The ways of applying ISO 14971, IEC 62304 and IEC62366-1 to medical device software

The ways of applying ISO 14971, IEC 62304 and IEC62366-1 to medical device software 3

Diligence, complete and proper examination and assessment of the gaps, and correction of the gaps right from the very start of product development are the core characteristics that need to go into implementing risk management of software used in medical devices.

These are the reasons for it:

  1. Lack of proper and complete implementation and gaps in them lead to major drawbacks such as production delays or deficiencies. Getting the necessary regulatory certification or approval or both for such products is almost impossible

 

  1. Because of the inseparable bond between most activities and the development lifecycle; a medical device manufacturer will find it extremely difficult to separate any single activity and perform it with retroactive effect after a gap is detected. The detection of gaps in the midway stage of production neutralizes all the activities performed till then, causing the company to have to start from the beginning, no matter at which stage the gap is detected. The delays and cost overruns from such a scenario are extremely high.

Is there a way out? Yes. Embedding software risk management into the bigger scope of overall risk management is the solution. This is the cure to defective product development. This is why companies need to implement globally applicable standard requirements such as ISO 14971 and IEC 62304. These are important guidelines for helping medical device companies overcome the impediments associated with risk management of software used in medical devices.

Regulatory agencies around the world expect medical device companies to implement these global standards, which make risk management mandatory to almost any activity in the medical device industry.

The IEC 62366-1: 2015

The ways of applying ISO 14971, IEC 62304 and IEC62366-1 to medical device software

There is also the IEC 62366-1: 2015 in addition to ISO 14971 and IEC 62304. The IEC 62366-1: 2015 specifies a process that a manufacturer has to use to consider, state, develop and assess the safety aspect of the usability of a medical device. It relies on human factors engineering in its usability process to help the manufacturer in evaluating and mitigating the risks associated with normal use, for which correct use and use errors are taken into consideration. The IEC 62366-1: 2015 standard is used for identifying, assessing or mitigating risks associated with normal use, but not abnormal use.

Getting it right from beginning till the end

The ways of applying ISO 14971, IEC 62304 and IEC62366-1 to medical device software1

It is necessary for medical device companies to implement the regulatory requirements set out in ISO14971 and IEC62304, as well as IEC 62366-1: 2015 standards that deal with risk management of software used in medical devices in the right manner to get regulatory approvals and meet quality standards.

How do medical device companies do this? This is what a seminar that is being organized by GlobalCompliancePanel, a popular provider of professional trainings for the regulatory compliance areas, will teach. The course Director, Markus Weber, Principal Consultant with System Safety, Inc., who specializes in safety engineering and risk management for critical medical devices, will explain the ways of designing, implementing and testing critical medical device software in a regulatory compliant environment.

To register for this learning, please visit The ways of applying ISO 14971, IEC 62304 and IEC62366-1 to medical device software. This course has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion.

The requirements of globally applicable standards

The requirements set out by international consensus, reflected in globally applicable standard requirements such as ISO14971 and IEC62304, which has led to risk management being a mandatory component of almost any activity in the medical device industry, will be explained.

Since embedding software risk management into the larger framework of overall risk management is a critical aspect; this will form the basis of this seminar. Markus will explain all the steps needed to design, implement and test vital medical device software in a regulatory compliant environment in a way that adheres to the principles of risk management. He will also take up system level risk management and the ensuing interfaces to software.

A look at the safety case method

A well-established method used to collect and consolidate all safety related information together in one location is what is called the ‘Safety Case’ or ‘Assurance Case’ document. This step has the purpose of helping in comprehensively summarizing all the risk related activities and demonstrate the safe properties of a device.

The FDA currently requires this method for only infusion pump submissions. But it hoped that this system of documentation will become standard practice across all devices that come up for approval in the future. Markus will offer an introduction to the basic concepts and content of safety assurance cases. He will also describe their utility for internal and external review of safety related information.

Applying risk management principles in practice

The Director of this seminar will lace the session with real-life examples and proven tips. The aim is to help participants derive the benefits of the practical application of risk management. The system level issues of risk management will be explained, along with the increasingly important software-related issues of critical systems.

An assurance case, which will be introduced at this seminar, will be an add-on in making the effort needed for designing, implementing and verifying a safe device transparent. One of the outcomes of this two-day learning is that participants will be able to comply with regulatory requirements at a much lesser cost and with reduced spending on resources.

 

 

Seminar Calendar of Upcoming Courses – June to July – 2017

Upcoming-Courses-for-French-Circles-Club

GlobalCompliancePanel’s seminars are a wonderful opportunity for professionals in the regulatory compliance areas to understand the latest happenings and updates in the regulatory compliance areas and to implement them, something they need to climb in their professions. GlobalCompliancePanel brings together a few of the best recognized names in the field of regulatory compliance on its panel of experts. The result: Learning that is effective, valuable and helpful.

GlobalCompliancePanel’s experts help you unravel all the knowledge you need in all the areas of regulatory compliance. At these seminars which are held all over the globe, you get to interact with them in person, so that any doubt or clarification you have is sorted out by none other than the honcho. They help professionals like you implement the regulations and stay updated, so that regulatory compliance causes no stress for you.

GlobalCompliancePanel’s experts offer their insightful analysis into the issues that are of consequence to regulatory professionals in their daily work. Their thoughts help you implement the best practices of the industry into your work. They also offer updates on the latest regulatory requirements arising out of a host of the laws and issues related to regulatory compliance, including, but not limited to medical devices, food and beverages, pharmaceuticals, life sciences, biotechnology and pharmaceutical water systems.

Take a look at our upcoming webinars from GlobalCompliancePanel, which will put you on the road to learning about any area that is of importance to your profession. You can plan your learning from GlobalCompliancePanel by looking at our seminars in the next few weeks at locations of convenience to you. You can choose from a whole range of topics. See which among these trainings suit you: Design of Experiments (DOE) for Process Development and Validation, Writing and implementing effective SOP’s, new FSMA rules, risk management and device regulations, data integrity, combination products, and what have you!

Contact us today!
NetZealous LLC DBA GlobalCompliancePanel
john.robinson@globalcompliancepanel.com
Toll free: +1-800-447-9407
FAX : 302 288 6884
Website: http://bit.ly/Courses-June-to-July-2017

GlobalCompliancePanel announces Seasonal offers for Professionals with Flat 50% OFF on all Seminars

9ad816e7329ad74d53132accd3156c40

Do celebrations need a cause and a reason? Yes, and GlobalCompliancePanel, a leading provider of professional trainings for the regulatory compliance areas, is having a solid cause and reason for doing so. It is celebrating the many years of its relationship with its customers spread all over the world by offering its trainings at a massive 50% discount!

Yes, that is right. GlobalCompliancePanel’s seminars will be available for a huge 50% discount till April 30. Regulatory professionals who want to augment their knowledge of regulatory compliance can now do so by paying just half the price of these trainings from GlobalCompliancePanel. All that is needed to do walk away with a rare offer such as this is to visit https://www.globalcompliancepanel.com/seminar?wordpress_SEO and use MGCP50 Promo Code.

This offer is valid till April 30, 2017. Regulatory professionals who want to take any of GlobalCompliancePanel’s trainings can book their trainings for an area of their interest by this date. From April 1 onwards, this offer will cease, meaning that the original price will apply from then.

So, why is GlobalCompliancePanel offering this discount? It is for a simple, but profound reason: It wants to thank its huge customer base for the support they have been extending to this company over the many years for which it has been in business. During the course of the 10 years for which GlobalCompliancePanel has been in business, it has trained thousands of regulatory compliance professionals from around the world.

These professionals, belonging to such varied geographies as the US and Japan and India and Canada, have been able to meet their regulatory compliance challenges on account of these trainings. These trainings are relevant, focused and valuable, and are from some of the best known regulatory compliance Experts found anywhere on this planet.

It is these trainings that have been hoping these professionals in the regulatory compliance arena gain more insights into regulations from the FDA, the EMA and other such bodies around the world. These trainings have been consistently helping them to meet these challenges, as they give them a better and sharper understanding of the implementing these requirements.

These regulatory requirements can pose hurdles to the most experienced and brightest of regulatory compliance professionals in the medical devices, pharmaceutical, life sciences and food and biologicals areas, but not to those who undertake professional trainings from GlobalCompliancePanel. GlobalCompliancePanel’s panel of experts is here to help them overcome these challenges and hurdles.

This trend has been being witnessed from the time GlobalCompliancePanel entered the line of professional trainings. Any wonder then, that no fewer than 50,000 professionals have benefited from these trainings? What could be a better way of thanking such a huge base of customers than with this offer? GlobalCompliancePanel believes that a celebration should also be useful, and this is that this offer is!

Hurry up and enroll today. Happy learning!

 

 

Applying ISO 14971 and IEC 62304 to medical device software

158245439.jpg

Risk management of software used in medical devices has to be implemented diligently, completely and correctly, scrutinizing the gaps thoroughly and correcting them right from the very start of product development. This is critical because of the following reasons:

  1. Medical products that have gaps or are implemented incorrectly or incompletely suffer serious ailments such as impediments or delays in production. Further, such products fail to get the required certification and/or approval;
  2. Given the close linkage between most activities and the development lifecycle; almost no activity can be isolated and performed with retrospective effect after detection of a gap. As a result, all the activities performed till the identification of gaps become unproductive and redundant. When this happens, the company has to start from the beginning, irrespective of the stage at which an anomaly gets detected, incurring huge delays and cost overruns.

The solution to these problems is to embed software risk management into the bigger scope of overall risk management. This is the only real solution to problems associated with faulty product development. Globally applicable standard requirements such as ISO14971 and IEC62304 are major guidelines that help medical device companies get the risk management of software used in medical devices right. These standards have made risk management central to and a mandatory component of almost any activity in the medical device industry.

Getting it right from start till finish

Regulatory requirements set out in ISO14971 and IEC62304 standards that deal with risk management of software used in medical devices need to be implemented in the right manner, if medical device companies have to clear regulatory hurdles and meet quality standards. Expert professional trainings that help them do this will give them an understanding of how to design, implement and test critical medical device software in a regulatory compliant environment.

All these will be part of a learning session that is being organized by GlobalCompliancePanel, a very well-known provider of professional trainings for the regulatory compliance areas. This two-day, live seminar will have Markus Weber, Principal Consultant with System Safety, Inc., who specializes in safety engineering and risk management for critical medical devices, as the course Director.

To gain the benefit of expert training from the Director of this seminar; please visit http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900750?wordpress_SEO  to register.

Globally applicable standard requirements

Markus will explain the requirements set out by international consensus, reflected in globally applicable standard requirements such as ISO14971 and IEC62304, which has led to risk management being a mandatory component of almost any activity in the medical device industry.

Since the need to embed software risk management into the bigger scope of overall risk management is a critical aspect; Markus will introduce all the steps needed for designing, implementing and testing core medical device software in a regulatory compliant environment, even as they adhere to the principles of risk management. Another important learning Markus will impart is system level risk management and the resulting interfaces to software.

The safety case method

A well-established method for collecting and consolidating all safety related information together in one location, so that all risk related activities are comprehensively summarized, and the safe properties of a device demonstrated, is what is called the ‘Safety Case’ or ‘Assurance Case’ document.

Although as of now, the FDA requires this method for only infusion pump submissions; this system of documentation is almost certain to become standard practice in the future across all devices that come up for approval. At this course, Markus Weber will introduce the basic concepts and content of safety assurance cases. He will also explain and illustrate their utility for internal and external review of safety related information.

Tips for practical application of risk management principles

Real-life examples and proven tips and tricks that make the application of risk management practical and beneficial will be offered at this webinar. The Director will describe the system level issues of risk management as well as the increasingly important software related issues of critical systems.

He will introduce the concept of an assurance case to make the combined effort needed to design, implement and verify a safe device transparent. An important outcome of this learning is that it will help participants to meet and comply with regulatory requirements with highly lessened overheads and resource burdens.

Risk Management Seminar for Applying ISO14971 and IEC62304

 

Course “Applying ISO14971 and IEC62304 – A guide to practical Risk Management” has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion.

Overview:

Gaps, incorrect or incomplete implementation of safety functionality can delay or make the certification/approval of medical products impossible. Most activities cannot be retroactively performed since they are closely linked into the development lifecycle. Diligent, complete and correct implementation of risk management from the start of product development is therefore imperative. This course will introduce all necessary steps to design, implement and test critical medical devices in a regulatory compliant environment. This course will additionally address the software risk management and the resulting interfaces to device level risk management.

To comprehensively summarize all risk related activities and to demonstrate the safe properties of a device the ‘Safety Case’ or ‘Assurance Case’ document is a well-established method to collect all safety related information together in one place. This documentation will most likely become mandatory for all devices (currently only required for FDA infusion pump submissions). This course will introduce the basic concepts and content of safety assurance cases and will illustrate the usefulness for internal and external review of safety related information.

Who Will Benefit:

The course will introduce the main elements of risk management with emphasis on the application of risk management principles and requirements to the medical device development cycle. Risk management has become the method of choice to ensure an effective and safety oriented device development. International consensus, reflected in globally applicable standard requirements, has led to risk management being a mandatory component of almost any activity in the medical device industry.

The course will emphasize the implementation of risk management into the development and maintenance process. It will use real-life examples and proven tips and tricks to make the application of risk management a practical and beneficial undertaking. This seminar will address the system level issues of risk management as well as the increasingly important software and usability related issues of critical systems. It will help to comply with regulatory requirements with minimized overhead and resource burden. To make the combines effort to design, implement and verify a safe device transparent the concept of an assurance case will be introduced.

The course is mainly based on international consensus requirements such as ISO14971, IEC62366 and IEC62304. It will cover European (MDD), US (FDA) and international risk management requirements from a regulatory and practitioner’s perspective.

Following personnel will benefit from the course:

  • Senior quality managers
  • Quality professionals
  • Regulatory professionals
  • Compliance professionals
  • Project managers
  • Design engineers
  • Software engineers
  • Process owners
  • Quality engineers
  • Quality auditors
  • Medical affairs
  • Legal Professionals

Agenda:

Day 1 Schedule:

 

Lecture 1: Introduction into Risk Management and Quality System Integration

  • Why risk management?
    • Historical perspective
    • International regulatory / statutory requirements
  • Risk Management Lifecycle and stakeholders
    • Over-reaching concept
    • Integration into ISO13485
    • Lifecycle steps
  • Risk Management Benefits
    • Liability issues
    • Streamlining product development
    • Improving product safety and quality
  • How to Implement Risk Management into ISO13485
    • SOP framework
    • Planning and execution
    • Monitoring and control

Lecture 2: Risk Management to ISO 14971:2012

    • Risk Management Planning
    • Risk Management Life Cycle
    • Hazard Identification
      • Hazard Domains
      • Hazard Latency Issues
      • Risk Rating Methods
    • Initial (unmitigated) Risk Assessment
    • Mitigation Strategies and Priorities
    • Mitigation Architectures
      • Alarm Systems as Mitigations
      • Risk Control Bundles
    • Post Mitigation Risk
    • Residual Risk
      • Safety Integrity Levels
    • European special requirements (Z-Annexes)
    • Safety Requirements
    • Hazard Mitigation Traceability
    • Verification Planning
    • Architectures, Redundancy and Diversity
    • Failure Mode and Effect Analysis
    • Tips and Tricks
    • Q&A

Day 2 Schedule:

 

Lecture 1: Usability and Risk Management

  • Use errors as hazard source
  • User intervention as hazard mitigation
  • Usability engineering lifecycle
  • Application specification
  • Usability Specification
  • Frequently used functions / primary operating functions
  • Usability verification / validation
  • Upcoming changes IEC62366:2014

Lecture 2: Software Risk Management (IEC62304 / FDA software reviewers’ guidance):

  • Critical Software Issues
  • Software Hazard Mitigation Strategies
  • Software Item, Unit and System Definition
  • Software Failures as Hazard Sources
  • Software Requirements and Design Specification
  • Software Tools and Development Environment

Lecture 3: Software Risk Management (IEC62304 / FDA software reviewers’ guidance):

  • Software Unit and Integration Testing
  • Real-Time System Challenges
  • Software Verification and Validation
  • Mitigation Traceability and Effectiveness
  • Software Maintenance and Configuration Control
  • Software Risk Management Process integration into ISO14971
  • Legacy Software issues
  • FDA documentation requirements
  • Upcoming changes in IEC62304:2014
  • Tips and Tricks

Lecture 4: Safety / Assurance case

  • Safety classes
    • Basic Safety / Environment
    • Essential performance
  • Documentation of Basic Safety
    • Electrical Safety
    • Mechanical Safety
    • EMC / RFI safety
    • Safety margins
  • Documentation of essential performance
    • What is essential performance?
    • Device architectures and mitigation allocation
    • Device specific mitigations
    • Software mitigations
  • External safety
    • User intervention and alarms
    • Organizational measures
    • Levels of protection concept
  • Verification of safety properties
    • Type testing
    • Sample testing
    • Software verification testing
    • Inspections
    • Analyses
  • Assurance case vs. Risk Management Report
    • General safety and hazard avoidance
    • Device / application specific issues
  • Tips and Tricks
  • Q&A

Speaker:

Markus Weber

Principal Consultant, System Safety Inc. 
Markus Weber, Principal Consultant with System Safety, Inc., specializes in safety engineering and risk management for critical medical devices. He graduated from Ruhr University in Bochum, Germany with a MS in Electrical Engineering. Before founding System Safety, Inc., he was a software safety engineer for the German approval agency, TUV. Since 1991, Mr. Weber has been a leading consultant to the medical device industry on safety and regulatory compliance issues, specifically for active and software-controlled devices. In conjunction with the FDA, he has published works on risk management issues and software-related risk mitigations. Mr. Weber has helped multiple companies, from startups to Fortune 500 firms.

Location: Zurich, Switzerland Date: May 18th & 19th, 2017 and Time: 9:00 AM to 6:00 PM

 

Venue: Hilton Zurich Airport

Address: Hohenbuhlstrasse 10, 8152 Opfikon-Glattbrugg, Switzerland

 

Price:

 

Register now and save $200. (Early Bird)

Price: $1,695.00 (Seminar Fee for One Delegate)

Until April 10, Early Bird Price: $1,695.00 from April 11 to May 16, Regular Price: $1,895.00

Register for 5 attendees   Price: $5085.00 $8,475.00 You Save: $3390.00 (40%)*

 

Quick Contact:

NetZealous DBA as GlobalCompliancePanel

Phone: 1-800-447-9407

Fax: 302-288-6884

Email: support@globalcompliancepanel.com

Website: http://www.globalcompliancepanel.com

 

Registration Link – http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900892SEMINAR?channel=mailer&camp=seminar&AdGroup=wordpress_May_2017_SEO

Follow us on LinkedIn: https://www.linkedin.com/company/globalcompliancepanel

 

 

ISO 14971: 2012 and IEC 62304: 2006 mitigate risks in medical device software

ISO 14971:2012 and IEC 62304:2006 are related but different global standards for risk management pertaining to software used in medical devices. Judicious application of these two standards is the way to go for medical device companies.

ISO 14971 and IEC 62304:2006 are global standards that govern risk management and lay out regulations and guidelines for software used in medical devices. The need for regulation of software in medical devices arises from the fact that software is the heart of a medical device. It is the medical device’s software that ensures that the device performs its intended purposes. Hence regulation is of utmost importance to enable medical device and software organizations facilitate this in their products.

The ISO 14971: 2012 -a brief understanding

  • The primary aim of ISO 14971, the global regulatory compliance standard is to ensure that a medical device carries medical safety into it
  • This standard requires medical device manufacturers to undertake steps and measures by which they can foresee and eliminate risks in a medical device in the optimal manner
  • Taking off from the above point, ISO 14971 requires medical devices to take steps to at least mitigate risks to the best extent. The ISO 14971standard prescribes the processes necessary for enabling this.

The ISO 14971’s update in 2012

In 2012, the ISO carried out an update to the application of this standard within the European regulatory framework. This amendment to ISO 14971: 2012 is at the periphery and not at the core. Annex ZA is the main area in which this standard has been updated:

The use of the “As Low as Reasonably Practicable” (ALARP) approach is from now excluded in the risk acceptance process. This standard proscribes labelling as a risk control measure that can play a role in decreasing risk occurrence.

The IEC 62304:2006

The requirements for medical device software’s life cycle are stated in IEC 62304:2006. This standard’s group of activities, processes and tasks creates a common basis for the software life cycle processes in a medical device.

When it comes to the risk management aspect, IEC 62304:2006 supplements and strengthens ISO 14971. If ISO 14971 is the global standard for the development of medical software; IEC 62304:2006 standard is concerned with medical device software and their software lifecycle processes.

The following tripod of software-related issues forms the IEC 62304:2006’s foundation:

These three attributes form the backbone of the test of a medical device company’s successful compliance with the regulatory requirements. For a medical device company to be successful in applying ISO 14971:2012 and IEC 62304:2006; it has to implement a cross-standard and resourceful way of integrating activities covering these requirements documents.

Read More

Ways of conducting a hassle-free internal and supplier audit for medical devices

Carrying out efficient and effective internal and supplier audits that meet all the requirements of external auditors is a must for medical device manufacturers. These audits should not only serve this purpose; they should also add value to the medical device organization.

Part of both ISO 13485 and QMS

Internal audits are required as part of ISO 13485 and the FDA’s Quality System Regulation (QMS). However, these procedures are quite complicated for many professionals in the medical device industry.  They are often confusing and cumbersome, mainly because of the jargon and regulatory language they contain. Many organizations find it difficult to get the import of these words while wading through them all the way to a successful internal audit.

quality-management

A tad complicated

Another couple of complicating factors come into play: Since the FDA does not look at the content of internal audits; many medical device organizations do not get feedback on the true effectiveness of their internal audit system from the FDA during the time of FDA inspections.

images-1

Secondly, while on the other hand ISO 13485 auditors do look at internal audits; they are most concerned with the process. For them, a proper definition of a process that meets the requirements of the standard and the assurance that the company is following these are more important than anything else.

Auditor training is necessary

Both these regulations require that the medical device manufacturer define Auditor training. But there is a catch, because auditor training sometimes just requires reading the company’s procedure, while most external auditors will look for more than this.

medical-device3

How does a medical device company extricate itself out of this quagmire? The solution to all these vexing questions will be offered at a two-day seminar from GlobalCompliancePanel, a globally known provider of regulatory compliance trainings.

At this seminar to enroll for which you need to just log on to http://www.globalcompliancepanel.com/control/globalseminars/~product_id=900601SEMINAR; the Director, Betty Lane, who is Founder and President, Be Quality Associates, LLC, will explain all the issues relating to these aspects of external and internal supplier audits, in a way that is comprehensible and easy to implement.

In the process of explaining what makes for efficient and effective internal and supplier quality systems auditing for medical devices; she will also offer an explanation of best practices for creating and managing a value-added auditing process that will meet both company business needs and regulatory requirements.

At this seminar, which has been pre-approved by RAPS as eligible for up to 12 credits towards a participant’s RAC recertification upon full completion; Betty will get participants to review all the quality management system requirements of FDA and ISO 13485 and then allow them to learn how to set up and manage an audit system that complies with these requirements, yet is risk-based so that their organization makes the most efficient use of auditing resources for both internal and supplier audits.

compliance2

She will also include interactive exercises at this two-day session, which will help to strengthen the fundamentals of conducting and documenting quality system audits. The auditing principles taught in this seminar will be based on ISO 19011:2011 Guidelines for auditing management systems.