Risk management is a regulatory requirement for safety-critical products. Without compliant risk management most of these products cannot reach their users. With more and more software in safety critical products like medical devices or cars, software developers now also have to manage the risks during the development to ensure the safety of these products. The […]
How to Set Page Level Restrictions in Confluence?
In our previous blog posts we have described the Confluence Server level access and Space access and will focus on page level restrictions in this blog post. You can get lots of benefits while knowing a few simple tricks about page restrictions. What are page restrictions and why should I use it? According to Atlassian, […]
How to Secure your Documents in Confluence?
This short post will provide you insight into taking control over your document management in Confluence Server. This post is not going to touch regular security policies like VPN, firewalls, security policies and ohter things that are outside of the Confluence Server. In other words, all the really technical things are left out and we […]
IEC 60601 – Essential Performance, Safety and Risk Management
IEC 60601 is a series of technical standards for the safety and essential performance of medical electrical equipment. Although if focuses primarily on electromechanical devices, it also applies to aspects of the software components. It is a widely recognized standard that most, if not all, medical device companies have to comply with. The concept of […]
New Features of SoftComply Risk Manager and Risk Manager Plus for Jira Server Users
We are happy to introduce to you a few new features of the SoftComply Risk Manager Plus and SoftComply Risk Manager Server version. User-Enabled Sorting of Data in the Risk Management Table Data in the risk management table has so far been automatically sorted – the sorting algorithm starts from the left most column in […]
How to control your electronic Quality Management System in Confluence
In order to have a safe, traceable and manageable Quality Management System in Confluence we need to first take care of our user management. Controlled actions performed by the right people is the cornerstone of developing a safe product. Let’s first review a few definitions, we will then describe the goal of Quality Management System […]
What is Software Tool Validation?
Modern medical device regulations are putting more and more emphasis on the management of software tools. These tools are software packages that are not part of the medical devices themselves, but support the device during its lifecycle. Nowadays companies use dozens of applications, ranging from accounting tools to email clients to software compilers. Of course […]
What is FMEA?
FMEA stands for Failure Modes and Effects Analysis, it is a step-by-step approach for identifying all possible failures in a design, a manufacturing or assembly process, or a product or service. From ISO 14971: “FMEA is a technique by which the consequences of an individual fault mode are systematically identified and evaluated. It is an […]
Hazard Analysis & FME(C)A on Jira – SoftComply Risk Manager PLUS is out now!
We are happy to inform you that our Risk Management solution for Jira has gotten an upgrade for Jira Server users – the SoftComply Risk Manager Plus focusing specifically on safety-critical product/device/system risks. SoftComply Risk Manager Plus supports both Hazard Analysis as well as FME(C)A, including FME(C)A with Detectability and RPN (Risk Prioritization Number). Although […]
The Importance of IEC 62304 Compliance Part 2
Following up on our first blog post on how to become a trusted software supplier to established medical device manufacturers with the help of IEC 62304, we will now shed some light on specific clauses and requirements of that standard. IEC 62304:2006/Amd 1:2015, 4.3 – Software Safety Classification The 2015 amendment provides more clarity on […]
Manual Versioning of Risks with SoftComply Risk Manager
For tracking changes in risk management over time you might want to have versioning of your risk management table and risk reports. In other words, you may want to take a snapshot of the current status of your risks for an audit, archive that status and continue managing these risks in real time. Below is […]
The Importance of IEC 62304 Compliance
IEC 62304 outlines the guiding principles for the development of medical software. It is the gold standards for medical device companies, but its importance goes beyond legal manufacturers and established medical software suppliers. In the vast majority of cases, software embedded in a device (or a device itself) use abundant OTS (Off The Shelf) code, […]
How to Become Compliant on Jira and Confluence with Comalatech and SoftComply
Written together with Mike Rink of Comalatech Until recently, the Medical Device industry was comprised of a handful of large and well-established hardware manufacturing organizations. As those devices have become more software-driven, so too have software development companies begun working closer with the medical device manufacturers. In addition to supplying software to those manufacturers, these […]
Don’t be a ”victim” of your Quality System, but instead use it to achieve your objectives!
“If you can’t beat them, join them!” If your company has decided to enter the medical device market, and you are in charge of making this transition, one of the things you will have to implement sooner or later is a compliant quality system. It is not going to be an easy job, but on […]
What is a Risk Mitigation Requirement and How to Write It?
Medical device risk mitigation actions aim at reducing the occurrence and/or the severity of the potential harm. Risk mitigations are equivalent to requirements. But unlike requirements coming from user needs or other higher level requirements, risk mitigations need special attention. Of course “Requirements shall be complete, unambiguous, able to be verified or validated, and not […]
What is Probability of Failure of Medical Device Software?
One of the more controversial requirements of IEC 62304 is the probability of failure of medical device software during Risk Analysis. EN 62304:2006 paragraph 4.3 “Software Safety Classification” states “If the HAZARD could arise from a failure of the SOFTWARE SYSTEM to behave as specified, the probability of such failure shall be assumed to be […]
What is a Technical File?
The Technical File is a dossier required for marketing a medical device in Europe (a.k.a. receiving the CE mark). For Class III devices, this is called Design Dossier and has a few additional requirements. The Technical File is intended to show compliance with the applicable MDDs ( Medical Device Directives, the EU regulatory framework for […]
Agility in Regulated Domains – Partnership between PEDCO and SoftComply
Dublin, Ireland on February 27, 2018 As of today, SoftComply announces the partnership with PEDCO . PEDCO and SoftComply will work together in fostering the growing numbers of Applied SAFe customers; where PEDCO delivers its own product Applied SAFe® and SoftComply helps with our tools and knowledge in order to achieve full product compliance for […]
Building a Self-driving Car or an Airplane? Get Risk Management Help from Medical Device Industry!
All businesses are familiar with risk management, be it strategic business risks, financial risks, project risks, products risks or any combination of these that they are managing. Most product development projects include managing product risks to ensure that the product works as envisioned within the range of acceptable risk. For safety-critical products such as cars, […]
Risk Management for Health IT Systems
Although most, if not all, of the IT systems used in Hospitals do not fall into the category of medical devices themselves there are a lot of similarities between the two. Many hospitals in the US are already undergoing extensive IT expansion, so than most of the medical devices can be linked to the main […]
What are Medical Device Regulations?
Software in the Medical Device Regulations World A lot has already been said regarding the new classification of software under the Medical Device Regulations. Scaremongering and rumours are already running wild, as if any Step Counter app would now be on the same level as the firmware of an implantable pacemaker. Let’s try to […]
Risk Management for JIRA. Why?
Compliant Risk Management is a mandatory regulatory requirement for companies in medical device and other safety-critical domains. It is a specific aspect of safety-critical system development that requires linking risks to system/software design and testing to ensure the system is safe to use. Various standalone solutions exist today for safety-critical system developers that help automate […]
How to Customize your Product Risk Matrix in Atlassian Jira
With SoftComply Risk Manager , you will work with a fully customizable Risk Matrix to identify, evaluate, mitigate and verify your product risks. SoftComply Risk Manager automatically generates Risk Matrices and Risk Reports! SoftComply Risk Manager is an add-on for Atlassian Jira – try it out for free for a month from Atlassian Marketplace.
FME(C)A or FMEA?
FMEA or FMECA? Criticality or not? Which one is better? Which one should you use? The answer is simple: it depends. You are probably fed up with the “it depends” answers you get in this sector. But in this case it means “It depends on YOU”. First the compliance bit: there is no requirement, in […]
FDA, Compliance and the Cloud
Cloud based tools have a lot of appeal for small companies and startups: no need for IT infrastructures, servers, IT management, recovery plans, backups and so forth. The use of cloud tools has always been a bit of a challenge in regulated environments, where the lack of control over the tools seemed to be a […]
4 Challenges of Safety Critical Software Development
When someone’s life is in your hands, you are going to be very careful with it. That’s why the safety-critical software used in aviation systems, automotive, traffic signals, or medical devices has always relied on highly-structured software development methods like waterfall. With a heavy emphasis on design review and testing, these methods are naturally quite […]
Afraid of the new MDRs?
By Matteo Gubellini, Chief Regulatory Officer at SoftComply Who’s afraid of the MDRs and the new approach to risk management in the EU? Well, everyone! The new and scary regulations for medical devices in the European Union will be made effective towards the end of this month. Driven by the necessity of updating an old […]
What is a Risk/Benefit Analysis & How To Do It?
The Risk / Benefit analysis is one of the most misinterpreted areas of the Risk Management process. And consequently one of the preferred digging points for the Notified Bodies. The spirit of the regulations and standards is “the benefit provided by the use of the device must outweigh the associated risk”. That sounds simple doesn’t […]
Risk Management – part of a Quality Management System?
Risk Management is a key and mandatory part of a medical device development process. Unfortunately, Risk Management is often treated as merely an exercise required to achieve compliance rather than a tool to achieve an optimum design and to ensure the safety of the medical device. Let’s see how to get the best out of […]
What is FMEA and how is it different from Hazard Analysis?
From ISO 14971: “FMEA is a technique by which the consequences of an individual fault mode are systematically identified and evaluated. It is an inductive technique using the question “What happens if … ?”. Components are analysed one at a time, thus generally looking at a single-fault condition. This is done in a “bottom-up” mode, […]
What is Document Control? Automated vs Paper-Based?
Although this process can be extremely complicated and interlaced in large corporations, the requirements for Document Control are actually quite simple. Let’s give a look at them: ISO 13485:2016 – it’s all in two paragraphs, §4.2.4 and §4.2.5: (a) Documents must be approved, i.e. have signatures (electronic or handwritten); (b) If reviewed or modified, they […]
New Medical Devices Regulation & Risk Management
The revised Medical Devices Regulation (MDR) will change the regulatory environment of medical devices in Europe to a more stringent one. Compared to the MDD, the MDR promotes a life-cycle approach similar to what the US FDA and many international standards advocate. MDR highlights the importance of medical device risk management. Although risk management has […]
What is FMEA and when to use RPN?
Per ISO 14971, “Failure Mode and Effects Analysis (FMEA) and Failure Mode, Effects and Criticality Analysis (FMECA) are techniques by which an effect or consequences of individual components are systematically identified and is more appropriate as the design matures.” We won’t go into the details of the FMEA, but often we were asked to explain when (and […]
SoftComply Risk Manager for Atlassian JIRA Cloud users now available!
SoftComply is pleased to announce that the first add-on for product risk management for JIRA Cloud users has arrived. SoftComply Risk Manager is a fully customizable risk management tool allowing users to identify, manage, mitigate, verify, trace and report product risks. Developed specifically for the needs of safety-critical product risk management, SoftComply Risk Manager provides […]
SoftComply eQMS for Medical Device Companies has arrived!
SoftComply is pleased to announce SoftComply eQMS, the first Atlassian add-on addressing the needs of life-science, medtech and pharma companies has arrived. SoftComply eQMS: • fast-tracks the implementation of a compliant Quality Management System for medical device companies; • is comprehensively focussed on the EU and US based markets, and helps users fulfil their requirements […]
How I came to hate Excel & decided to develop an automated Risk Management tool for JIRA
Part II By Matteo Gubellini, VP of Regulatory Affairs at SoftComply* So you are looking for a Risk Management tool? Something easy to use, with good traceability features? There is plenty out in the market to pick from. All of them good tools, that tick all the boxes. I have been there several times, both […]
How I came to hate Excel & decided to develop an automated Risk Management tool for JIRA
Part I By Matteo Gubellini, VP of Regulatory Affairs of SoftComply* “Ok, let’s follow a few of these risk mitigation actions down to outputs and verification activities” says the auditor. Typical question. Actually there couldn’t be a more typical audit question. Traceability. We have been here dozens of times. And every time it’s the same […]
A Fully Customizable Quality Management System for Your Medical Device Company!
Numerous companies struggle to enter medical device domain due to strict regulatory requirements for medical device products. Similarly, large medical device manufacturers have a difficult time finding suppliers that are not only innovative but also compliant with the regulatory requirements of medical device domain at the same time. A Quality Management System (QMS) is a […]
Struggling with risk traceability in your safety critical product designs?
Coming up: the SoftComply Risk Manager! In most safety-critical product development projects, the product has to receive external agency approval and/or pass an audit prior to release to market. One of the aims of such an approval is to check whether the product is safe to use. In order to demonstrate this, it is usually […]
Medical Device Software – it’s CLASSIFIED!
By Marion Lepmets, CEO of SoftComply* & Tom Stamp, CEO of Blue Curve** Following our article from last week on “Is My Software a Medical Device” to those of you who are now convinced that your software is indeed a duck (see the original article), then you are probably wondering “How do I get it […]
What is Software as a Medical Device?
By Marion Lepmets, CEO of SoftComply* & Tom Stamp, CEO of Blue Curve** If it looks like a duck, swims like a duck, and quacks like a duck, then it’s probably a duck… or a medical device! Medical devices can be purely hardware based (eg stethoscopes), be composed of hardware and software (eg patient monitor) […]
Cloud-Based SaaS Tools & Software Validation Compliant with Medical Device Regulations
The continued rise in the use of cloud-based and SaaS (software as a service) tools adds further challenges to the already complex domain of medical device software development that needs to adhere to regulations. How can medical device software developers and healthcare providers benefit from cloud computing while being compliant with regulations that require full control over the software […]
An Overview of Medical Device Software Regulations – International Standards and FDA Guidance Documents
Medical Device Software Safety Safety is the central concern for medical device software development. Development of safe systems is rigorously supported by various regulatory requirements focusing on development process compliance. In other words, a strong emphasis is placed on regulatory oversight and device approval before market release to ensure proper verification and validation of these […]
Similarities and Conflicts Between Agile and Safety-Critical Software Developers
In the last two weeks, SoftComply went to the Atlassian Summit and to the Advamed Conference. Both, the software conference and the medical device conference were huge in their number of attendees as well as in the number of parallel sessions with interesting talks and wonderful networking opportunities. Yet, it would be hard to find […]
Is Europe More Innovative Than the US?
Europe has a more distributed approval system which has resulted in medical devices being approved and made available in Europe three to four years before these devices are approved in the US1. Even if Europe provides a faster route to market for medical device products, it has not affected their safety, i.e. there is […]
Building Medical Software Compliance on Atlassian Tools
What is Atlassian Summit? The biggest annual event of Atlassian will take place next week with hundreds of Atlassian users and developers descending to San Jose to listen to the success story of one of the fastest growing enterprise software technologies today. Their high-velocity distribution model drives an exceptional customer scale by making affordable products […]
Small, Innovative & Compliant: Innovation in Medical Device Domain comes from Small Companies!
A year ago, the panel of medical and academic experts at the US Policy Network’s annual meeting said that the fast-moving medical technology innovations are threatened by established interests and government regulations1 . The challenges of getting innovative medical device products out to market are subject to major regulatory audits that take a lot of […]
Building regulatory compliance into the software development life cycle
Safety is the central concern for medical device software development and the development of safe systems is rigorously supported by various regulatory requirements focusing on development process compliance. In other words, a strong emphasis is placed on regulatory oversight and device approval before market release to ensure proper verification and validation of these devices. Due […]
What is software risk management in safety-critical domains?
In the Medical Device market, safety is defined as freedom from unacceptable risk. Even regulatory agencies acknowledge that there is no such thing as a risk-free medical device. Medical device manufacturers have to aim for safer medical devices which, in turn, result in fewer device recalls. Risk Management is the process by which software risks […]
The worlds of software development and medical devices could not be further apart
Software development is agile, fast and innovative, while medical device development is often slow, reactive and change adverse. SoftComply has developed a set of tools which will help your company comply with the regulatory requirements with the minimum effort and get your innovative medical devices to market faster. Numerous software companies struggle to enter medical […]