Overview of Medical Device Cybersecurity Standards and Guidance Documents

If you are fairly new to cybersecurity compliance and have done some research online, you probably quickly noticed that there is a mind-boggling array of overlapping guidance and regulations. Deciphering their relevance to your device can be as confusing as the topic itself. Yet, making sense of your cybersecurity risk obligations starts with understanding which of these documents are “nice to have” versus “need to have.” To help you better understand the cybersecurity compliance landscape, we have created a list […]

» Read more

Risk Management Review, Reporting and Postmarket Planning

As part of the risk review process, you’ll need to assess your risk management activities against the risk management plan on three levels: 1 – Has the plan been implemented appropriately? 2 – Is the overall residual risk acceptable? 3 – Are production and post-production information collection methods implemented? The summation of answers to these questions becomes your risk management report, which is part of your larger risk management file. The report documents the conduct and results of your risk […]

» Read more

Medical Device Risk Control and Risk Management Tools

A big portion of risk management is evaluating and reducing risk. However, sometimes the likelihood of harm resulting from a hazard is quite low and mitigating that hazard may not provide any tangible reduction in risk – in fact, it may diminish your device’s benefits. Here’s a quick example. Let’s say you produce a blood glucose meter. To improve visibility, you consider making the display color. However, doing so would introduce a new hazard: color screens require more power, and […]

» Read more

Creating a Medical Device Risk Management Plan and Conducting a Risk Analysis

Your risk management plan outlines the process of how you will conduct risk management for a particular device, and it becomes part of your risk management file. Importantly, the process should be repeated throughout the life cycle of the device. The overall risk management process usually is documented in a general procedure containing common risk management activities for all devices. Then one or more individual risk management plans “personalize” the content of the procedure to provide more exact details for […]

» Read more
1 2 3