60601-1, ISO 10993) - also for IVD medical devices.
Please note the pages for managers and beginners or filter by keywords (tags).
Coding guidelines are intended to promote source code that is understandable, maintainable, testable, and error-free. This article describes the regulatory requirements for coding guidelines and provides specific examples.
IEC 82304 is now available. This is a good reason to take a closer look at this standard for “health software products.”
The Health Breach Notification Rule defines when health records providers have to report which security issues to whom, within what time frame and in what form. This article provides a brief overview of the requirements of the US Federal Trace Commission (FTC).
The Federal Trade Commission (FTC) is an US agency that aims to ensure compliance with competition law and consumer protection. This article explains the circumstances that require you (e.g., as a medical device manufacturer) to comply with the FTC requirements and the specifics of these requirements. The case of Lumosity shows how radically the FTC…
Details“Will a software audit take place?” is a question that reached me via our micro-consulting. ‘And can I avoid a software audit by choosing the appropriate software safety class?” At first, I didn’t realize exactly what ‘software audit’ meant or what the exact concern was. But then I understood and found the question to be…
DetailsSoftware risk analysis depends on the following: Software itself cannot cause harm. It always happens via hardware or people. However, this does not mean there is no need for risk analysis in software. The opposite is the case!
The term software unit is defined in IEC 62304. Many manufacturers experience difficulties when specifying and testing these software units. This article gives you tips on how to avoid them.
DetailsThe FDA MAUDE database provides information on the “Manufacturer and User Facility Device Experience.” It thus corresponds roughly to the database used by the BfArM to publish manufacturer reports on risks.
IEC 60601-1 defines a PESS, a Programmable Electronic Subsystem, as a system based on one or more central processing units, including their software and interfaces. The standard does not reveal what it means by system; in this context, it is a medical device component. For this, IEC 60601-1 sets out specific requirements for the PESS.
DetailsThe software architecture documentation primarily serves these objectives: Fast, effective, and plannable software development will succeed if the task (to develop software that meets the software requirements) is broken down into solvable subtasks, which can be distributed among many developers. The prerequisite for this is a precise (documentation of the) software architecture, which is unfortunately…
Details