This intensive four-day course provides a comprehensive appraisal of the regulations and requirements that apply to medical device software worldwide. The programme will be highly interactive, using real-life examples and state-of-the-art practices identified by Notified Bodies in Europe. There will be in-depth coverage on how to prepare compliant technical file documentation for medical device software products and a review of software specification, risk management, architectures, usability and resulting design documentation. Presentations will also offer practical tips on how to streamline the development process and provide an understanding of the regulatory requirements and how Notified Bodies review technical files.
There will be sessions on the practical implication of risk management and usability and an analysis of the differences between FDA guidance and MDR guidance on medical device software. Software recalls, the use of apps in medical devices, the implications of the new draft usability standard, and advice on how to validate your system design will also be addressed.
This course is part of our Regulatory Affairs Training course collection, which features updates on the latest regulations to registration procedures and strategies.
Why you should attend
- Learn how to qualify and classify software in Europe and the rest of the world
- Get in-depth understanding of the interpretations of MDR Classification Rules 10, 11, 12, 13, 15 and 22
- Understand the implications of the MDR and US Code of Federal Regulations for software
- Gain regulatory guidance on mobile apps, software as a service, cloud computing, artificial intelligence and continuous learning software
- Learn how to write 510(k) and technical files
- Get a practical understanding of quality management, design control and how it applies to agile software development
- Hear the best practices on cyber security, risk management, usability and validation
- Learn the principles of clinical evaluations for software as a medical device
- Gain an insight into state-of-the-art standards applicable to software
Certifications
- CPD: 24 hours for your records
- Certificate of completion
Agenda
Day 1
Introduction to the regulations
Software qualification - is it a medical device or not?
- Medical device definitions
- In-vitro diagnostic software
- Multi-functionality software
- Cloud computing and software as a service
- Intended purpose
- Excluded functionality
- Borderline with lifestyle and fitness software
- Borderline with pharmaceuticals, combination products
- Companion diagnostics, medication management and adherence apps
- Population health and educational software
- Resource and workflow management vs clinical decision support software
- Clinical decision software
Considerations for placement on the market
- International comparisons-qualification differences (US, Canada, Brazi,…)
- Pitfalls with the interpretation of the IMDRF SaMD risk framework
- Pros and cons of the modular approach
- software platforms
- Software accessories, systems components
- Legal status of wearables
Case studies - qualification
Day 2
Software classification
- Implementing rules
- Software that drives or influences the use of a (hardware) medical
- device
- Classification rules, including classification rule 11
- IMDRF SaMD risk type determination
Case studies - classification
MDR in a nutshell with software considerations
- Go to market process
- Engaging with a Notified Body
- Controlling software suppliers and subcontractors
- UDI number
- EUDAMED
- Declaration of Conformity
- Person responsible for regulatory compliance
- Software traceability
- Distributors, importers, authorised representatives and their liability
- App stores and digital distribution platforms
- Software recalls
- Unannounced Notified Body audits
- Service updates, upgrades and other changes
Case study: a great idea!
Safety and performance requirements for software
- Harmonised standards
- Common specifications
- GSPR checklist
- Software labelling
- IT environment and mobile platforms
- Repeatability and reliability of machine learning software
- Software labeling
- Instructions for use
Practical construction of a technical file
- Content
- Example
Placing medical device software on the US market
- US Code of Federal Regulations and its' implications for software
- 510(k) process
- FDA Guidances specific for software
- FDA expectations for machine learning software
Practical construction of a 510(k)
International go-to-market considerations
- Challenges faced for app developers to have their app taken up in care pathways
- Quality and reliability of health and wellness apps
- Evolving policy and reimbursement landscapes for digital health technologies
- Quality and reliability of health and wellness apps
Day 3
Controlled design of health software
- Software development models
- Symptoms and root causes of poor design control
- Waterfall vs Agile, iterative and spiral
- Principles of good design control
- Stage-gated model
- Design activities
- Project management
- Development planning
- Change management
- Requirements management
- Architecture & design
- Development
- Configuration management
- Verification & validation
- Defect management
- Design reviews
- Software development standards
- IEC 62304 software life-cycle management
- IEC 82304-1 general requirements for product safety
- Outsourcing
- Management of software suppliers
- Critical suppliers
- Software platforms and plugins
- Use of open source software
- Legacy software
Software usability
- Managing the human element of risk
- Designing for happiness
- Terminology, roles and responsibilities
- Use Experience Design (UXD)
- Process and techniques
- Formative evaluation
- User observations
- Walkthroughs
- Heuristic review
- Key-stroke level model
- Summative evaluation
- Product reaction cards / word association
- Single Ease Question (SEQ)
- System Usability Score (SUS)
- Interface with risk management
- Regulatory requirements and standards
- EU MDR/IVDR requirements
- USA FDA requirements
- IEC 62366-1, etc.
- Usability guides
Safety risk management - ISO 14971
- Process, terminology, roles
- Risk Identification Methodologies
- Checklists
- Grey box
- Hazard and Operability Analysis (HAZOP)
- Failure Modes and Effects Anaylsis (FMEA)
- Fault Tree Analysis (FTE)
- Risk Control
- Inherently safe design
- Preventive measures
- Corrective measures
- Mitigations
- Safety notices
- Disclosures of residual risk
- Risk control strategies
- Risk assessment and evaluation
- IMDRF terminology
- Determining severity and probability of harm
- Determining if a risk is acceptable
- Benefit-risk assessment
- Deliverables
- Other risk management aspects
- Risk management throughout the product life-cycle
- Risk management of ESCs, SOUPs, COTS and platforms
- Risk perception and communication
Day 4
Clinical evaluations
- Definitions, purpose, deliverables
- Process and key characteristics
- Selecting data sources
- Defining a scope and a sufficient level of clinical evidence for medical device software
- Role of validation and usability
- Considerations for artificial intelligence and continuous learning software
Development of a literature review protocol
- Selecting databases and conducting searches
- Defining search strategy
Case studies - clinical evaluation of medical device software
Clinical investigations and performance studies
- General principles of clinical investigations
- When is a clinical investigation needed for medical device software
- Selecting appropriate study design
- Application of standards
- Clinical performance studies
- Generating evidence of effectiveness
- Challenges of health trials
- Reporting
- Regulatory and ethical considerations
Post-Market Surveillance and Post-Market Clinical Follow up
- Post-market regulatory requirements
- Components of an effective PMS
- Process interface with CAPA, NC, vigilance, service, periodic safety updates, trend reporting
- Implementation of Post Market Clinical Follow-up for medical device software
- Real-World Evidence
- Successfully bringing together Risk Management, Clinical Evaluation and Post Market Surveillance to streamline ways of working
Speakers
Mr Koen Cobbaert,
Agfa HealthCare ,
QARA ManagerKoen Cobbaert is chair of COCIR’s software task force. He is one of the authors of the first edition of MEDDEV 2.1/6 on standalone software and the FAQ on 62304:2006.
In his day to day job he works for Agfa Healthcare as regulatory affairs and quality assurance professional in the development of software applications for use in the fields of general radiology, nuclear medicine, cardiology and orthopaedics.
He has a masters in electrical engineering and risk management and manages Agfa’s product safety risk management process.
Who Should Attend
- Senior management and project leaders
- Software product managers, researchers, developers and clinical experts
- Software development process managers
- IT managers and integrators
- Internal and external auditors and/or consultants
- Regulatory affairs professionals
- Quality system and quality assurance personnel
- Technical and medical writers
- GUI designers