Center for Devices and Radiological Health U. S. Department of Health and Human Services Al Taylor Acting Chief, Medical Electronics Branch Office of Science.

Slides:

Advertisements

Similar presentations

Overview of FDA Device Regulations

Advertisements

Audit of IT Systems SARQA / DKG Scandinavian Conference, October 2002, Copenhagen Sue Gregory.

Introduction to Regulation

1 IS112 – Chapter 1 Notes Computer Organization and Programming Professor Catherine Dwyer Fall 2005.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

ISO 9001 Interpretation : Exclusions

Regulatory Body MODIFIED Day 8 – Lecture 3.

Opportunities for RAC Participation. Three Part discussion General presentation; Example of oil and gas decision making; and Panel Discussion of RAC involvement.

CDRH Software Regulation

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.

+ Medical Devices Approval Process. + Objectives Define a medical device Be familiar with the classification system for medical devices Understand the.

FDA Resources and Meetings FDA/EMA Orphan Designation and Grant Workshop Silver Spring, Maryland FDA Campus (White Oak) October 12, 2012 Bill Sutton Deputy.

Are you ready for a recall? Medical Device Regulatory, Reimbursement and Compliance Congress March 28, 2007 Willie R. Bryant, Jr. Consultant Stericycle,

CLINICAL ENGINEERING part(3) Dr. Dalia H. Elkamchouchi.

Center for Veterinary Medicine (CVM) RECALLS.  21 CFR 7.40 provides guidance on the policy, procedures, and industry responsibilities for recalls. 

ISM Workshop 1 Independent Oversight Perspectives Michael A. Kilpatrick Deputy Director Office of Security and Safety Performance Assurance.

What Makes a Good Medical Device Adverse Event Report?

Work product for review and discussion by the FDASIA Regulation Subgroup; May not reflect the subgroup’s views REGULATORY WEAKNESSES A report of the typist.

Patient Safety and Medical Devices Sonia Swayze, RN, MA, C and Suzanne Rich, RN, MA, CT.

Device Clinical Trials and More… Michael E. Marcarelli, PharmD Director, Division of Bioresearch Monitoring Office of Compliance Center for Devices and.

Roles and Responsibilities

Earmark Grants: Background Information and the Award Process.

2 Systems Architecture, Fifth Edition Chapter Goals Describe the activities of information systems professionals Describe the technical knowledge of computer.

Local Public Health System Assessment using the NPHPSP Local Instrument Essential Service 6 Enforce Laws and Regulations that Protect Health and Ensure.

Center for Devices and Radiological Health U. S. Department of Health and Human Services Surviving an FDA Audit Richard Chapman, FDA TwinSPIN University.

Steps for Success in EHR Planning Bill French, VP eHealth Strategies Wisconsin Office of Rural Health HIT Implementation Workshop Stevens Point, WI August.

Compliance with FDA Regulations: Collecting, Transmitting and Managing Clinical Information Dan C Pettus Senior Vice President iMetrikus, Inc.

Dr. Dalia H. Elkamchouchi CLINICAL ENGINEERING part(4)

“513(g)s” Requests for Information Lawrence “Jake” Romanell, RM (AAM) Office of Device Evaluation Center for Devices and Radiological Health.

Category #2 Bundling and Unbundling Workgroup September 24, 2007.

FleetBoston Financial HIPAA Privacy Compliance Agnes Bundy Scanlan Managing Director and Chief Privacy Officer FleetBoston Financial.

FDA Public Meeting on Electronic Records and Signatures June 11, 2004 Presentation of the Industry Coalition on 21CFR Part 11 Alan Goldhammer, PhD Chair.

The Culture of Healthcare Privacy, Confidentiality, and Security Lecture d This material (Comp2_Unit9d) was developed by Oregon Health and Science University,

Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Regulatory Authority.

IAEA International Atomic Energy Agency School of Drafting Regulations – November 2014 Government and Regulatory Body Functions and Responsibilities IAEA.

Rules for Supporting Part 803 and Part 806 Decision Making Page 1 Establishing Rules for: Medical Device Reports (803) & Correction and Removal Reports.

Staffing and training. Objectives To understand approaches to the development of strategies and policies for staffing of a Regulatory Authority including.

Center for Devices and Radiological Health U. S. Department of Health and Human Services Al Taylor Acting Chief, Medical Electronics Branch Office of Science.

National Public Health Performance Standards Local Assessment Instrument Essential Service:6 Enforce Laws and Regulations that Protect Health and Ensure.

Marianne M. Elliott Office of Research Integrity and Ethics Bureau of Medicine and Surgery U. S Navy.

1 Copyright © 2012 by Mosby, an imprint of Elsevier Inc. Copyright © 2008 by Mosby, Inc., an affiliate of Elsevier Inc. Chapter 39 The Advanced Practice.

The CDRH Software Message (October 19, 2002) John F Murray Jr.. Center for Devices & Radiological Health US Food and Drug Administration

Capacity Building for the implementation of the Cartagena Protocol on Biosafety by the German Development Co-operation: German Federal Ministry for Economic.

Management Information System In Healthcare

Organization and Implementation of a National Regulatory Program for the Control of Radiation Sources Program Performance Criteria.

All Hands Electronic Information Integrity Call White Paper An Introduction to the Current State of EMR – et.al. R. L. Chamberlain, Ph.D.

CLINICAL ENGINEER: PLACE, ROLE AND FUTURE CHALLENGES A Presentation To The 1 st Joint East African Scientific Conference (AMEK & UNAHME) By: Gordon A.

Global Clinical Engineering Success Stories Establishment of National Health Technology Management System for Public Hospitals Name: Bilal BECEREN Affiliation:

Chapter 1 Computer Technology: Your Need to Know

Planning for Succession

FDA's Two New Draft Guidance on Software and Device

Regulatory Control Training Workshop Regulatory Cooperation Forum

U.S. FDA Center for Devices and Radiological Health Update

FDA’s IDE Decisions and Communications

How to Put Together an IDE Application

FDA Perspective on Cardiovascular Device Development

Balancing Regulation and Innovation: An FDA Division of Cardiovascular Devices Perspective Bram Zuckerman, MD, FACC Director, FDA Division of Cardiovascular.

CDRH 2010 Strategic Priorities

Introduction of New Technology: An FDA Division of Cardiovascular Devices Perspective Bram Zuckerman, MD, FACC Director, FDA Division of Cardiovascular.

American Society for Quality Region 5 Quality Conference

Clinical Engineering Lecture (3).

Medical Device Regulatory Essentials: An FDA Division of Cardiovascular Devices Perspective Bram Zuckerman, MD, FACC Director, FDA Division of Cardiovascular.

FDA-CDRH in the Next Decade A Vision for Change

HOW TO FULFILL STATUTORY REQUIREMENTS ON PRODUCT RELATED HEALTH INFORMATION Samina Qureshi, M.D. PSI INTERNATIONAL Inc.

OHS Staff Introduction Training

FDA Resources and Meetings

יוסי שדמתי רק איכות מניהול סיכונים לאימות ותיקוף תהליכי הרכבה From Risk Management to Processes Validation יוסי.

Linda M. Chatwin, Esq. RAC Business Manager, UL LLC

Tobey Clark, Director*, Burlington USA

Internal Control Internal control is the process designed and affected by owners, management, and other personnel. It is implemented to address business.

Presentation transcript:

Center for Devices and Radiological Health U. S. Department of Health and Human Services Al Taylor Acting Chief, Medical Electronics Branch Office of Science and Technology February 24, 2004 FDA Regulatory Perspectives Presented to the Philadelphia Area Medical Instrumentation Association

Center for Devices and Radiological Health 2 Who am I? Alford R. Taylor, Jr. Acting Chief, Medical Electronics Branch Division of Electronics and Computer Science Office of Science and Technology Twinbrook Pkwy HFZ-141 Rockville MD (301) x147 Assistance is also available from the Division of Small Manufacturers, International and Consumer Assistance, You don’t have to be a manufacturer or consumer to avail yourself of their service!

Center for Devices and Radiological Health 3 The burning question… Q.Is FDA policy degrading network security and performance by impeding the timely implementation of security and other maintenance patches in commercial off-the-shelf (COTS) software used in network connected medical devices? A.No. But there seems to be some confusion over what is required, and mistaken interpretations of FDA policy (and the law) may be contributing to the problem.

Center for Devices and Radiological Health 4 What we know…  Viruses in medical device software have already caused major disruptions to clinical information systems.  Unspecified manufacturers have reportedly told hospital IT staff that they can’t install security patches “because of FDA rules.”

Center for Devices and Radiological Health 5 … and how we know it  Very few formal complaints have been received from hospitals. Almost all our information is anecdotal.  In some cases, clinical IT staff aren’t plugged in to either the FDA or their own institution’s biomedical engineering department. Therefore be it resolved that  FDA needs to do some outreach to the clinical IT community, and  the biomedical engineering staff has to do the same within their hospital or clinical center.

Center for Devices and Radiological Health 6 Who actually owns the problem? Medical Device Security Healthcare IT Administrators Medical Device Manufacturers IT Infrastructure Vendors

Center for Devices and Radiological Health 7 Coming together to solve the problem? This?

Center for Devices and Radiological Health 8 Coming together to solve the problem…. Or this?

Center for Devices and Radiological Health 9 Coming together to solve the problem…. And, lest we forget—at some point, we need to stop talking and start implementing.

Center for Devices and Radiological Health 10 Who actually owns the problem? Medical Device Security Healthcare IT Administrators Medical Device Manufacturers IT Infrastructure Vendors

Center for Devices and Radiological Health 11 What is really required…  FDA requirements are aimed almost exclusively at the medical device manufacturer  Not the commercial software vendor  Not the user or clinical facility 1 1 Clinical centers are required to report safety problems to FDA. Biomedical engineering organizations are generally cognizant of this requirement, but apparently, some clinical IT departments are unfamiliar with their regulatory role. See

Center for Devices and Radiological Health 12 Rules applicable to software maintenance patches  Per the quality system regulation, 21 CFR (g), design changes must be validated when the change cannot be verified by subsequent inspection and test.  Per 21 CFR (a)(3), a change or modification in the device that could significantly affect the safety or effectiveness of the device requires a premarket submission.

Center for Devices and Radiological Health 13 Let’s take those in reverse order… A new premarket submission is needed if 1 :  The proposed design change (i.e, the patch) affects the indications for use; or  Clinical data are necessary to evaluate safety and effectiveness of the change, or  Evaluation of the change raises new issues of safety and effectiveness. In other words, rarely. 1 CDRH Guidance Document, “Deciding When to Submit a 510(k) for a Change to an Existing Device,” Jan. 10, 1997

Center for Devices and Radiological Health 14 Design changes must be verified and/or validated This seems to be the sticking point for most.  Proposed changes must be assessed in accordance with a documented change control process.  Evaluations of proposed changes—i.e., decisions and their rationales—should be documented.  People making decisions should be competent.

Center for Devices and Radiological Health 15 A maintenance plan is the practical solution  The manufacturer can fulfill their legal obligation by developing a maintenance plan for the COTS software in their device.  The maintenance plan should be described in the premarket submission.  The plan may delegate authority for carrying out aspects of the plan to some combination of  The user facility  The manufacturer  The COTS vendor  A third party  Recurring cost of maintenance should be addressed.

Center for Devices and Radiological Health 16 Essential elements of the plan  Mechanism for timely notification of corrective actions from the COTS vendor  Competent evaluation of problem reports and patches, and documented decisions regarding corrective actions  Configuration management system in place for implementing patches  Tech support from the medical device manufacturer and/or COTS vendor available when needed