The Medical Device industry is rapidly adopting technologies that enable communication and connectivity of health products and systems to improve both speed and quality of care as well as patient safety. The users (i.e. hospitals and others) are demanding an approach that will support interoperability among multiple independently sourced medical devices. Industry will require standardization to support such interoperability. Government and regulators, on behalf of the patients and in compliance with their mission to protect public health, as well as users and manufacturers require that such interoperability is safe. This complementary webinar will introduce the eHealth sector and applications, outline the challenges and risks inherent in connecting heterogeneous equipment into medical device systems, and provide insights to how manufacturers can demonstrate compliance with the rapidly changing regulatory landscape for interoperable medical devices.
This webinar was presented by UL eHealth experts on October 30, 2013.
13. Smart Grid – Even More Heterogeneity
http://energyinformative.org/wp-content/uploads/2012/01/smart-grid.jpg
Slide 13
14. Key Common Challenges for Systems Integrators
Understanding What Can Go Wrong
Lack of Clarity on Design Requirements and Needs
Inadequate Risk Controls
Time and Cost
Responsibility / Accountability (Who Owns the System?)
Slide 14
15. …can result in…
Mars Climate Orbiter
- Mismatched units
Ariane 5
Floating point value too large to be
represented by signed integer
Therac - 25
- “unlikely” sequence of keystrokes
- Integrated re-used sw into
incompatible hardware (no interlocks)
- Improper V&V – no pre-release
integration testing
http://50quidsoundboy.net/wp-content/uploads/2011/05/thumb-21367-radiation_therapy.jpg
Slide 15
16. So, Are There Medical Device and HIT Risks?
Acute Care
http://henican.com/2011
Telemedicine
http://www.telemedicineinsider.com/
Slide 16
17. A Growing “Ecosystem” of Healthcare Systems
http://www.cs.purdue.edu/homes/bertino/IIS-eHealth/images/ehealth_full.jpg
Slide 17
18. …connected via communications technology
creates the world of eHealth and mHealth
18
http://intpmcomms.com/wp-content/uploads/2010/08/iStock_000011296304XSmall1.jpg
19. “The Future” is Here
http://www.themarysue.com/wp-content/uploads/2012/01/tricorder-spock.jpg
Slide 19
20. Addressing Safety and Security
http://scholar.lib.vt.edu/ejournals/JOTS/v32/v32n1/images/mcquade1.jpg
Slide 20
21. Safety and Security Defined and Evolving
SAFETY: freedom from unacceptable risk [ISO 14971:
2007]
SAFETY: freedom from unacceptable RISK of physical
injury or damage to the health of people or damage to
property or the environment
[SOURCE: IEC 80001-1:2010, definition 2.30]
DATA AND SYSTEM SECURITY: an operational state of a
medical IT network in which information assets (data and
systems) are reasonably protected from degradation of
confidentiality, integrity, and availability. [IEC 80001-1:
2010]
Slide 21
22. FDA “Accessory Rule” – Avoiding Weak Links
From FDA Mobile Medical Application Draft Guidance:
“Accessories to classified devices take on the same classification as
the "parent" device. An accessory such as software that accepts
input from multiple devices usually takes on the classification of the
"parent" device with the highest risk, i.e., class.”; Final Rule, Medical
Devices, Medical Device Data Systems, 76 Fed. Reg. 8637, 86438644 (Feb. 15, 2011).
The Medical Device Data Systems (MDDS) Final Rule changes
this and allows for ease of innovation
Slide 22
23. Regulations Begin Considering the Risks
FDA Final Rule: MDDS – 15 Feb 2011
FCC Requirements for MBAN and FDA MOU – 24 May 2012
Draft Guidance for Home Use Devices – 12 Dec 2012
FDA Draft Guidance: Management of Cybersecurity – 14 June 2013
FDA Guidance: RF Wireless Technology…– 13 Aug 2013
FDA Final Rule: Unique Device Identification Final Rule – 24 Sept 2013
FDA Draft Guidance: Global UDI Database – 24 Sept 2013
FDA Guidance: Mobile Medical Applications – 25 Sept 2013
23
37. Do you test to support your safety claims?
Modified from: http://www.fda.gov/ucm/groups/fdagov-public/documents/image/ucm260345.jpg
38. Do you test to support your security claims?
Cryptographic Verification
))
))
)))
http://img.mit.edu/newsoffice/images/article_images/20110214123646-1.jpg
38
40. Assurance Cases Can Help Support Claims
https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/part/ImageData/data/Assurance_Cases_and_LifeCycle_Processes.png
Slide 40
41. Standards Can Help Guide Assurance Cases
Safety Standards
https://buildsecurityin.us-cert.gov/bsi/1051-BSI/version/default/part/ImageData/data/Assurance_Cases_and_LifeCycle_Processes.png
Slide 41
42. Standards for eHealth and mHealth Interoperability
Aug 6, 2013 FDA Recognized Consensus Standards Support Interoperability:
There are 25 new standards for interoperability grouped mainly into three categories:
1. Managing risk in a connected and networked environment;
2. Nomenclature, frameworks and medical device specific communications,
including system and software lifecycle process;
3. Cybersecurity standards from the industrial control systems arena that are
relevant to medical devices.
Coming soon:
AAMI / UL 2800 – interoperable medical device interface
safety
…and many more are here and coming…
Slide 42
43. UL Works Directly with Government Agencies
To Help Inform Health IT Policy
FDA Safety and Innovation Act (FDASIA WG)
43
http://www2.idexpertscorp.com/images/uploads/ehr.jpg
http://static.ddmcdn.com/gif/wireless-network-1a.jpg
http://www.commercialintegrator.com/images/
44. We Have The Technology…We Can Build It… Standards
and Regulations are Emerging…
Are You Prepared ???
http://www.securedgenetworks.com
IDEA
Managing innovation and regulatory change
Mobile Medical Applications
PRODUCT
&
SYSTEM
Hospital IT Equipment Providers
Wireless Medical Devices
44
45. Managing innovation during regulatory change
IDEA
PRODUCT
In the Development Cycle or Already in the Field
Technological
framework
UL
Safety
Framework
can be
your
partner
Comprehensive
Suite of Services
Regulatory
Framework
Safety
Framework
46. Thank You For Your Interest
How can UL help you?
More information – www.ul.com/eHealth
Email: Medical.Inquiry@ul.com
Mobile Medical Apps
Wireless Medical Devices
Hospital IT Infrastructure
Advisory services for medical
device classification,
training navigation of
regulations and submission
support,
•
Advisory services for
satisfying regulatory
guidance
•
•
Testing services using
international consensus
standards to support
regulatory compliance
claims:
Advisory services for
Medical Device Data
Systems (MDDS)
classification and
regulatory strategy
•
Testing / conformance to
global standards
(including recent FDA
recognized consensus
standards for
interoperability)
•
Advisory services for
medical device
classification, training,
and regulatory
submission support for
system integrators
Quality Management System
registration
Assessment to interoperability
standards
•
Coexistence
•
Performance
•
Security
•
Data integrity
EMC and wireless coexistence testing
•
Quality of service
(QoS)
Clinical & pre-clinical testing
and test planning
•
Continua Alliance
Testing
•
Safety / EMC
Usability advisory services,
testing, and certification
FDA Submission support
including pre-audit services
46