The growth of the medical software industry outpaces the design of FDA’s regulatory process. In some instances clinicians have weighed the risk of software failure against the benefits of using a device at all. Device software is often used in conjunction with other software-based devices, but their interoperability was never anticipated.
- How can you anticipate and defend against the malicious remote hacking and shut down of an insulin infusion pump?
- Can one software program defeat the performance capability or back up safety features of another software program?
- When interoperability surface, which software manufacturer takes the lead to solve the problem and deal with proprietary software issues?
This seminar will focus on addressing these concerns and educating participants on FDA’s recent medical device software regulation strategies.
Seminar instructor Casper Uldriks is an ex-FDA official who has spent 32 years with the FDA. His engagements focus on advertising and promotion, recalls, corrections and removals and enforcement. He currently trains FDA personnel and counsels clients on wide range of topics, including: FDA inspections; import operations; advertising and promotion; corrective and preventive actions; medical device reporting and corporate reorganization to improve conformance to FDA’s requirements.
The medical device trade and healthcare professionals remain plagued by other issues, such as the interoperability of devices from different manufacturers, or software validation that is limited to the immediate use of the software rather than its performance with other software programs, and software hacking protection applications. In case of software malfunction, fixing the malfunction or bug can get more difficult as software gets increasingly sophisticated, customized by users and placed in a network system. Under these circumstances, it is difficult to decide who is responsible for managing and fixing software problems.
This seminar will help those involved in overcoming these commercial and regulatory obstacles. It will highlight the need for firms to remain current with technological tools and strategy to remain competitive, and ideally, outside FDA’s regulatory radar. Going further, it will instruct participants on how to apply these tools and strategies to ensure the following factors:
- Software functionality
- Risk identification
- Software protection
- Problem detection
- Response strategy
For those who have addressed these issues to meet FDA’s regulatory expectations, the course instructor, a former FDA official, will help identify a basic centering point to build a regulatory profile for your software products.
- Understanding FDA legal authority
- Applying FDA classifications / risk controls
- Understanding FDA and NIST software guidance
- Identifying the quality system regulation for risk management, software verification and validation
- Identifying cybersecurity issues and developing a planned response
- Identifying and resolving interoperability issues
- Figuring out the scope of FDA’s mobile apps regulation
- Learning about bug updates classified as recalls by FDA
- Future device software applications
Who will Benefit:
- Regulatory Affairs Managers
- Quality Assurance Managers
- Software Design Engineers
- Manufacturing Managers
- Compliance Department Personnel
- Hospital Risk Department Personnel
- Software Program Marketers
- IT Security Managers
- Marketing Personnel
The development and application of medical device software expands faster than can be managed by one federal agency. Although FDA relies on its own experience and expertise, input from other federal organizations, voluntary standards organizations and partnerships with industry has become a collaborative effort. At the same time, the device software industry needs to look beyond FDA itself to understand where FDA will eventually go in regulating software.
The evolution of software has created unprecedented progress and unprecedented risks to the public. The management of the unprecedented risks requires the device industry to rely on more than just FDA’s guidance to comply with its regulatory expectations. FDA can expect developers to apply voluntary standards, such as ANSI, AAMI, IEC and ISO, all of which provide information on software verification and validation. The National Institute of Standards and Technology (NIST) has taken a leading role in publishing reports concerning the benefits and risks of third-party mobile applications. FDA has partnered with NIST in this effort. Likewise, NIST has published a report on cybersecurity management and wireless technology.
FDA recently published a draft guidance to help the industry address software issues in premarket submissions. The guidance sets out a baseline from which to show the adequacy of the software, but it is not an endpoint for you. Are you prepared to integrate and apply new software risk management tools for your devices?
FDA’s risk classification will gradually clarify how it intends to manage the health risks. Risk factors include areas such as the following:
- Mobile medical apps
- Home use
- Remote use
Software problems represent one of the most common root causes for recalls and have been associated with deaths and serious injuries as well. FDA sees firms revise software only to have it create more problems rather than solve them. The infusion pump industry is a classic example.