EU MDR CER and EU IVDR PER for Software:
Understanding MDCG 2020-1

The EU Medical Device Regulation (MDR 2017/745) and EU In Vitro Diagnostic Regulation (IVDR 2017/746) put forward a multitude of challenges, chief among them the process of clinical evaluation. For medical device and IVD companies making products that incorporate software, the question of how much clinical evidence to gather can be perplexing. Rest assured that you are not the only one scratching your head. Many are apprehensive about how Notified Bodies will evaluate clinical evaluation reports (CER) or IVD performance […]

» Read more

FDA Part 11 for Medical Device Manufacturers: Are You Complying With These Four Critical Requirements?

The first paragraph of 21 CFR Part 11 seems disarmingly straightforward. It says: “The regulations in this part set forth the criteria under which the agency considers electronic records, electronic signatures, and handwritten signatures executed to electronic records to be trustworthy, reliable, and generally equivalent to paper records and handwritten signatures executed on paper.” So simple…or so it seems. But as you are discovering, the “devil is in the details.” The Top Four Part 11 Compliance Requirements for Medical Device Companies […]

» Read more

Overview of Medical Device Cybersecurity Standards and Guidance Documents

If you are fairly new to cybersecurity compliance and have done some research online, you probably quickly noticed that there is a mind-boggling array of overlapping guidance and regulations. Deciphering their relevance to your device can be as confusing as the topic itself. Yet, making sense of your cybersecurity risk obligations starts with understanding which of these documents are “nice to have” versus “need to have.” To help you better understand the cybersecurity compliance landscape, we have created a list […]

» Read more

FDA Medical Device Cybersecurity: Understanding Your Basic Regulatory Requirements

A cyber-attacker gains access to a care provider’s computer network through an e-mail phishing trap and assumes command of a file server to which a heart monitor is attached. While scanning the network for devices, the attacker takes control (e.g., power off, continuously reboot) of all heart monitors in the ICU, putting multiple patients at risk. It defies logic why a hacker would want to intentionally harm patients, but this type of threat is definitely not science fiction. It is […]

» Read more
1 2