FDA Part 11 for Medical Device Manufacturers: Are You Complying With These Four Critical Requirements?

The first paragraph of 21 CFR Part 11 seems disarmingly straightforward. It says: “The regulations in this part set forth the criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.” So simple…or so it seems. But as you are discovering, the “devil is in the details.” The Top Four Part 11 Compliance Requirements for Medical Device Companies […]

» Read more

Overview of Medical Device Cybersecurity Standards and Guidance Documents

If you are fairly new to cybersecurity compliance and have done some research online, you probably quickly noticed that there is a mind-boggling array of overlapping guidance and regulations. Deciphering their relevance to your device can be as confusing as the topic itself. Yet, making sense of your cybersecurity risk obligations starts with understanding which of these documents are “nice to have” versus “need to have.” To help you better understand the cybersecurity compliance landscape, we have created a list […]

» Read more

FDA Medical Device Cybersecurity: Understanding Your Basic Regulatory Requirements

A cyber-attacker gains access to a care provider’s computer network through an e-mail phishing trap and assumes command of a file server to which a heart monitor is attached. While scanning the network for devices, the attacker takes control (e.g., power off, continuously reboot) of all heart monitors in the ICU, putting multiple patients at risk. It defies logic why a hacker would want to intentionally harm patients, but this type of threat is definitely not science fiction. It is […]

» Read more

FDA and EU Risk Requirements for Medical Device Software & SaMD

In our first post we talked about international risk management standards and guidance applicable to medical device software, including the ISO 14971 and IEC 62304 standards. In this post we will discuss specific compliance requirements in the US and Europe for medical device software paired with hardware, and stand-alone Software as a Medical Device (SaMD). Requirements for software risk management in Europe ISO 14971 and IEC 62304 are international standards intended to help you meet regional requirements, such as those imposed […]

» Read more
1 2